Unusual Outbound Traffic
High
Investigating
ALR-00441 · 2026-07-10T01:28:16Z
Description
Unusual outbound traffic pattern from WS-LAP-010 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Cloud Connector.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
01:28:16
Event ingested by SOC365 Engine
01:28:20
EmilyAI triage started — correlation enrichment
01:28:24
EmilyAI confidence: 83% — escalated to human analyst
01:28:41
Alert assigned to analyst: Emma Richardson
01:30:07
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00181 | 2h ago | Unusual Outbound Traffic | Medium | Open | WS-PC-001 |
| ALR-00347 | 9h ago | Pass-the-Hash Detected | Medium | Escalated | WS-LAP-010 |
| ALR-00409 | 13h ago | Unusual Outbound Traffic | Informational | Investigating | WS-PC-004 |
| ALR-00191 | 1d ago | Unusual Outbound Traffic | Low | False Positive | SRV-BACKUP-01 |
| ALR-00308 | 1d ago | Failed MFA Challenge | Low | False Positive | WS-LAP-010 |