Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:08:21 UTC

Certificate Anomaly

Medium Open
ALR-00455 · 2026-05-22T08:14:14Z

Description

TLS certificate anomaly detected on AP-WIFI-03. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00455
Timestamp
2026-05-22T08:14:14Z
Severity
Medium
Status
Open
Detection Source
Firewall
Assigned Analyst
James Okonkwo

Endpoint Information

Hostname
AP-WIFI-03
User Account
p.thomas
Source IP
185.37.220.3
Destination IP
10.2.96.20
Origin Country
DE Germany

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

08:14:14 Event ingested by SOC365 Engine
08:14:15 EmilyAI triage started — correlation enrichment
08:14:28 EmilyAI confidence: 79% — escalated to human analyst
08:14:52 Alert assigned to analyst: James Okonkwo
08:15:13 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00066 4h ago Certificate Anomaly Low Escalated SRV-BACKUP-01
ALR-00178 6h ago Kerberoasting Attempt Medium False Positive AP-WIFI-03
ALR-00159 9h ago Certificate Anomaly High Open WS-LAP-011
ALR-00013 11h ago Brute Force SSH Low Escalated AP-WIFI-03
ALR-00238 12h ago Suspicious Scheduled Task Low Resolved AP-WIFI-03