Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 16:54:29 UTC

Phishing Email Blocked

Medium Resolved
ALR-00307 · 2026-04-12T02:22:58Z

Description

Phishing email targeting 'f.hall@company.co.uk' blocked by DecoyPulse. Payload: credential harvesting link mimicking Microsoft 365 login.

Alert Metadata

Alert ID
ALR-00307
Timestamp
2026-04-12T02:22:58Z
Severity
Medium
Status
Resolved
Detection Source
DecoyPulse
Assigned Analyst
Anika Patel

Endpoint Information

Hostname
WS-PC-003
User Account
f.hall
Source IP
45.194.148.105
Destination IP
10.3.79.192
Origin Country
UA Ukraine

MITRE ATT&CK Mapping

Tactic
Initial Access
Technique
T1566.001
Reference
attack.mitre.org/techniques/T1566.001

Investigation Timeline

02:22:58 Event ingested by SOC365 Engine
02:23:00 EmilyAI triage started — correlation enrichment
02:23:12 EmilyAI confidence: 79% — escalated to human analyst
02:23:34 Alert assigned to analyst: Anika Patel
02:25:15 Investigation started — querying SIEM and threat intelligence
02:26:59 Containment action taken — endpoint isolated
02:33:47 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00258 2h ago Phishing Email Blocked Informational Open AP-WIFI-03
ALR-00465 5h ago Phishing Email Blocked Low False Positive SRV-MAIL-01
ALR-00017 13h ago Phishing Email Blocked Informational Resolved SRV-DC-01
ALR-00114 1d ago Phishing Email Blocked High Escalated SRV-BACKUP-01
ALR-00087 1d ago Kerberoasting Attempt Low Investigating WS-PC-003