Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:22:19 UTC

All Alerts

ID Timestamp Alert Type Severity Status Source Hostname User Origin Analyst MITRE
ALR-00024 3h ago Credential Stuffing Attempt Medium False Positive Firewall WS-LAP-011 s.jones DE Germany Anika Patel T1110.004
ALR-00098 6h ago Failed MFA Challenge Low Investigating Endpoint Agent SRV-MAIL-01 r.davies BR Brazil EmilyAI (auto) T1621
ALR-00057 7h ago Port Scan Detected Low Resolved SOC365 Engine WS-LAP-012 l.johnson US United States EmilyAI (auto) T1046
ALR-00062 13h ago Rogue DHCP Server Medium False Positive Dark Web Monitor SRV-DC-01 d.walker FR France Sarah Chen T1557.003
ALR-00089 14h ago Unauthorised USB Device Medium Investigating Network IDS WS-PC-001 m.taylor RU Russia Marcus Webb T1091
ALR-00055 14h ago Credential Stuffing Attempt Medium Investigating Endpoint Agent FW-EDGE-01 k.brown IR Iran Anika Patel T1110.004
ALR-00020 16h ago Phishing Email Blocked Medium Resolved SOC365 Engine WS-LAP-011 s.jones NL Netherlands Marcus Webb T1566.001
ALR-00016 16h ago Brute Force SSH Low Resolved Cloud Connector WS-LAP-012 k.brown RO Romania EmilyAI (auto) T1110.001
ALR-00005 20h ago Brute Force SSH Medium Escalated Firewall SRV-DC-01 m.taylor NG Nigeria James Okonkwo T1110.001
ALR-00017 1d ago DLP Policy Violation Informational Investigating EmilyAI Triage SW-CORE-01 r.davies IR Iran EmilyAI (auto) T1048
ALR-00050 1d ago DecoyPulse Honeypot Triggered Low Escalated Email Gateway WS-LAP-010 f.hall RU Russia EmilyAI (auto) T1018
ALR-00013 1d ago Shadow IT Discovery Informational Open Cloud Connector WS-LAP-012 a.wilson UA Ukraine EmilyAI (auto) T1567
ALR-00064 1d ago Phishing Email Blocked Low Escalated Network IDS WS-MAC-005 d.walker NL Netherlands EmilyAI (auto) T1566.001
ALR-00066 1d ago Ransomware Behaviour Detected Medium Investigating Network IDS SRV-FILE-01 f.hall GB United Kingdom Sarah Chen T1486
ALR-00070 1d ago Rogue DHCP Server Medium False Positive EmilyAI Triage SRV-WEB-01 p.thomas RU Russia Emma Richardson T1557.003
ALR-00029 1d ago Certificate Anomaly Medium False Positive SOC365 Engine VM-DEV-01 c.williams IR Iran Anika Patel T1553.004
ALR-00061 1d ago Certificate Anomaly Low Escalated DecoyPulse WS-LAP-010 a.wilson CN China EmilyAI (auto) T1553.004
ALR-00092 1d ago Suspicious Scheduled Task Low Resolved Attack Surface Scanner WS-PC-001 j.smith GB United Kingdom EmilyAI (auto) T1053.005
ALR-00035 1d ago Credential Stuffing Attempt High Open Network IDS AP-WIFI-03 system NG Nigeria Emma Richardson T1110.004
ALR-00022 1d ago Phishing Email Blocked Low Investigating Email Gateway WS-LAP-012 system KP North Korea EmilyAI (auto) T1566.001
ALR-00063 1d ago Ransomware Behaviour Detected Informational Resolved Network IDS SRV-APP-01 a.wilson IN India EmilyAI (auto) T1486
ALR-00006 2d ago Ransomware Behaviour Detected Medium Escalated DecoyPulse WS-PC-006 a.wilson RO Romania James Okonkwo T1486
ALR-00071 2d ago Suspicious Scheduled Task Informational Open SOC365 Engine SW-CORE-01 j.smith US United States EmilyAI (auto) T1053.005
ALR-00032 2d ago C2 Beacon Activity Low False Positive Firewall WS-PC-003 c.williams NL Netherlands EmilyAI (auto) T1071.001
ALR-00048 2d ago Port Scan Detected Low Investigating Email Gateway FW-EDGE-01 j.smith IR Iran EmilyAI (auto) T1046
ALR-00077 2d ago Unusual Outbound Traffic Low Open Endpoint Agent SRV-FILE-01 r.davies UA Ukraine EmilyAI (auto) T1041
ALR-00045 2d ago Shadow IT Discovery Low Open SOC365 Engine FW-EDGE-01 f.hall RU Russia EmilyAI (auto) T1567
ALR-00019 2d ago Port Scan Detected Medium Investigating DecoyPulse SW-CORE-01 h.roberts GB United Kingdom Emma Richardson T1046
ALR-00027 2d ago Unusual Outbound Traffic Informational False Positive Firewall WS-PC-004 f.hall DE Germany EmilyAI (auto) T1041
ALR-00085 2d ago Phishing Email Blocked High Investigating EmilyAI Triage SRV-APP-01 e.evans DE Germany Sarah Chen T1566.001
ALR-00059 2d ago Malware Signature Match Medium Open DecoyPulse WS-PC-004 r.davies RU Russia Anika Patel T1204.002
ALR-00052 2d ago Certificate Anomaly Low False Positive Attack Surface Scanner WS-LAP-012 a.wilson BR Brazil EmilyAI (auto) T1553.004
ALR-00044 2d ago Lateral Movement Detected Informational Open Dark Web Monitor VM-DEV-01 e.evans VN Vietnam EmilyAI (auto) T1021.002
ALR-00075 2d ago Failed MFA Challenge Informational False Positive Cloud Connector WS-PC-003 k.brown IN India EmilyAI (auto) T1621
ALR-00065 3d ago DecoyPulse Honeypot Triggered Medium Open DecoyPulse SRV-WEB-01 c.williams IR Iran Anika Patel T1018
ALR-00081 3d ago Unauthorised USB Device Low Escalated Email Gateway SRV-FILE-01 system VN Vietnam EmilyAI (auto) T1091
ALR-00031 3d ago Suspicious PowerShell Execution Medium False Positive Dark Web Monitor FW-EDGE-01 k.brown NL Netherlands James Okonkwo T1059.001
ALR-00060 3d ago Shadow IT Discovery Critical Investigating DLP Module SRV-APP-01 f.hall RU Russia Emma Richardson T1567
ALR-00082 3d ago Pass-the-Hash Detected Low Open SOC365 Engine FW-EDGE-01 m.taylor RO Romania EmilyAI (auto) T1550.002
ALR-00068 3d ago Rogue DHCP Server High Open Firewall SRV-SQL-01 e.evans NG Nigeria James Okonkwo T1557.003
ALR-00039 3d ago DecoyPulse Honeypot Triggered Low Investigating DLP Module WS-PC-003 r.davies UA Ukraine EmilyAI (auto) T1018
ALR-00067 3d ago Privilege Escalation Attempt Medium Investigating EmilyAI Triage WS-LAP-012 s.jones CN China Anika Patel T1134
ALR-00083 3d ago C2 Beacon Activity Low Resolved Dark Web Monitor SW-CORE-01 j.smith VN Vietnam EmilyAI (auto) T1071.001
ALR-00095 3d ago Privilege Escalation Attempt Low Investigating Network IDS SRV-FILE-01 s.jones RU Russia EmilyAI (auto) T1134
ALR-00073 3d ago DecoyPulse Honeypot Triggered Informational False Positive Attack Surface Scanner SRV-APP-01 system VN Vietnam EmilyAI (auto) T1018
ALR-00072 4d ago Pass-the-Hash Detected High Escalated Dark Web Monitor WS-LAP-011 m.taylor FR France James Okonkwo T1550.002
ALR-00084 4d ago Insider Threat Indicator Medium False Positive EmilyAI Triage FW-EDGE-01 l.johnson IN India Anika Patel T1119
ALR-00100 4d ago Failed MFA Challenge Medium False Positive Email Gateway WS-LAP-011 r.davies DE Germany Emma Richardson T1621
ALR-00007 4d ago Insider Threat Indicator High Escalated DecoyPulse SRV-FILE-01 m.taylor KP North Korea James Okonkwo T1119
ALR-00023 4d ago Privilege Escalation Attempt Low Resolved Network IDS WS-PC-002 l.johnson CN China EmilyAI (auto) T1134
ALR-00002 4d ago Malware Signature Match Informational False Positive Email Gateway SRV-DC-01 m.taylor GB United Kingdom EmilyAI (auto) T1204.002
ALR-00086 4d ago Tor Exit Node Connection Medium Escalated SOC365 Engine WS-LAP-011 m.taylor GB United Kingdom Sarah Chen T1090.003
ALR-00018 4d ago Credential Stuffing Attempt Low False Positive Dark Web Monitor SRV-SQL-01 a.wilson DE Germany EmilyAI (auto) T1110.004
ALR-00015 4d ago Shadow IT Discovery Low False Positive Network IDS SRV-DC-01 e.evans VN Vietnam EmilyAI (auto) T1567
ALR-00051 4d ago Data Exfiltration Attempt Medium Escalated Firewall VM-DEV-01 system KP North Korea Anika Patel T1567.002
ALR-00053 4d ago Pass-the-Hash Detected Medium Resolved Attack Surface Scanner WS-PC-006 d.walker NG Nigeria Sarah Chen T1550.002
ALR-00096 4d ago Brute Force SSH Medium Resolved DecoyPulse SRV-FILE-01 e.evans RO Romania Sarah Chen T1110.001
ALR-00004 4d ago Privilege Escalation Attempt Low False Positive Network IDS SRV-BACKUP-01 s.jones CN China EmilyAI (auto) T1134
ALR-00078 4d ago Data Exfiltration Attempt Low Resolved Email Gateway WS-MAC-005 m.taylor NG Nigeria EmilyAI (auto) T1567.002
ALR-00012 4d ago C2 Beacon Activity Low False Positive Email Gateway SRV-APP-01 l.johnson GB United Kingdom EmilyAI (auto) T1071.001
ALR-00041 4d ago Insider Threat Indicator Medium Resolved Firewall SRV-MAIL-01 h.roberts IN India Anika Patel T1119
ALR-00033 4d ago Insider Threat Indicator Low Open Cloud Connector SRV-MAIL-01 s.jones VN Vietnam EmilyAI (auto) T1119
ALR-00093 5d ago Malware Signature Match Medium False Positive DecoyPulse WS-PC-001 m.taylor GB United Kingdom Emma Richardson T1204.002
ALR-00080 5d ago C2 Beacon Activity Medium False Positive DLP Module VM-DEV-01 m.taylor IR Iran Emma Richardson T1071.001
ALR-00091 5d ago Certificate Anomaly Informational Escalated Email Gateway WS-PC-006 l.johnson DE Germany EmilyAI (auto) T1553.004
ALR-00046 5d ago DecoyPulse Honeypot Triggered Low Open Firewall WS-PC-002 j.smith DE Germany EmilyAI (auto) T1018
ALR-00021 5d ago Data Exfiltration Attempt Low Investigating SOC365 Engine WS-MAC-005 n.clark CN China EmilyAI (auto) T1567.002
ALR-00058 5d ago Unauthorised USB Device Low False Positive Endpoint Agent FW-EDGE-01 n.clark RU Russia EmilyAI (auto) T1091
ALR-00079 5d ago DecoyPulse Honeypot Triggered Medium Investigating Firewall WS-PC-001 j.smith NG Nigeria Marcus Webb T1018
ALR-00014 5d ago Unauthorised USB Device Informational False Positive Cloud Connector SRV-MAIL-01 h.roberts RO Romania EmilyAI (auto) T1091
ALR-00076 5d ago Pass-the-Hash Detected Low Escalated Email Gateway SRV-DC-01 r.davies IR Iran EmilyAI (auto) T1550.002
ALR-00054 5d ago Rogue DHCP Server Informational Resolved Cloud Connector WS-PC-006 h.roberts BR Brazil EmilyAI (auto) T1557.003
ALR-00037 5d ago Kerberoasting Attempt Medium False Positive Firewall WS-PC-004 s.jones IR Iran Emma Richardson T1558.003
ALR-00010 5d ago DLP Policy Violation High Open Endpoint Agent WS-PC-002 p.thomas NG Nigeria Emma Richardson T1048
ALR-00074 5d ago Tor Exit Node Connection Low Open Email Gateway SRV-DC-01 f.hall NL Netherlands EmilyAI (auto) T1090.003
ALR-00011 5d ago Suspicious PowerShell Execution Critical Investigating Network IDS SRV-DC-01 s.jones FR France Marcus Webb T1059.001
ALR-00008 5d ago Data Exfiltration Attempt High Open Cloud Connector VM-DEV-01 system US United States James Okonkwo T1567.002
ALR-00009 5d ago Malware Signature Match High Investigating Attack Surface Scanner WS-LAP-011 c.williams RO Romania Sarah Chen T1204.002
ALR-00043 5d ago Unusual Outbound Traffic Medium Open Dark Web Monitor SRV-MAIL-01 l.johnson UA Ukraine Marcus Webb T1041
ALR-00088 5d ago Kerberoasting Attempt Medium Open DLP Module SRV-WEB-01 n.clark RO Romania Anika Patel T1558.003
ALR-00025 5d ago Suspicious PowerShell Execution Informational Investigating Cloud Connector WS-PC-006 r.davies US United States EmilyAI (auto) T1059.001
ALR-00003 5d ago DLP Policy Violation Low Investigating SOC365 Engine WS-PC-003 e.evans VN Vietnam EmilyAI (auto) T1048
ALR-00094 5d ago Ransomware Behaviour Detected Medium False Positive Attack Surface Scanner SW-CORE-01 p.thomas DE Germany Anika Patel T1486
ALR-00097 6d ago Pass-the-Hash Detected Informational Open EmilyAI Triage WS-MAC-005 k.brown UA Ukraine EmilyAI (auto) T1550.002
ALR-00069 6d ago Port Scan Detected Low Escalated Endpoint Agent SRV-APP-01 s.jones BR Brazil EmilyAI (auto) T1046
ALR-00028 6d ago Credential Stuffing Attempt Informational Escalated Attack Surface Scanner SRV-FILE-01 m.taylor RU Russia EmilyAI (auto) T1110.004
ALR-00047 6d ago Shadow IT Discovery Informational Investigating Endpoint Agent WS-LAP-012 n.clark CN China EmilyAI (auto) T1567
ALR-00042 6d ago Suspicious Scheduled Task Informational Resolved EmilyAI Triage WS-PC-003 m.taylor VN Vietnam EmilyAI (auto) T1053.005
ALR-00038 6d ago Privilege Escalation Attempt Medium Open Firewall SW-CORE-01 r.davies NL Netherlands Emma Richardson T1134
ALR-00040 6d ago Port Scan Detected Low Escalated Endpoint Agent WS-LAP-012 d.walker RO Romania EmilyAI (auto) T1046
ALR-00049 6d ago Pass-the-Hash Detected Low Resolved Endpoint Agent WS-PC-002 system UA Ukraine EmilyAI (auto) T1550.002
ALR-00001 6d ago Suspicious Scheduled Task Low Resolved DecoyPulse WS-PC-004 f.hall IR Iran EmilyAI (auto) T1053.005
ALR-00036 6d ago Data Exfiltration Attempt Low Open SOC365 Engine WS-LAP-012 d.walker DE Germany EmilyAI (auto) T1567.002
ALR-00099 6d ago Insider Threat Indicator Low Open SOC365 Engine WS-LAP-010 r.davies FR France EmilyAI (auto) T1119
ALR-00034 6d ago Brute Force SSH Medium Investigating Attack Surface Scanner WS-LAP-011 s.jones DE Germany James Okonkwo T1110.001
ALR-00030 6d ago Privilege Escalation Attempt High Open Network IDS WS-LAP-010 s.jones NG Nigeria James Okonkwo T1134
ALR-00090 6d ago Pass-the-Hash Detected Low Investigating Attack Surface Scanner WS-PC-004 m.taylor NG Nigeria EmilyAI (auto) T1550.002
ALR-00026 6d ago Certificate Anomaly Low Escalated EmilyAI Triage WS-LAP-010 k.brown DE Germany EmilyAI (auto) T1553.004
ALR-00056 6d ago Certificate Anomaly Medium Open Network IDS FW-EDGE-01 m.taylor RU Russia Sarah Chen T1553.004
ALR-00087 6d ago C2 Beacon Activity Informational Resolved Firewall WS-PC-002 h.roberts RO Romania EmilyAI (auto) T1071.001