Low Alerts
100 alerts
| ID | Timestamp | Alert Type | Severity | Status | Source | Hostname | User | Origin | Analyst | MITRE |
|---|---|---|---|---|---|---|---|---|---|---|
| ALR-00096 | 1h ago | Kerberoasting Attempt | Low | Investigating | Endpoint Agent | SRV-DC-01 | j.smith | KP North Korea | EmilyAI (auto) | T1558.003 |
| ALR-00242 | 5h ago | Ransomware Behaviour Detected | Low | Investigating | Email Gateway | SRV-WEB-01 | p.thomas | NG Nigeria | EmilyAI (auto) | T1486 |
| ALR-00243 | 5h ago | Tor Exit Node Connection | Low | False Positive | Network IDS | SRV-APP-01 | system | FR France | EmilyAI (auto) | T1090.003 |
| ALR-00256 | 5h ago | Privilege Escalation Attempt | Low | Escalated | SOC365 Engine | SRV-APP-01 | a.wilson | NL Netherlands | EmilyAI (auto) | T1134 |
| ALR-00013 | 6h ago | Port Scan Detected | Low | Escalated | Endpoint Agent | WS-LAP-010 | s.jones | BR Brazil | EmilyAI (auto) | T1046 |
| ALR-00023 | 6h ago | Unauthorised USB Device | Low | Escalated | Cloud Connector | SRV-WEB-01 | d.walker | KP North Korea | EmilyAI (auto) | T1091 |
| ALR-00228 | 6h ago | Unusual Outbound Traffic | Low | Resolved | Network IDS | WS-PC-001 | f.hall | VN Vietnam | EmilyAI (auto) | T1041 |
| ALR-00048 | 11h ago | C2 Beacon Activity | Low | False Positive | EmilyAI Triage | WS-LAP-011 | p.thomas | GB United Kingdom | EmilyAI (auto) | T1071.001 |
| ALR-00196 | 11h ago | Phishing Email Blocked | Low | False Positive | Dark Web Monitor | AP-WIFI-03 | d.walker | KP North Korea | EmilyAI (auto) | T1566.001 |
| ALR-00090 | 13h ago | Insider Threat Indicator | Low | Escalated | DLP Module | FW-EDGE-01 | l.johnson | US United States | EmilyAI (auto) | T1119 |
| ALR-00280 | 15h ago | C2 Beacon Activity | Low | Investigating | DecoyPulse | SRV-BACKUP-01 | a.wilson | GB United Kingdom | EmilyAI (auto) | T1071.001 |
| ALR-00234 | 18h ago | Kerberoasting Attempt | Low | Open | EmilyAI Triage | VM-DEV-01 | r.davies | FR France | EmilyAI (auto) | T1558.003 |
| ALR-00136 | 18h ago | Suspicious Scheduled Task | Low | Resolved | Firewall | SRV-FILE-01 | a.wilson | GB United Kingdom | EmilyAI (auto) | T1053.005 |
| ALR-00299 | 19h ago | Anomalous DNS Query | Low | Escalated | EmilyAI Triage | WS-LAP-010 | d.walker | KP North Korea | EmilyAI (auto) | T1568.002 |
| ALR-00065 | 21h ago | Suspicious PowerShell Execution | Low | False Positive | SOC365 Engine | WS-LAP-010 | j.smith | RO Romania | EmilyAI (auto) | T1059.001 |
| ALR-00117 | 21h ago | Privilege Escalation Attempt | Low | Resolved | EmilyAI Triage | SRV-BACKUP-01 | h.roberts | UA Ukraine | EmilyAI (auto) | T1134 |
| ALR-00283 | 1d ago | Tor Exit Node Connection | Low | Investigating | Attack Surface Scanner | WS-PC-003 | r.davies | US United States | EmilyAI (auto) | T1090.003 |
| ALR-00105 | 1d ago | Port Scan Detected | Low | Open | Endpoint Agent | WS-PC-004 | p.thomas | DE Germany | EmilyAI (auto) | T1046 |
| ALR-00223 | 1d ago | Credential Stuffing Attempt | Low | Investigating | Email Gateway | AP-WIFI-03 | j.smith | IN India | EmilyAI (auto) | T1110.004 |
| ALR-00025 | 1d ago | Suspicious Scheduled Task | Low | Open | SOC365 Engine | WS-PC-006 | j.smith | RO Romania | EmilyAI (auto) | T1053.005 |
| ALR-00035 | 1d ago | Rogue DHCP Server | Low | False Positive | EmilyAI Triage | SRV-BACKUP-01 | a.wilson | RU Russia | EmilyAI (auto) | T1557.003 |
| ALR-00132 | 1d ago | DLP Policy Violation | Low | Escalated | Endpoint Agent | SRV-DC-01 | p.thomas | IR Iran | EmilyAI (auto) | T1048 |
| ALR-00040 | 1d ago | Shadow IT Discovery | Low | Open | DecoyPulse | SRV-FILE-01 | s.jones | VN Vietnam | EmilyAI (auto) | T1567 |
| ALR-00290 | 1d ago | Lateral Movement Detected | Low | False Positive | Dark Web Monitor | WS-LAP-012 | n.clark | NG Nigeria | EmilyAI (auto) | T1021.002 |
| ALR-00147 | 1d ago | Suspicious PowerShell Execution | Low | Resolved | DecoyPulse | SW-CORE-01 | s.jones | RO Romania | EmilyAI (auto) | T1059.001 |
| ALR-00232 | 1d ago | Kerberoasting Attempt | Low | False Positive | EmilyAI Triage | SRV-BACKUP-01 | d.walker | IN India | EmilyAI (auto) | T1558.003 |
| ALR-00199 | 1d ago | Unusual Outbound Traffic | Low | Escalated | Attack Surface Scanner | SRV-MAIL-01 | system | DE Germany | EmilyAI (auto) | T1041 |
| ALR-00029 | 1d ago | Certificate Anomaly | Low | Open | DLP Module | FW-EDGE-01 | d.walker | KP North Korea | EmilyAI (auto) | T1553.004 |
| ALR-00191 | 1d ago | DLP Policy Violation | Low | False Positive | Cloud Connector | SRV-APP-01 | m.taylor | NG Nigeria | EmilyAI (auto) | T1048 |
| ALR-00069 | 1d ago | Kerberoasting Attempt | Low | Investigating | EmilyAI Triage | WS-PC-004 | e.evans | KP North Korea | EmilyAI (auto) | T1558.003 |
| ALR-00097 | 2d ago | Ransomware Behaviour Detected | Low | Open | Dark Web Monitor | WS-PC-006 | system | NL Netherlands | EmilyAI (auto) | T1486 |
| ALR-00259 | 2d ago | Port Scan Detected | Low | Investigating | Endpoint Agent | WS-PC-001 | k.brown | DE Germany | EmilyAI (auto) | T1046 |
| ALR-00157 | 2d ago | Lateral Movement Detected | Low | Open | SOC365 Engine | WS-MAC-005 | l.johnson | NL Netherlands | EmilyAI (auto) | T1021.002 |
| ALR-00279 | 2d ago | Lateral Movement Detected | Low | Investigating | DLP Module | FW-EDGE-01 | k.brown | CN China | EmilyAI (auto) | T1021.002 |
| ALR-00251 | 2d ago | Rogue DHCP Server | Low | Escalated | EmilyAI Triage | SRV-APP-01 | f.hall | NL Netherlands | EmilyAI (auto) | T1557.003 |
| ALR-00168 | 2d ago | Privilege Escalation Attempt | Low | False Positive | Network IDS | VM-DEV-01 | r.davies | KP North Korea | EmilyAI (auto) | T1134 |
| ALR-00139 | 2d ago | Data Exfiltration Attempt | Low | Open | DecoyPulse | WS-PC-001 | r.davies | VN Vietnam | EmilyAI (auto) | T1567.002 |
| ALR-00289 | 2d ago | Unusual Outbound Traffic | Low | Resolved | Email Gateway | SRV-APP-01 | l.johnson | NL Netherlands | EmilyAI (auto) | T1041 |
| ALR-00297 | 2d ago | Unauthorised USB Device | Low | Open | EmilyAI Triage | AP-WIFI-03 | m.taylor | KP North Korea | EmilyAI (auto) | T1091 |
| ALR-00287 | 2d ago | Tor Exit Node Connection | Low | Escalated | EmilyAI Triage | SRV-APP-01 | f.hall | NG Nigeria | EmilyAI (auto) | T1090.003 |
| ALR-00178 | 2d ago | Shadow IT Discovery | Low | Open | Network IDS | WS-PC-004 | d.walker | GB United Kingdom | EmilyAI (auto) | T1567 |
| ALR-00213 | 2d ago | Unauthorised USB Device | Low | Investigating | SOC365 Engine | WS-LAP-011 | j.smith | DE Germany | EmilyAI (auto) | T1091 |
| ALR-00284 | 2d ago | Unauthorised USB Device | Low | Open | Dark Web Monitor | WS-PC-006 | c.williams | UA Ukraine | EmilyAI (auto) | T1091 |
| ALR-00129 | 2d ago | Kerberoasting Attempt | Low | Investigating | Dark Web Monitor | AP-WIFI-03 | f.hall | FR France | EmilyAI (auto) | T1558.003 |
| ALR-00113 | 2d ago | Rogue DHCP Server | Low | Escalated | Cloud Connector | AP-WIFI-03 | e.evans | RU Russia | EmilyAI (auto) | T1557.003 |
| ALR-00022 | 2d ago | Privilege Escalation Attempt | Low | Escalated | DLP Module | WS-PC-001 | h.roberts | US United States | EmilyAI (auto) | T1134 |
| ALR-00063 | 2d ago | Brute Force SSH | Low | Resolved | EmilyAI Triage | WS-PC-006 | a.wilson | CN China | EmilyAI (auto) | T1110.001 |
| ALR-00298 | 3d ago | Port Scan Detected | Low | Escalated | SOC365 Engine | WS-PC-006 | system | FR France | EmilyAI (auto) | T1046 |
| ALR-00031 | 3d ago | Suspicious PowerShell Execution | Low | Escalated | Dark Web Monitor | WS-PC-004 | f.hall | VN Vietnam | EmilyAI (auto) | T1059.001 |
| ALR-00146 | 3d ago | Malware Signature Match | Low | Open | DLP Module | SRV-DC-01 | d.walker | RU Russia | EmilyAI (auto) | T1204.002 |
| ALR-00285 | 3d ago | Kerberoasting Attempt | Low | Resolved | Cloud Connector | WS-MAC-005 | k.brown | IR Iran | EmilyAI (auto) | T1558.003 |
| ALR-00116 | 3d ago | Rogue DHCP Server | Low | Investigating | DecoyPulse | SW-CORE-01 | d.walker | RO Romania | EmilyAI (auto) | T1557.003 |
| ALR-00002 | 3d ago | Brute Force SSH | Low | False Positive | SOC365 Engine | WS-PC-001 | p.thomas | KP North Korea | EmilyAI (auto) | T1110.001 |
| ALR-00220 | 3d ago | C2 Beacon Activity | Low | Open | Dark Web Monitor | AP-WIFI-03 | e.evans | CN China | EmilyAI (auto) | T1071.001 |
| ALR-00095 | 3d ago | C2 Beacon Activity | Low | Resolved | Dark Web Monitor | SW-CORE-01 | system | VN Vietnam | EmilyAI (auto) | T1071.001 |
| ALR-00085 | 3d ago | Certificate Anomaly | Low | Escalated | Attack Surface Scanner | WS-MAC-005 | s.jones | IN India | EmilyAI (auto) | T1553.004 |
| ALR-00110 | 3d ago | DecoyPulse Honeypot Triggered | Low | False Positive | DecoyPulse | SRV-APP-01 | f.hall | KP North Korea | EmilyAI (auto) | T1018 |
| ALR-00164 | 3d ago | Rogue DHCP Server | Low | Open | DLP Module | FW-EDGE-01 | r.davies | UA Ukraine | EmilyAI (auto) | T1557.003 |
| ALR-00047 | 3d ago | Unauthorised USB Device | Low | Open | Attack Surface Scanner | WS-LAP-011 | system | IR Iran | EmilyAI (auto) | T1091 |
| ALR-00203 | 4d ago | Unusual Outbound Traffic | Low | Escalated | Cloud Connector | SRV-DC-01 | r.davies | KP North Korea | EmilyAI (auto) | T1041 |
| ALR-00152 | 4d ago | Certificate Anomaly | Low | Escalated | Firewall | SRV-FILE-01 | j.smith | US United States | EmilyAI (auto) | T1553.004 |
| ALR-00109 | 4d ago | DecoyPulse Honeypot Triggered | Low | Resolved | Cloud Connector | WS-LAP-010 | a.wilson | UA Ukraine | EmilyAI (auto) | T1018 |
| ALR-00160 | 4d ago | Failed MFA Challenge | Low | False Positive | Cloud Connector | WS-LAP-012 | j.smith | KP North Korea | EmilyAI (auto) | T1621 |
| ALR-00261 | 4d ago | Malware Signature Match | Low | False Positive | SOC365 Engine | WS-LAP-012 | c.williams | NL Netherlands | EmilyAI (auto) | T1204.002 |
| ALR-00014 | 4d ago | Phishing Email Blocked | Low | Resolved | SOC365 Engine | SRV-FILE-01 | m.taylor | UA Ukraine | EmilyAI (auto) | T1566.001 |
| ALR-00154 | 4d ago | Credential Stuffing Attempt | Low | Escalated | Cloud Connector | SRV-SQL-01 | c.williams | VN Vietnam | EmilyAI (auto) | T1110.004 |
| ALR-00121 | 4d ago | Suspicious PowerShell Execution | Low | Investigating | DecoyPulse | WS-PC-006 | c.williams | BR Brazil | EmilyAI (auto) | T1059.001 |
| ALR-00011 | 4d ago | Malware Signature Match | Low | Open | Endpoint Agent | SW-CORE-01 | k.brown | UA Ukraine | EmilyAI (auto) | T1204.002 |
| ALR-00225 | 4d ago | Unusual Outbound Traffic | Low | Resolved | Firewall | SRV-APP-01 | d.walker | NL Netherlands | EmilyAI (auto) | T1041 |
| ALR-00206 | 4d ago | Shadow IT Discovery | Low | Resolved | Endpoint Agent | FW-EDGE-01 | h.roberts | IN India | EmilyAI (auto) | T1567 |
| ALR-00079 | 4d ago | Unusual Outbound Traffic | Low | Resolved | Cloud Connector | FW-EDGE-01 | e.evans | FR France | EmilyAI (auto) | T1041 |
| ALR-00198 | 4d ago | Rogue DHCP Server | Low | Escalated | DecoyPulse | WS-LAP-012 | e.evans | NG Nigeria | EmilyAI (auto) | T1557.003 |
| ALR-00044 | 4d ago | Data Exfiltration Attempt | Low | Resolved | DecoyPulse | WS-PC-004 | c.williams | RO Romania | EmilyAI (auto) | T1567.002 |
| ALR-00218 | 4d ago | C2 Beacon Activity | Low | Open | Dark Web Monitor | WS-PC-006 | r.davies | IN India | EmilyAI (auto) | T1071.001 |
| ALR-00292 | 4d ago | Phishing Email Blocked | Low | Escalated | DLP Module | SRV-DC-01 | f.hall | UA Ukraine | EmilyAI (auto) | T1566.001 |
| ALR-00233 | 4d ago | Kerberoasting Attempt | Low | Resolved | Endpoint Agent | SRV-WEB-01 | j.smith | US United States | EmilyAI (auto) | T1558.003 |
| ALR-00300 | 5d ago | Brute Force SSH | Low | False Positive | DLP Module | SRV-BACKUP-01 | s.jones | CN China | EmilyAI (auto) | T1110.001 |
| ALR-00057 | 5d ago | DecoyPulse Honeypot Triggered | Low | Resolved | Endpoint Agent | WS-PC-006 | l.johnson | RO Romania | EmilyAI (auto) | T1018 |
| ALR-00067 | 5d ago | Port Scan Detected | Low | False Positive | Endpoint Agent | SW-CORE-01 | f.hall | UA Ukraine | EmilyAI (auto) | T1046 |
| ALR-00032 | 5d ago | Unusual Outbound Traffic | Low | Resolved | Attack Surface Scanner | WS-LAP-012 | j.smith | KP North Korea | EmilyAI (auto) | T1041 |
| ALR-00070 | 5d ago | Rogue DHCP Server | Low | Investigating | Email Gateway | WS-MAC-005 | n.clark | IR Iran | EmilyAI (auto) | T1557.003 |
| ALR-00205 | 5d ago | DecoyPulse Honeypot Triggered | Low | Open | Cloud Connector | VM-DEV-01 | s.jones | NL Netherlands | EmilyAI (auto) | T1018 |
| ALR-00252 | 5d ago | Insider Threat Indicator | Low | Open | DLP Module | WS-PC-004 | system | RO Romania | EmilyAI (auto) | T1119 |
| ALR-00062 | 5d ago | Kerberoasting Attempt | Low | Escalated | EmilyAI Triage | WS-LAP-010 | l.johnson | RO Romania | EmilyAI (auto) | T1558.003 |
| ALR-00245 | 5d ago | Anomalous DNS Query | Low | Escalated | Attack Surface Scanner | WS-PC-004 | h.roberts | IN India | EmilyAI (auto) | T1568.002 |
| ALR-00124 | 5d ago | Suspicious Scheduled Task | Low | Escalated | Endpoint Agent | VM-DEV-01 | e.evans | GB United Kingdom | EmilyAI (auto) | T1053.005 |
| ALR-00138 | 5d ago | Tor Exit Node Connection | Low | Open | SOC365 Engine | SRV-FILE-01 | h.roberts | RU Russia | EmilyAI (auto) | T1090.003 |
| ALR-00042 | 5d ago | Credential Stuffing Attempt | Low | Escalated | SOC365 Engine | SRV-BACKUP-01 | k.brown | VN Vietnam | EmilyAI (auto) | T1110.004 |
| ALR-00128 | 6d ago | Certificate Anomaly | Low | Investigating | Endpoint Agent | VM-DEV-01 | e.evans | GB United Kingdom | EmilyAI (auto) | T1553.004 |
| ALR-00165 | 6d ago | Certificate Anomaly | Low | Escalated | Firewall | WS-PC-004 | n.clark | NL Netherlands | EmilyAI (auto) | T1553.004 |
| ALR-00077 | 6d ago | Pass-the-Hash Detected | Low | Resolved | SOC365 Engine | SRV-BACKUP-01 | p.thomas | CN China | EmilyAI (auto) | T1550.002 |
| ALR-00020 | 6d ago | Suspicious PowerShell Execution | Low | False Positive | Cloud Connector | SRV-APP-01 | a.wilson | FR France | EmilyAI (auto) | T1059.001 |
| ALR-00169 | 6d ago | Tor Exit Node Connection | Low | Open | Network IDS | SRV-FILE-01 | c.williams | UA Ukraine | EmilyAI (auto) | T1090.003 |
| ALR-00236 | 6d ago | Anomalous DNS Query | Low | Escalated | Dark Web Monitor | AP-WIFI-03 | a.wilson | IN India | EmilyAI (auto) | T1568.002 |
| ALR-00173 | 6d ago | Port Scan Detected | Low | False Positive | Attack Surface Scanner | SRV-WEB-01 | j.smith | FR France | EmilyAI (auto) | T1046 |
| ALR-00224 | 6d ago | Failed MFA Challenge | Low | Open | DLP Module | SRV-FILE-01 | l.johnson | DE Germany | EmilyAI (auto) | T1621 |
| ALR-00263 | 6d ago | Lateral Movement Detected | Low | False Positive | Firewall | SRV-WEB-01 | k.brown | IR Iran | EmilyAI (auto) | T1021.002 |
| ALR-00030 | 6d ago | Lateral Movement Detected | Low | Resolved | Endpoint Agent | WS-PC-004 | c.williams | US United States | EmilyAI (auto) | T1021.002 |
| ALR-00061 | 6d ago | Credential Stuffing Attempt | Low | Resolved | EmilyAI Triage | WS-PC-004 | d.walker | NG Nigeria | EmilyAI (auto) | T1110.004 |
| ALR-00183 | 6d ago | Tor Exit Node Connection | Low | Open | Dark Web Monitor | VM-DEV-01 | m.taylor | NL Netherlands | EmilyAI (auto) | T1090.003 |