Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:10:18 UTC

Port Scan Detected

Informational Investigating
ALR-00315 · 2026-05-27T06:30:35Z

Description

Sequential port scan (1-1024) detected targeting WS-LAP-012 from external IP. Email Gateway identified SYN scan pattern.

Alert Metadata

Alert ID
ALR-00315
Timestamp
2026-05-27T06:30:35Z
Severity
Informational
Status
Investigating
Detection Source
Email Gateway
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-LAP-012
User Account
j.smith
Source IP
194.213.62.146
Destination IP
10.3.251.203
Origin Country
VN Vietnam

MITRE ATT&CK Mapping

Tactic
Reconnaissance
Technique
T1046
Reference
attack.mitre.org/techniques/T1046

Investigation Timeline

06:30:35 Event ingested by SOC365 Engine
06:30:40 EmilyAI triage started — correlation enrichment
06:30:44 EmilyAI confidence: 88% — escalated to human analyst
06:31:14 Alert assigned to analyst: EmilyAI (auto)
06:33:29 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00332 30m ago Credential Stuffing Attempt Informational Investigating WS-LAP-012
ALR-00240 17h ago Port Scan Detected Low Resolved SW-CORE-01
ALR-00311 18h ago Shadow IT Discovery Medium Resolved WS-LAP-012
ALR-00033 22h ago Port Scan Detected Medium Investigating WS-PC-001
ALR-00472 1d ago Ransomware Behaviour Detected High Investigating WS-LAP-012