C2 Beacon Activity
Medium
Open
ALR-00303 · 2026-07-08T06:41:52Z
Description
Suspected C2 beacon detected from SRV-APP-01. Regular 60-second interval HTTPS POST to suspicious domain. Firewall blocked outbound.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
06:41:52
Event ingested by SOC365 Engine
06:41:55
EmilyAI triage started — correlation enrichment
06:41:58
EmilyAI confidence: 97% — escalated to human analyst
06:42:24
Alert assigned to analyst: Emma Richardson
06:42:59
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00414 | 1h ago | C2 Beacon Activity | Medium | Resolved | SRV-BACKUP-01 |
| ALR-00339 | 12h ago | C2 Beacon Activity | Medium | False Positive | WS-LAP-011 |
| ALR-00035 | 17h ago | Lateral Movement Detected | Medium | Investigating | SRV-APP-01 |
| ALR-00063 | 23h ago | Failed MFA Challenge | Medium | Open | SRV-APP-01 |
| ALR-00447 | 1d ago | C2 Beacon Activity | Informational | Resolved | WS-PC-001 |