Credential Stuffing Attempt
Low
Escalated
ALR-00417 · 2026-07-09T21:03:38Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Firewall.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
21:03:38
Event ingested by SOC365 Engine
21:03:39
EmilyAI triage started — correlation enrichment
21:03:53
EmilyAI confidence: 83% — escalated to human analyst
21:04:04
Alert assigned to analyst: EmilyAI (auto)
21:06:32
Investigation started — querying SIEM and threat intelligence
21:13:30
Containment action taken — endpoint isolated
21:20:04
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00119 | 54m ago | Credential Stuffing Attempt | Informational | Escalated | WS-LAP-011 |
| ALR-00078 | 4h ago | Credential Stuffing Attempt | Informational | Escalated | SRV-MAIL-01 |
| ALR-00223 | 12h ago | Credential Stuffing Attempt | Informational | Escalated | SRV-APP-01 |
| ALR-00366 | 16h ago | Credential Stuffing Attempt | Low | Escalated | VM-DEV-01 |
| ALR-00384 | 17h ago | Kerberoasting Attempt | High | Escalated | WS-PC-003 |