Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:07:29 UTC

Certificate Anomaly

Low Escalated
ALR-00359 · 2026-05-25T20:57:22Z

Description

TLS certificate anomaly detected on WS-PC-002. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00359
Timestamp
2026-05-25T20:57:22Z
Severity
Low
Status
Escalated
Detection Source
EmilyAI Triage
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-PC-002
User Account
p.thomas
Source IP
194.47.62.113
Destination IP
10.3.188.79
Origin Country
DE Germany

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

20:57:22 Event ingested by SOC365 Engine
20:57:24 EmilyAI triage started — correlation enrichment
20:57:37 EmilyAI confidence: 78% — escalated to human analyst
20:58:03 Alert assigned to analyst: EmilyAI (auto)
20:58:37 Investigation started — querying SIEM and threat intelligence
21:02:27 Containment action taken — endpoint isolated
21:09:59 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00430 12h ago Certificate Anomaly Critical Escalated FW-EDGE-01
ALR-00077 13h ago Certificate Anomaly Low Resolved WS-PC-006
ALR-00104 13h ago Certificate Anomaly Medium Resolved SRV-WEB-01
ALR-00478 16h ago Certificate Anomaly Medium Resolved SRV-MAIL-01
ALR-00370 18h ago Certificate Anomaly Informational Resolved AP-WIFI-03