Shadow IT Discovery
Medium
Investigating
ALR-00432 · 2026-07-07T09:59:55Z
Description
EmilyAI Triage discovered unauthorised SaaS application (file sharing) used by 'm.taylor'. 14GB of company data synced to unapproved cloud storage.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
09:59:55
Event ingested by SOC365 Engine
09:59:57
EmilyAI triage started — correlation enrichment
10:00:01
EmilyAI confidence: 94% — escalated to human analyst
10:00:23
Alert assigned to analyst: James Okonkwo
10:02:10
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00257 | 5h ago | Shadow IT Discovery | Low | Escalated | SRV-SQL-01 |
| ALR-00297 | 11h ago | DLP Policy Violation | Medium | Resolved | VM-DEV-01 |
| ALR-00076 | 12h ago | Shadow IT Discovery | Medium | Open | WS-MAC-005 |
| ALR-00166 | 23h ago | Unusual Outbound Traffic | High | Investigating | VM-DEV-01 |
| ALR-00132 | 1d ago | Shadow IT Discovery | Informational | False Positive | SRV-DC-01 |