Port Scan Detected
Informational
Open
ALR-00414 · 2026-07-09T19:52:51Z
Description
Sequential port scan (1-1024) detected targeting SRV-FILE-01 from external IP. Email Gateway identified SYN scan pattern.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
19:52:51
Event ingested by SOC365 Engine
19:52:56
EmilyAI triage started — correlation enrichment
19:52:57
EmilyAI confidence: 78% — escalated to human analyst
19:53:33
Alert assigned to analyst: EmilyAI (auto)
19:54:32
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00055 | 6h ago | DLP Policy Violation | High | Open | SRV-FILE-01 |
| ALR-00059 | 7h ago | Unauthorised USB Device | High | Investigating | SRV-FILE-01 |
| ALR-00323 | 12h ago | Rogue DHCP Server | Low | Investigating | SRV-FILE-01 |
| ALR-00024 | 14h ago | C2 Beacon Activity | Critical | Investigating | SRV-FILE-01 |
| ALR-00242 | 14h ago | Ransomware Behaviour Detected | Low | Investigating | SRV-FILE-01 |