DLP Policy Violation
Informational
Investigating
ALR-00437 · 2026-07-09T16:32:23Z
Description
DLP policy violation: user 'm.taylor' attempted to email 3 files classified as 'Confidential' to external address from WS-LAP-011.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
16:32:23
Event ingested by SOC365 Engine
16:32:25
EmilyAI triage started — correlation enrichment
16:32:38
EmilyAI confidence: 88% — escalated to human analyst
16:32:48
Alert assigned to analyst: EmilyAI (auto)
16:33:22
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00101 | 50m ago | Suspicious Scheduled Task | Medium | False Positive | WS-LAP-011 |
| ALR-00124 | 1h ago | Brute Force SSH | Informational | False Positive | WS-LAP-011 |
| ALR-00412 | 7h ago | Failed MFA Challenge | Medium | Investigating | WS-LAP-011 |
| ALR-00107 | 9h ago | DLP Policy Violation | Low | Escalated | SRV-FILE-01 |
| ALR-00477 | 9h ago | DLP Policy Violation | Low | Resolved | SRV-SQL-01 |