Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 15:20:18 UTC

Certificate Anomaly

Low Investigating
ALR-00461 · 2026-04-08T20:13:09Z

Description

TLS certificate anomaly detected on FW-EDGE-01. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00461
Timestamp
2026-04-08T20:13:09Z
Severity
Low
Status
Investigating
Detection Source
Network IDS
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
FW-EDGE-01
User Account
p.thomas
Source IP
194.40.62.65
Destination IP
10.0.115.53
Origin Country
GB United Kingdom

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

20:13:09 Event ingested by SOC365 Engine
20:13:13 EmilyAI triage started — correlation enrichment
20:13:17 EmilyAI confidence: 88% — escalated to human analyst
20:13:53 Alert assigned to analyst: EmilyAI (auto)
20:15:03 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00114 2h ago Certificate Anomaly Medium Investigating WS-LAP-011
ALR-00480 4h ago Credential Stuffing Attempt Medium Investigating FW-EDGE-01
ALR-00246 9h ago DLP Policy Violation Low Investigating FW-EDGE-01
ALR-00413 14h ago Shadow IT Discovery Medium False Positive FW-EDGE-01
ALR-00265 14h ago Certificate Anomaly Low Escalated SRV-BACKUP-01