Credential Stuffing Attempt
Low
Escalated
ALR-00375 · 2026-07-07T13:05:03Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Firewall.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
13:05:03
Event ingested by SOC365 Engine
13:05:07
EmilyAI triage started — correlation enrichment
13:05:08
EmilyAI confidence: 82% — escalated to human analyst
13:05:18
Alert assigned to analyst: EmilyAI (auto)
13:06:28
Investigation started — querying SIEM and threat intelligence
13:12:17
Containment action taken — endpoint isolated
13:18:08
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00462 | 7h ago | Insider Threat Indicator | Medium | False Positive | VM-DEV-01 |
| ALR-00410 | 13h ago | Rogue DHCP Server | Informational | Escalated | VM-DEV-01 |
| ALR-00235 | 18h ago | Certificate Anomaly | Low | False Positive | VM-DEV-01 |
| ALR-00177 | 1d ago | Privilege Escalation Attempt | Medium | Open | VM-DEV-01 |
| ALR-00095 | 1d ago | Credential Stuffing Attempt | Medium | Open | SRV-DC-01 |