Certificate Anomaly
Low
Open
ALR-00338 · 2026-07-08T03:15:10Z
Description
TLS certificate anomaly detected on WS-LAP-010. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
03:15:10
Event ingested by SOC365 Engine
03:15:11
EmilyAI triage started — correlation enrichment
03:15:17
EmilyAI confidence: 80% — escalated to human analyst
03:15:47
Alert assigned to analyst: EmilyAI (auto)
03:18:09
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00244 | 41m ago | Ransomware Behaviour Detected | High | Investigating | WS-LAP-010 |
| ALR-00159 | 4h ago | Suspicious PowerShell Execution | High | Investigating | WS-LAP-010 |
| ALR-00456 | 6h ago | Certificate Anomaly | Informational | Open | WS-PC-006 |
| ALR-00423 | 13h ago | Kerberoasting Attempt | Informational | Open | WS-LAP-010 |
| ALR-00343 | 20h ago | Certificate Anomaly | Low | Investigating | WS-PC-002 |