Unusual Outbound Traffic
Low
Resolved
ALR-00449 · 2026-07-05T20:49:45Z
Description
Unusual outbound traffic pattern from WS-LAP-012 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by DLP Module.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
20:49:45
Event ingested by SOC365 Engine
20:49:50
EmilyAI triage started — correlation enrichment
20:49:58
EmilyAI confidence: 89% — escalated to human analyst
20:50:23
Alert assigned to analyst: EmilyAI (auto)
20:52:31
Investigation started — querying SIEM and threat intelligence
20:56:07
Containment action taken — endpoint isolated
21:09:04
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00412 | 2h ago | Credential Stuffing Attempt | Informational | False Positive | WS-LAP-012 |
| ALR-00369 | 4h ago | Privilege Escalation Attempt | Informational | Investigating | WS-LAP-012 |
| ALR-00073 | 6h ago | Suspicious Scheduled Task | Low | Resolved | WS-LAP-012 |
| ALR-00054 | 14h ago | DecoyPulse Honeypot Triggered | Informational | Open | WS-LAP-012 |
| ALR-00131 | 17h ago | Unusual Outbound Traffic | Informational | Open | SRV-APP-01 |