Credential Stuffing Attempt
Medium
Escalated
ALR-00462 · 2026-07-08T23:20:12Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by DLP Module.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
23:20:12
Event ingested by SOC365 Engine
23:20:15
EmilyAI triage started — correlation enrichment
23:20:18
EmilyAI confidence: 86% — escalated to human analyst
23:20:52
Alert assigned to analyst: Sarah Chen
23:21:32
Investigation started — querying SIEM and threat intelligence
23:23:31
Containment action taken — endpoint isolated
23:39:21
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00094 | 5h ago | Unauthorised USB Device | Medium | Escalated | SW-CORE-01 |
| ALR-00464 | 8h ago | Credential Stuffing Attempt | Medium | Escalated | SRV-DC-01 |
| ALR-00070 | 13h ago | Malware Signature Match | Medium | False Positive | SW-CORE-01 |
| ALR-00376 | 16h ago | Shadow IT Discovery | Medium | False Positive | SW-CORE-01 |
| ALR-00125 | 17h ago | Credential Stuffing Attempt | Low | Investigating | WS-MAC-005 |