Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:28:05 UTC

All Alerts

ID Timestamp Alert Type Severity Status Source Hostname User Origin Analyst MITRE
ALR-00054 2m ago Suspicious Scheduled Task Low Open Cloud Connector WS-PC-003 d.walker RU Russia EmilyAI (auto) T1053.005
ALR-00009 7m ago Unusual Outbound Traffic Medium Open Cloud Connector SRV-MAIL-01 e.evans IN India Marcus Webb T1041
ALR-00043 39m ago Certificate Anomaly Low Resolved Endpoint Agent WS-PC-004 f.hall IN India EmilyAI (auto) T1553.004
ALR-00022 2h ago Tor Exit Node Connection Low Resolved Network IDS WS-PC-004 m.taylor RO Romania EmilyAI (auto) T1090.003
ALR-00019 2h ago Pass-the-Hash Detected Low Open DecoyPulse WS-PC-003 f.hall NL Netherlands EmilyAI (auto) T1550.002
ALR-00014 3h ago Brute Force SSH Informational False Positive Network IDS WS-PC-003 a.wilson UA Ukraine EmilyAI (auto) T1110.001
ALR-00079 6h ago Certificate Anomaly Informational Escalated Cloud Connector SRV-DC-01 system IN India EmilyAI (auto) T1553.004
ALR-00023 8h ago Failed MFA Challenge Informational False Positive Cloud Connector SRV-MAIL-01 n.clark IR Iran EmilyAI (auto) T1621
ALR-00035 9h ago Port Scan Detected High Escalated Dark Web Monitor SRV-FILE-01 a.wilson GB United Kingdom James Okonkwo T1046
ALR-00046 11h ago Phishing Email Blocked Medium Resolved Attack Surface Scanner WS-LAP-012 d.walker BR Brazil Anika Patel T1566.001
ALR-00008 12h ago Privilege Escalation Attempt Medium Open Dark Web Monitor SW-CORE-01 r.davies US United States Marcus Webb T1134
ALR-00081 14h ago Brute Force SSH Medium Escalated DecoyPulse WS-MAC-005 f.hall US United States Emma Richardson T1110.001
ALR-00052 15h ago Lateral Movement Detected High Investigating Firewall SRV-DC-01 k.brown GB United Kingdom Sarah Chen T1021.002
ALR-00017 16h ago Malware Signature Match Medium Escalated Email Gateway AP-WIFI-03 c.williams RO Romania Anika Patel T1204.002
ALR-00045 16h ago Kerberoasting Attempt Informational Investigating Endpoint Agent VM-DEV-01 d.walker IN India EmilyAI (auto) T1558.003
ALR-00040 18h ago Shadow IT Discovery Low False Positive Email Gateway SRV-BACKUP-01 p.thomas UA Ukraine EmilyAI (auto) T1567
ALR-00069 19h ago Suspicious PowerShell Execution Low Resolved Email Gateway SRV-APP-01 l.johnson UA Ukraine EmilyAI (auto) T1059.001
ALR-00076 20h ago Tor Exit Node Connection Low False Positive Email Gateway SRV-MAIL-01 r.davies NL Netherlands EmilyAI (auto) T1090.003
ALR-00058 22h ago Brute Force SSH Informational Escalated DLP Module AP-WIFI-03 d.walker FR France EmilyAI (auto) T1110.001
ALR-00065 1d ago Privilege Escalation Attempt Low Investigating Network IDS FW-EDGE-01 h.roberts IR Iran EmilyAI (auto) T1134
ALR-00030 1d ago Brute Force SSH Informational Investigating SOC365 Engine SRV-BACKUP-01 e.evans UA Ukraine EmilyAI (auto) T1110.001
ALR-00090 1d ago Ransomware Behaviour Detected Low False Positive Endpoint Agent WS-PC-003 a.wilson RU Russia EmilyAI (auto) T1486
ALR-00094 1d ago Data Exfiltration Attempt Medium Open DLP Module WS-MAC-005 l.johnson NG Nigeria James Okonkwo T1567.002
ALR-00053 1d ago Brute Force SSH Medium Escalated Cloud Connector SRV-APP-01 f.hall IN India James Okonkwo T1110.001
ALR-00093 1d ago Malware Signature Match Medium False Positive DLP Module SRV-MAIL-01 f.hall US United States Anika Patel T1204.002
ALR-00055 1d ago Privilege Escalation Attempt Informational Open EmilyAI Triage SRV-SQL-01 h.roberts RU Russia EmilyAI (auto) T1134
ALR-00071 1d ago Port Scan Detected Medium Escalated Dark Web Monitor WS-PC-001 h.roberts NG Nigeria Marcus Webb T1046
ALR-00085 1d ago Insider Threat Indicator Low False Positive DecoyPulse WS-LAP-012 e.evans UA Ukraine EmilyAI (auto) T1119
ALR-00016 1d ago Rogue DHCP Server High Investigating Dark Web Monitor WS-LAP-010 k.brown RO Romania Emma Richardson T1557.003
ALR-00068 2d ago DLP Policy Violation Low Investigating DLP Module SRV-BACKUP-01 j.smith UA Ukraine EmilyAI (auto) T1048
ALR-00050 2d ago Brute Force SSH Low Open EmilyAI Triage SW-CORE-01 system RU Russia EmilyAI (auto) T1110.001
ALR-00100 2d ago Insider Threat Indicator Medium Resolved Endpoint Agent VM-DEV-01 f.hall IN India James Okonkwo T1119
ALR-00095 2d ago Shadow IT Discovery Medium False Positive Endpoint Agent WS-PC-002 system NG Nigeria Anika Patel T1567
ALR-00024 2d ago Shadow IT Discovery Medium Open DLP Module SRV-APP-01 n.clark RO Romania Anika Patel T1567
ALR-00059 2d ago Brute Force SSH Medium False Positive Endpoint Agent SRV-FILE-01 r.davies GB United Kingdom Sarah Chen T1110.001
ALR-00021 2d ago Insider Threat Indicator Low False Positive DecoyPulse WS-LAP-010 k.brown NG Nigeria EmilyAI (auto) T1119
ALR-00029 2d ago Failed MFA Challenge Low Investigating SOC365 Engine SRV-WEB-01 f.hall KP North Korea EmilyAI (auto) T1621
ALR-00073 2d ago Certificate Anomaly Medium Open SOC365 Engine SRV-FILE-01 j.smith FR France Anika Patel T1553.004
ALR-00007 2d ago Suspicious PowerShell Execution Medium Resolved EmilyAI Triage WS-LAP-011 m.taylor VN Vietnam Marcus Webb T1059.001
ALR-00011 2d ago Ransomware Behaviour Detected Low Escalated EmilyAI Triage WS-PC-001 h.roberts BR Brazil EmilyAI (auto) T1486
ALR-00001 2d ago DLP Policy Violation Informational Escalated Endpoint Agent WS-PC-001 n.clark DE Germany EmilyAI (auto) T1048
ALR-00036 2d ago Insider Threat Indicator Low Investigating Email Gateway WS-PC-001 m.taylor IN India EmilyAI (auto) T1119
ALR-00097 2d ago Privilege Escalation Attempt Medium Escalated DecoyPulse SRV-APP-01 f.hall NG Nigeria Anika Patel T1134
ALR-00070 3d ago Privilege Escalation Attempt Medium Investigating DLP Module WS-PC-006 s.jones UA Ukraine Marcus Webb T1134
ALR-00002 3d ago Tor Exit Node Connection Low Open DecoyPulse WS-PC-001 p.thomas UA Ukraine EmilyAI (auto) T1090.003
ALR-00072 3d ago Insider Threat Indicator High Escalated SOC365 Engine WS-LAP-011 m.taylor IR Iran Anika Patel T1119
ALR-00020 3d ago Ransomware Behaviour Detected Medium Open Firewall SRV-WEB-01 k.brown NG Nigeria Sarah Chen T1486
ALR-00051 3d ago Kerberoasting Attempt High Escalated Dark Web Monitor WS-PC-006 system VN Vietnam Emma Richardson T1558.003
ALR-00044 3d ago Port Scan Detected Low Investigating DecoyPulse WS-PC-001 c.williams US United States EmilyAI (auto) T1046
ALR-00067 3d ago Data Exfiltration Attempt High Escalated DecoyPulse WS-LAP-012 system IN India James Okonkwo T1567.002
ALR-00003 3d ago Failed MFA Challenge Medium Resolved SOC365 Engine WS-LAP-010 r.davies KP North Korea Anika Patel T1621
ALR-00015 3d ago Suspicious Scheduled Task Low Escalated Network IDS WS-LAP-011 n.clark FR France EmilyAI (auto) T1053.005
ALR-00005 3d ago Failed MFA Challenge Medium Investigating Network IDS SRV-SQL-01 c.williams KP North Korea James Okonkwo T1621
ALR-00064 3d ago Certificate Anomaly Low Open Attack Surface Scanner SRV-MAIL-01 k.brown US United States EmilyAI (auto) T1553.004
ALR-00083 3d ago Port Scan Detected Low Resolved Email Gateway WS-PC-001 a.wilson UA Ukraine EmilyAI (auto) T1046
ALR-00004 3d ago Port Scan Detected High Investigating EmilyAI Triage SRV-BACKUP-01 p.thomas KP North Korea Marcus Webb T1046
ALR-00028 3d ago Phishing Email Blocked Medium Resolved Attack Surface Scanner VM-DEV-01 f.hall NL Netherlands James Okonkwo T1566.001
ALR-00074 3d ago Phishing Email Blocked Informational Open DLP Module WS-MAC-005 e.evans US United States EmilyAI (auto) T1566.001
ALR-00049 3d ago DecoyPulse Honeypot Triggered Informational Escalated DLP Module WS-PC-006 r.davies IN India EmilyAI (auto) T1018
ALR-00082 3d ago DLP Policy Violation Informational Escalated Email Gateway SRV-MAIL-01 d.walker IR Iran EmilyAI (auto) T1048
ALR-00098 3d ago Phishing Email Blocked Low Open EmilyAI Triage WS-PC-006 system NG Nigeria EmilyAI (auto) T1566.001
ALR-00041 3d ago Data Exfiltration Attempt Informational Investigating EmilyAI Triage WS-PC-006 r.davies RU Russia EmilyAI (auto) T1567.002
ALR-00012 4d ago Rogue DHCP Server Informational Investigating Email Gateway SRV-APP-01 c.williams NL Netherlands EmilyAI (auto) T1557.003
ALR-00027 4d ago Credential Stuffing Attempt Low Resolved DecoyPulse SRV-MAIL-01 system RO Romania EmilyAI (auto) T1110.004
ALR-00006 4d ago Ransomware Behaviour Detected Medium Resolved Attack Surface Scanner SRV-BACKUP-01 f.hall IR Iran Emma Richardson T1486
ALR-00062 4d ago Failed MFA Challenge Medium Investigating DLP Module FW-EDGE-01 n.clark RO Romania Emma Richardson T1621
ALR-00010 4d ago Unauthorised USB Device Low Open DecoyPulse SW-CORE-01 n.clark IN India EmilyAI (auto) T1091
ALR-00037 4d ago Suspicious PowerShell Execution Medium False Positive DLP Module WS-MAC-005 r.davies DE Germany Sarah Chen T1059.001
ALR-00061 4d ago Insider Threat Indicator Low Open Dark Web Monitor SW-CORE-01 s.jones US United States EmilyAI (auto) T1119
ALR-00080 4d ago Phishing Email Blocked Low Escalated EmilyAI Triage SW-CORE-01 s.jones DE Germany EmilyAI (auto) T1566.001
ALR-00087 4d ago Anomalous DNS Query Medium Resolved Endpoint Agent WS-PC-001 l.johnson KP North Korea Marcus Webb T1568.002
ALR-00048 4d ago Kerberoasting Attempt Low Resolved SOC365 Engine WS-PC-002 p.thomas CN China EmilyAI (auto) T1558.003
ALR-00075 4d ago Lateral Movement Detected Medium Open EmilyAI Triage SRV-MAIL-01 s.jones DE Germany Emma Richardson T1021.002
ALR-00099 4d ago Ransomware Behaviour Detected Low Investigating Cloud Connector WS-LAP-011 m.taylor RU Russia EmilyAI (auto) T1486
ALR-00060 4d ago Data Exfiltration Attempt Low False Positive Network IDS WS-MAC-005 e.evans UA Ukraine EmilyAI (auto) T1567.002
ALR-00057 5d ago DLP Policy Violation Medium False Positive Network IDS WS-PC-004 s.jones FR France Sarah Chen T1048
ALR-00084 5d ago Credential Stuffing Attempt Low False Positive Endpoint Agent VM-DEV-01 k.brown DE Germany EmilyAI (auto) T1110.004
ALR-00026 5d ago DLP Policy Violation High Escalated EmilyAI Triage SRV-FILE-01 a.wilson NG Nigeria Marcus Webb T1048
ALR-00088 5d ago C2 Beacon Activity Informational Resolved Cloud Connector WS-LAP-010 c.williams CN China EmilyAI (auto) T1071.001
ALR-00056 5d ago Suspicious PowerShell Execution Low Escalated Endpoint Agent WS-PC-001 c.williams US United States EmilyAI (auto) T1059.001
ALR-00033 5d ago Brute Force SSH Low Resolved Email Gateway WS-PC-001 system GB United Kingdom EmilyAI (auto) T1110.001
ALR-00025 5d ago Shadow IT Discovery Informational Resolved Email Gateway SRV-WEB-01 c.williams IN India EmilyAI (auto) T1567
ALR-00034 5d ago DLP Policy Violation Informational Escalated DecoyPulse SRV-FILE-01 p.thomas IN India EmilyAI (auto) T1048
ALR-00096 5d ago Insider Threat Indicator Low Escalated Endpoint Agent AP-WIFI-03 m.taylor NL Netherlands EmilyAI (auto) T1119
ALR-00066 5d ago Kerberoasting Attempt Medium Escalated Cloud Connector SRV-APP-01 p.thomas IN India Sarah Chen T1558.003
ALR-00031 5d ago Insider Threat Indicator Informational False Positive Dark Web Monitor SRV-MAIL-01 m.taylor BR Brazil EmilyAI (auto) T1119
ALR-00089 5d ago Insider Threat Indicator Low False Positive Endpoint Agent WS-LAP-011 system US United States EmilyAI (auto) T1119
ALR-00063 6d ago Insider Threat Indicator Low Investigating Attack Surface Scanner WS-LAP-010 l.johnson US United States EmilyAI (auto) T1119
ALR-00047 6d ago Brute Force SSH Informational Open Firewall WS-LAP-010 c.williams IN India EmilyAI (auto) T1110.001
ALR-00086 6d ago Lateral Movement Detected Low Escalated DecoyPulse WS-LAP-011 f.hall UA Ukraine EmilyAI (auto) T1021.002
ALR-00092 6d ago Suspicious Scheduled Task Informational Resolved Network IDS SRV-WEB-01 r.davies RU Russia EmilyAI (auto) T1053.005
ALR-00013 6d ago Unauthorised USB Device Low Investigating DecoyPulse WS-LAP-010 k.brown BR Brazil EmilyAI (auto) T1091
ALR-00077 6d ago DLP Policy Violation Low False Positive Endpoint Agent WS-PC-001 c.williams VN Vietnam EmilyAI (auto) T1048
ALR-00032 6d ago Unusual Outbound Traffic Medium Investigating Firewall SRV-FILE-01 n.clark DE Germany Anika Patel T1041
ALR-00078 6d ago Suspicious Scheduled Task Medium Investigating Email Gateway SRV-DC-01 h.roberts GB United Kingdom Sarah Chen T1053.005
ALR-00038 6d ago Malware Signature Match High Escalated DLP Module SW-CORE-01 m.taylor NL Netherlands Emma Richardson T1204.002
ALR-00018 6d ago Unusual Outbound Traffic Informational Open Cloud Connector WS-LAP-010 p.thomas NG Nigeria EmilyAI (auto) T1041
ALR-00091 6d ago Privilege Escalation Attempt High Open DLP Module SRV-FILE-01 system GB United Kingdom James Okonkwo T1134
ALR-00039 6d ago Failed MFA Challenge Low Resolved Firewall FW-EDGE-01 e.evans RO Romania EmilyAI (auto) T1621
ALR-00042 6d ago Malware Signature Match Low Investigating Cloud Connector SRV-SQL-01 n.clark RO Romania EmilyAI (auto) T1204.002