Unusual Outbound Traffic
Informational
Escalated
ALR-00450 · 2026-07-07T03:22:51Z
Description
Unusual outbound traffic pattern from FW-EDGE-01 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Email Gateway.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
03:22:51
Event ingested by SOC365 Engine
03:22:53
EmilyAI triage started — correlation enrichment
03:23:03
EmilyAI confidence: 83% — escalated to human analyst
03:23:12
Alert assigned to analyst: EmilyAI (auto)
03:25:15
Investigation started — querying SIEM and threat intelligence
03:28:51
Containment action taken — endpoint isolated
03:41:32
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00075 | 7h ago | Unusual Outbound Traffic | Low | Investigating | WS-PC-006 |
| ALR-00373 | 10h ago | Certificate Anomaly | Medium | Open | FW-EDGE-01 |
| ALR-00038 | 13h ago | Suspicious Scheduled Task | Informational | Open | FW-EDGE-01 |
| ALR-00484 | 14h ago | Unusual Outbound Traffic | Medium | Investigating | WS-LAP-011 |
| ALR-00322 | 19h ago | Shadow IT Discovery | Low | Escalated | FW-EDGE-01 |