All Alerts
100 alerts
| ID | Timestamp | Alert Type | Severity | Status | Source | Hostname | User | Origin | Analyst | MITRE |
|---|---|---|---|---|---|---|---|---|---|---|
| ALR-00033 | 5h ago | Lateral Movement Detected | Low | Escalated | Cloud Connector | SRV-WEB-01 | m.taylor | RU Russia | EmilyAI (auto) | T1021.002 |
| ALR-00092 | 6h ago | Certificate Anomaly | Medium | Investigating | DecoyPulse | WS-PC-001 | h.roberts | BR Brazil | James Okonkwo | T1553.004 |
| ALR-00018 | 6h ago | DecoyPulse Honeypot Triggered | Informational | Escalated | SOC365 Engine | SRV-BACKUP-01 | a.wilson | NL Netherlands | EmilyAI (auto) | T1018 |
| ALR-00030 | 6h ago | C2 Beacon Activity | Informational | Escalated | Firewall | AP-WIFI-03 | s.jones | FR France | EmilyAI (auto) | T1071.001 |
| ALR-00025 | 7h ago | Anomalous DNS Query | Informational | Open | Cloud Connector | SRV-APP-01 | system | US United States | EmilyAI (auto) | T1568.002 |
| ALR-00043 | 8h ago | Ransomware Behaviour Detected | Low | Investigating | SOC365 Engine | SRV-BACKUP-01 | l.johnson | US United States | EmilyAI (auto) | T1486 |
| ALR-00047 | 15h ago | Ransomware Behaviour Detected | Medium | False Positive | Firewall | WS-PC-004 | r.davies | VN Vietnam | Sarah Chen | T1486 |
| ALR-00082 | 15h ago | Anomalous DNS Query | Medium | Open | Firewall | SRV-SQL-01 | j.smith | CN China | Anika Patel | T1568.002 |
| ALR-00023 | 19h ago | Credential Stuffing Attempt | Medium | False Positive | EmilyAI Triage | VM-DEV-01 | p.thomas | FR France | Sarah Chen | T1110.004 |
| ALR-00008 | 19h ago | Unusual Outbound Traffic | Low | False Positive | Email Gateway | SRV-SQL-01 | h.roberts | IR Iran | EmilyAI (auto) | T1041 |
| ALR-00038 | 20h ago | Unusual Outbound Traffic | Medium | Escalated | Dark Web Monitor | WS-PC-002 | s.jones | VN Vietnam | James Okonkwo | T1041 |
| ALR-00079 | 23h ago | Certificate Anomaly | Informational | False Positive | DLP Module | SRV-DC-01 | d.walker | CN China | EmilyAI (auto) | T1553.004 |
| ALR-00037 | 1d ago | Anomalous DNS Query | Low | Investigating | SOC365 Engine | FW-EDGE-01 | c.williams | NL Netherlands | EmilyAI (auto) | T1568.002 |
| ALR-00046 | 1d ago | Unauthorised USB Device | Low | Escalated | Attack Surface Scanner | SRV-APP-01 | s.jones | UA Ukraine | EmilyAI (auto) | T1091 |
| ALR-00076 | 1d ago | Unusual Outbound Traffic | Low | False Positive | Firewall | WS-PC-004 | d.walker | RO Romania | EmilyAI (auto) | T1041 |
| ALR-00067 | 1d ago | Lateral Movement Detected | High | Open | Email Gateway | WS-LAP-011 | p.thomas | KP North Korea | Marcus Webb | T1021.002 |
| ALR-00083 | 1d ago | Credential Stuffing Attempt | Informational | Open | SOC365 Engine | WS-MAC-005 | d.walker | DE Germany | EmilyAI (auto) | T1110.004 |
| ALR-00064 | 1d ago | Failed MFA Challenge | Low | Escalated | SOC365 Engine | WS-PC-003 | a.wilson | FR France | EmilyAI (auto) | T1621 |
| ALR-00068 | 1d ago | Certificate Anomaly | Low | Resolved | Network IDS | AP-WIFI-03 | s.jones | VN Vietnam | EmilyAI (auto) | T1553.004 |
| ALR-00074 | 1d ago | Rogue DHCP Server | High | Open | Attack Surface Scanner | WS-LAP-010 | n.clark | NL Netherlands | Emma Richardson | T1557.003 |
| ALR-00014 | 2d ago | Port Scan Detected | Low | Resolved | SOC365 Engine | WS-PC-003 | r.davies | NG Nigeria | EmilyAI (auto) | T1046 |
| ALR-00097 | 2d ago | DecoyPulse Honeypot Triggered | Low | Open | EmilyAI Triage | SRV-BACKUP-01 | d.walker | KP North Korea | EmilyAI (auto) | T1018 |
| ALR-00084 | 2d ago | Privilege Escalation Attempt | Low | Investigating | SOC365 Engine | WS-LAP-012 | m.taylor | KP North Korea | EmilyAI (auto) | T1134 |
| ALR-00059 | 2d ago | Insider Threat Indicator | Informational | Resolved | EmilyAI Triage | WS-PC-006 | h.roberts | NL Netherlands | EmilyAI (auto) | T1119 |
| ALR-00032 | 2d ago | Rogue DHCP Server | High | Escalated | DLP Module | SRV-MAIL-01 | h.roberts | NL Netherlands | James Okonkwo | T1557.003 |
| ALR-00055 | 2d ago | Unauthorised USB Device | Low | Open | Dark Web Monitor | WS-LAP-011 | h.roberts | RU Russia | EmilyAI (auto) | T1091 |
| ALR-00016 | 2d ago | Suspicious PowerShell Execution | Informational | Investigating | DLP Module | WS-LAP-011 | f.hall | UA Ukraine | EmilyAI (auto) | T1059.001 |
| ALR-00048 | 2d ago | Privilege Escalation Attempt | Low | False Positive | DecoyPulse | WS-PC-004 | k.brown | RU Russia | EmilyAI (auto) | T1134 |
| ALR-00093 | 2d ago | Credential Stuffing Attempt | Medium | Investigating | Cloud Connector | SW-CORE-01 | a.wilson | US United States | Emma Richardson | T1110.004 |
| ALR-00045 | 2d ago | Anomalous DNS Query | Low | Investigating | Email Gateway | WS-PC-001 | m.taylor | US United States | EmilyAI (auto) | T1568.002 |
| ALR-00031 | 2d ago | Unusual Outbound Traffic | Low | Open | Email Gateway | WS-PC-002 | e.evans | UA Ukraine | EmilyAI (auto) | T1041 |
| ALR-00001 | 2d ago | Insider Threat Indicator | Low | False Positive | Dark Web Monitor | SRV-MAIL-01 | l.johnson | NG Nigeria | EmilyAI (auto) | T1119 |
| ALR-00024 | 2d ago | DLP Policy Violation | Medium | Investigating | SOC365 Engine | SRV-DC-01 | s.jones | GB United Kingdom | Sarah Chen | T1048 |
| ALR-00054 | 2d ago | Suspicious Scheduled Task | Medium | Escalated | Network IDS | WS-MAC-005 | system | FR France | Sarah Chen | T1053.005 |
| ALR-00090 | 2d ago | Privilege Escalation Attempt | Informational | Investigating | DLP Module | SRV-APP-01 | j.smith | NL Netherlands | EmilyAI (auto) | T1134 |
| ALR-00053 | 2d ago | Unusual Outbound Traffic | Low | Resolved | Email Gateway | SRV-MAIL-01 | m.taylor | IR Iran | EmilyAI (auto) | T1041 |
| ALR-00070 | 3d ago | Insider Threat Indicator | Low | Resolved | Cloud Connector | SRV-APP-01 | f.hall | UA Ukraine | EmilyAI (auto) | T1119 |
| ALR-00010 | 3d ago | Brute Force SSH | Medium | False Positive | Cloud Connector | WS-MAC-005 | r.davies | IN India | Anika Patel | T1110.001 |
| ALR-00034 | 3d ago | Kerberoasting Attempt | Medium | Investigating | Email Gateway | WS-LAP-011 | m.taylor | NG Nigeria | James Okonkwo | T1558.003 |
| ALR-00052 | 3d ago | Pass-the-Hash Detected | High | Escalated | Email Gateway | WS-LAP-012 | l.johnson | IN India | Emma Richardson | T1550.002 |
| ALR-00040 | 3d ago | Privilege Escalation Attempt | Medium | Escalated | Endpoint Agent | AP-WIFI-03 | l.johnson | BR Brazil | Anika Patel | T1134 |
| ALR-00013 | 3d ago | Data Exfiltration Attempt | Informational | Investigating | SOC365 Engine | WS-MAC-005 | j.smith | UA Ukraine | EmilyAI (auto) | T1567.002 |
| ALR-00089 | 3d ago | Phishing Email Blocked | Low | Resolved | Firewall | SRV-DC-01 | p.thomas | RO Romania | EmilyAI (auto) | T1566.001 |
| ALR-00069 | 3d ago | Lateral Movement Detected | Low | False Positive | Dark Web Monitor | WS-PC-001 | h.roberts | IR Iran | EmilyAI (auto) | T1021.002 |
| ALR-00071 | 3d ago | Suspicious Scheduled Task | Low | Open | SOC365 Engine | AP-WIFI-03 | h.roberts | IR Iran | EmilyAI (auto) | T1053.005 |
| ALR-00022 | 3d ago | Unauthorised USB Device | Low | False Positive | Endpoint Agent | SRV-APP-01 | a.wilson | IN India | EmilyAI (auto) | T1091 |
| ALR-00072 | 4d ago | Lateral Movement Detected | Informational | Escalated | Email Gateway | SRV-BACKUP-01 | d.walker | DE Germany | EmilyAI (auto) | T1021.002 |
| ALR-00003 | 4d ago | Ransomware Behaviour Detected | Low | Escalated | Network IDS | SRV-DC-01 | k.brown | US United States | EmilyAI (auto) | T1486 |
| ALR-00036 | 4d ago | Anomalous DNS Query | Informational | False Positive | Endpoint Agent | SRV-DC-01 | p.thomas | GB United Kingdom | EmilyAI (auto) | T1568.002 |
| ALR-00041 | 4d ago | Unauthorised USB Device | Medium | Resolved | Endpoint Agent | WS-LAP-012 | j.smith | UA Ukraine | Anika Patel | T1091 |
| ALR-00011 | 4d ago | Pass-the-Hash Detected | Medium | Escalated | Dark Web Monitor | VM-DEV-01 | m.taylor | GB United Kingdom | Anika Patel | T1550.002 |
| ALR-00021 | 4d ago | Ransomware Behaviour Detected | Low | Investigating | SOC365 Engine | SW-CORE-01 | n.clark | UA Ukraine | EmilyAI (auto) | T1486 |
| ALR-00077 | 4d ago | Certificate Anomaly | Medium | Investigating | Cloud Connector | AP-WIFI-03 | s.jones | DE Germany | Marcus Webb | T1553.004 |
| ALR-00049 | 4d ago | Credential Stuffing Attempt | Low | Open | SOC365 Engine | SRV-WEB-01 | system | RU Russia | EmilyAI (auto) | T1110.004 |
| ALR-00094 | 4d ago | Anomalous DNS Query | Low | Escalated | Cloud Connector | SRV-DC-01 | m.taylor | RU Russia | EmilyAI (auto) | T1568.002 |
| ALR-00029 | 4d ago | Brute Force SSH | Low | Open | SOC365 Engine | WS-PC-006 | n.clark | KP North Korea | EmilyAI (auto) | T1110.001 |
| ALR-00020 | 4d ago | Tor Exit Node Connection | Informational | Resolved | DLP Module | WS-PC-003 | m.taylor | VN Vietnam | EmilyAI (auto) | T1090.003 |
| ALR-00060 | 4d ago | Tor Exit Node Connection | Informational | Escalated | Endpoint Agent | SW-CORE-01 | f.hall | KP North Korea | EmilyAI (auto) | T1090.003 |
| ALR-00009 | 4d ago | Suspicious Scheduled Task | Low | Open | Email Gateway | SRV-DC-01 | k.brown | GB United Kingdom | EmilyAI (auto) | T1053.005 |
| ALR-00019 | 4d ago | Pass-the-Hash Detected | Low | Investigating | DLP Module | VM-DEV-01 | k.brown | BR Brazil | EmilyAI (auto) | T1550.002 |
| ALR-00078 | 4d ago | DLP Policy Violation | Informational | Resolved | SOC365 Engine | WS-LAP-010 | k.brown | GB United Kingdom | EmilyAI (auto) | T1048 |
| ALR-00099 | 4d ago | Suspicious Scheduled Task | Medium | Escalated | Network IDS | WS-LAP-012 | c.williams | CN China | Anika Patel | T1053.005 |
| ALR-00063 | 5d ago | Certificate Anomaly | Informational | Resolved | Attack Surface Scanner | SRV-BACKUP-01 | d.walker | IR Iran | EmilyAI (auto) | T1553.004 |
| ALR-00006 | 5d ago | Ransomware Behaviour Detected | Low | Open | DLP Module | WS-LAP-010 | d.walker | GB United Kingdom | EmilyAI (auto) | T1486 |
| ALR-00085 | 5d ago | Phishing Email Blocked | Medium | Resolved | DLP Module | AP-WIFI-03 | f.hall | RU Russia | Marcus Webb | T1566.001 |
| ALR-00086 | 5d ago | Pass-the-Hash Detected | Medium | Open | Network IDS | SRV-WEB-01 | r.davies | DE Germany | Marcus Webb | T1550.002 |
| ALR-00087 | 5d ago | Suspicious Scheduled Task | Medium | Investigating | EmilyAI Triage | WS-PC-001 | c.williams | VN Vietnam | Anika Patel | T1053.005 |
| ALR-00039 | 5d ago | Data Exfiltration Attempt | Informational | Open | Endpoint Agent | SW-CORE-01 | l.johnson | UA Ukraine | EmilyAI (auto) | T1567.002 |
| ALR-00098 | 5d ago | Failed MFA Challenge | Low | Resolved | EmilyAI Triage | SRV-BACKUP-01 | d.walker | UA Ukraine | EmilyAI (auto) | T1621 |
| ALR-00026 | 5d ago | Shadow IT Discovery | Informational | False Positive | DecoyPulse | WS-LAP-010 | s.jones | US United States | EmilyAI (auto) | T1567 |
| ALR-00012 | 5d ago | DLP Policy Violation | High | Investigating | Email Gateway | SRV-DC-01 | a.wilson | CN China | Sarah Chen | T1048 |
| ALR-00061 | 5d ago | Data Exfiltration Attempt | Medium | False Positive | DLP Module | SRV-SQL-01 | n.clark | FR France | Marcus Webb | T1567.002 |
| ALR-00096 | 5d ago | Malware Signature Match | High | Escalated | Dark Web Monitor | WS-PC-002 | k.brown | NG Nigeria | James Okonkwo | T1204.002 |
| ALR-00062 | 5d ago | Malware Signature Match | Informational | False Positive | DLP Module | WS-PC-006 | p.thomas | GB United Kingdom | EmilyAI (auto) | T1204.002 |
| ALR-00017 | 5d ago | Suspicious Scheduled Task | Medium | Escalated | Network IDS | SRV-APP-01 | d.walker | RU Russia | Emma Richardson | T1053.005 |
| ALR-00035 | 5d ago | Rogue DHCP Server | High | Escalated | SOC365 Engine | WS-PC-001 | d.walker | GB United Kingdom | Marcus Webb | T1557.003 |
| ALR-00058 | 5d ago | Kerberoasting Attempt | Informational | False Positive | Network IDS | SRV-DC-01 | f.hall | RU Russia | EmilyAI (auto) | T1558.003 |
| ALR-00027 | 6d ago | Certificate Anomaly | Low | Investigating | Firewall | SRV-APP-01 | n.clark | VN Vietnam | EmilyAI (auto) | T1553.004 |
| ALR-00080 | 6d ago | Insider Threat Indicator | Low | False Positive | Endpoint Agent | WS-PC-003 | c.williams | UA Ukraine | EmilyAI (auto) | T1119 |
| ALR-00050 | 6d ago | Tor Exit Node Connection | Medium | Escalated | Endpoint Agent | WS-PC-002 | r.davies | RO Romania | James Okonkwo | T1090.003 |
| ALR-00075 | 6d ago | Data Exfiltration Attempt | Medium | False Positive | EmilyAI Triage | SRV-APP-01 | c.williams | FR France | Sarah Chen | T1567.002 |
| ALR-00056 | 6d ago | Certificate Anomaly | High | Escalated | DecoyPulse | WS-PC-003 | system | IR Iran | Anika Patel | T1553.004 |
| ALR-00004 | 6d ago | Phishing Email Blocked | Medium | Resolved | Network IDS | VM-DEV-01 | n.clark | IR Iran | James Okonkwo | T1566.001 |
| ALR-00007 | 6d ago | Unauthorised USB Device | Medium | Investigating | Endpoint Agent | SRV-SQL-01 | c.williams | NG Nigeria | James Okonkwo | T1091 |
| ALR-00051 | 6d ago | Rogue DHCP Server | Medium | Investigating | Dark Web Monitor | FW-EDGE-01 | system | KP North Korea | Marcus Webb | T1557.003 |
| ALR-00073 | 6d ago | Port Scan Detected | Medium | Open | Endpoint Agent | SW-CORE-01 | a.wilson | GB United Kingdom | Emma Richardson | T1046 |
| ALR-00088 | 6d ago | Certificate Anomaly | Informational | Escalated | Endpoint Agent | SRV-FILE-01 | r.davies | DE Germany | EmilyAI (auto) | T1553.004 |
| ALR-00044 | 6d ago | Kerberoasting Attempt | Medium | Resolved | Endpoint Agent | FW-EDGE-01 | c.williams | GB United Kingdom | Anika Patel | T1558.003 |
| ALR-00065 | 6d ago | Tor Exit Node Connection | Low | Open | Email Gateway | FW-EDGE-01 | f.hall | CN China | EmilyAI (auto) | T1090.003 |
| ALR-00100 | 6d ago | Phishing Email Blocked | Medium | Resolved | Attack Surface Scanner | SW-CORE-01 | m.taylor | IN India | Anika Patel | T1566.001 |
| ALR-00081 | 6d ago | Tor Exit Node Connection | Informational | Investigating | Network IDS | WS-PC-001 | system | IR Iran | EmilyAI (auto) | T1090.003 |
| ALR-00028 | 6d ago | DLP Policy Violation | Low | Escalated | Firewall | WS-PC-004 | m.taylor | UA Ukraine | EmilyAI (auto) | T1048 |
| ALR-00015 | 6d ago | DecoyPulse Honeypot Triggered | Critical | Investigating | Network IDS | WS-LAP-012 | c.williams | VN Vietnam | Emma Richardson | T1018 |
| ALR-00066 | 6d ago | DecoyPulse Honeypot Triggered | Low | False Positive | SOC365 Engine | SRV-MAIL-01 | f.hall | IN India | EmilyAI (auto) | T1018 |
| ALR-00095 | 6d ago | Anomalous DNS Query | Critical | Escalated | Endpoint Agent | SRV-DC-01 | j.smith | FR France | Sarah Chen | T1568.002 |
| ALR-00002 | 6d ago | Rogue DHCP Server | Low | False Positive | Dark Web Monitor | WS-PC-001 | h.roberts | UA Ukraine | EmilyAI (auto) | T1557.003 |
| ALR-00057 | 6d ago | Credential Stuffing Attempt | Low | Investigating | Firewall | WS-PC-002 | k.brown | BR Brazil | EmilyAI (auto) | T1110.004 |
| ALR-00005 | 6d ago | Ransomware Behaviour Detected | Informational | Resolved | SOC365 Engine | SW-CORE-01 | a.wilson | DE Germany | EmilyAI (auto) | T1486 |
| ALR-00091 | 6d ago | C2 Beacon Activity | High | Open | Dark Web Monitor | AP-WIFI-03 | j.smith | UA Ukraine | Anika Patel | T1071.001 |
| ALR-00042 | 6d ago | Rogue DHCP Server | Informational | Investigating | SOC365 Engine | WS-PC-004 | j.smith | DE Germany | EmilyAI (auto) | T1557.003 |