Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:36:33 UTC

Low Alerts

Clear
ID Timestamp Alert Type Severity Status Source Hostname User Origin Analyst MITRE
ALR-00129 34m ago Tor Exit Node Connection Low False Positive Attack Surface Scanner FW-EDGE-01 f.hall UA Ukraine EmilyAI (auto) T1090.003
ALR-00197 49m ago Suspicious Scheduled Task Low False Positive Network IDS WS-PC-002 h.roberts KP North Korea EmilyAI (auto) T1053.005
ALR-00131 57m ago Insider Threat Indicator Low Resolved Dark Web Monitor WS-MAC-005 k.brown RU Russia EmilyAI (auto) T1119
ALR-00032 9h ago Privilege Escalation Attempt Low Investigating EmilyAI Triage SRV-BACKUP-01 r.davies DE Germany EmilyAI (auto) T1134
ALR-00194 9h ago Failed MFA Challenge Low Resolved Dark Web Monitor WS-PC-006 h.roberts FR France EmilyAI (auto) T1621
ALR-00109 12h ago Anomalous DNS Query Low False Positive EmilyAI Triage SRV-MAIL-01 a.wilson UA Ukraine EmilyAI (auto) T1568.002
ALR-00140 12h ago Unusual Outbound Traffic Low Investigating Email Gateway WS-MAC-005 n.clark US United States EmilyAI (auto) T1041
ALR-00132 13h ago DecoyPulse Honeypot Triggered Low Resolved DLP Module WS-PC-003 r.davies NL Netherlands EmilyAI (auto) T1018
ALR-00058 19h ago Phishing Email Blocked Low Resolved SOC365 Engine WS-PC-004 c.williams NG Nigeria EmilyAI (auto) T1566.001
ALR-00102 20h ago Anomalous DNS Query Low Open EmilyAI Triage SRV-DC-01 n.clark GB United Kingdom EmilyAI (auto) T1568.002
ALR-00067 20h ago Certificate Anomaly Low Resolved DecoyPulse WS-PC-001 a.wilson FR France EmilyAI (auto) T1553.004
ALR-00182 21h ago Lateral Movement Detected Low Investigating Cloud Connector AP-WIFI-03 p.thomas US United States EmilyAI (auto) T1021.002
ALR-00264 22h ago Anomalous DNS Query Low Resolved Dark Web Monitor SRV-APP-01 c.williams RO Romania EmilyAI (auto) T1568.002
ALR-00106 1d ago Tor Exit Node Connection Low Investigating Attack Surface Scanner WS-PC-002 d.walker NL Netherlands EmilyAI (auto) T1090.003
ALR-00073 1d ago Rogue DHCP Server Low Investigating Firewall SRV-WEB-01 s.jones NG Nigeria EmilyAI (auto) T1557.003
ALR-00199 1d ago Brute Force SSH Low Investigating Dark Web Monitor SRV-WEB-01 m.taylor RO Romania EmilyAI (auto) T1110.001
ALR-00104 1d ago Privilege Escalation Attempt Low Resolved SOC365 Engine AP-WIFI-03 p.thomas CN China EmilyAI (auto) T1134
ALR-00219 1d ago Suspicious PowerShell Execution Low False Positive Attack Surface Scanner WS-MAC-005 a.wilson FR France EmilyAI (auto) T1059.001
ALR-00113 1d ago Anomalous DNS Query Low Investigating Dark Web Monitor SRV-APP-01 p.thomas VN Vietnam EmilyAI (auto) T1568.002
ALR-00019 1d ago Malware Signature Match Low Resolved Email Gateway WS-LAP-012 m.taylor RU Russia EmilyAI (auto) T1204.002
ALR-00185 1d ago DLP Policy Violation Low Escalated Email Gateway SRV-FILE-01 f.hall NG Nigeria EmilyAI (auto) T1048
ALR-00181 1d ago Rogue DHCP Server Low Open DLP Module FW-EDGE-01 f.hall UA Ukraine EmilyAI (auto) T1557.003
ALR-00015 1d ago Anomalous DNS Query Low Investigating Email Gateway AP-WIFI-03 c.williams NG Nigeria EmilyAI (auto) T1568.002
ALR-00170 1d ago Insider Threat Indicator Low False Positive Firewall SRV-APP-01 a.wilson NG Nigeria EmilyAI (auto) T1119
ALR-00002 1d ago Insider Threat Indicator Low Resolved Network IDS SRV-APP-01 k.brown RU Russia EmilyAI (auto) T1119
ALR-00126 1d ago Anomalous DNS Query Low Open Cloud Connector SRV-BACKUP-01 d.walker NG Nigeria EmilyAI (auto) T1568.002
ALR-00134 1d ago Anomalous DNS Query Low False Positive Endpoint Agent AP-WIFI-03 k.brown UA Ukraine EmilyAI (auto) T1568.002
ALR-00043 1d ago DecoyPulse Honeypot Triggered Low Open Attack Surface Scanner WS-LAP-011 d.walker BR Brazil EmilyAI (auto) T1018
ALR-00072 1d ago Unusual Outbound Traffic Low Escalated SOC365 Engine SRV-APP-01 n.clark GB United Kingdom EmilyAI (auto) T1041
ALR-00172 1d ago Privilege Escalation Attempt Low Resolved Attack Surface Scanner WS-PC-002 p.thomas IN India EmilyAI (auto) T1134
ALR-00136 1d ago Kerberoasting Attempt Low Investigating EmilyAI Triage FW-EDGE-01 k.brown IN India EmilyAI (auto) T1558.003
ALR-00232 1d ago Certificate Anomaly Low Open Firewall AP-WIFI-03 e.evans KP North Korea EmilyAI (auto) T1553.004
ALR-00098 1d ago Anomalous DNS Query Low False Positive EmilyAI Triage SRV-BACKUP-01 k.brown RU Russia EmilyAI (auto) T1568.002
ALR-00144 1d ago C2 Beacon Activity Low Open SOC365 Engine WS-PC-004 a.wilson RU Russia EmilyAI (auto) T1071.001
ALR-00217 1d ago Insider Threat Indicator Low Investigating Firewall SRV-MAIL-01 l.johnson KP North Korea EmilyAI (auto) T1119
ALR-00243 1d ago Phishing Email Blocked Low False Positive Dark Web Monitor WS-PC-004 n.clark NL Netherlands EmilyAI (auto) T1566.001
ALR-00150 1d ago Anomalous DNS Query Low Resolved Attack Surface Scanner SW-CORE-01 p.thomas KP North Korea EmilyAI (auto) T1568.002
ALR-00063 2d ago DLP Policy Violation Low Investigating DecoyPulse WS-MAC-005 system DE Germany EmilyAI (auto) T1048
ALR-00016 2d ago Data Exfiltration Attempt Low False Positive Network IDS SRV-MAIL-01 system VN Vietnam EmilyAI (auto) T1567.002
ALR-00101 2d ago C2 Beacon Activity Low False Positive EmilyAI Triage WS-MAC-005 m.taylor US United States EmilyAI (auto) T1071.001
ALR-00091 2d ago Failed MFA Challenge Low Resolved SOC365 Engine SW-CORE-01 h.roberts CN China EmilyAI (auto) T1621
ALR-00265 2d ago Suspicious Scheduled Task Low Escalated Email Gateway SRV-BACKUP-01 m.taylor RO Romania EmilyAI (auto) T1053.005
ALR-00018 2d ago C2 Beacon Activity Low Investigating Dark Web Monitor AP-WIFI-03 d.walker KP North Korea EmilyAI (auto) T1071.001
ALR-00213 2d ago Unusual Outbound Traffic Low Resolved Firewall SRV-MAIL-01 f.hall NG Nigeria EmilyAI (auto) T1041
ALR-00051 2d ago DLP Policy Violation Low Escalated Email Gateway AP-WIFI-03 p.thomas FR France EmilyAI (auto) T1048
ALR-00210 2d ago Tor Exit Node Connection Low Resolved Network IDS WS-LAP-010 j.smith US United States EmilyAI (auto) T1090.003
ALR-00180 2d ago Certificate Anomaly Low Investigating Cloud Connector WS-LAP-012 e.evans DE Germany EmilyAI (auto) T1553.004
ALR-00075 2d ago Phishing Email Blocked Low Investigating Attack Surface Scanner SRV-SQL-01 p.thomas DE Germany EmilyAI (auto) T1566.001
ALR-00162 2d ago Lateral Movement Detected Low Open Firewall WS-PC-004 p.thomas RO Romania EmilyAI (auto) T1021.002
ALR-00225 2d ago Rogue DHCP Server Low Open Network IDS SRV-WEB-01 k.brown RO Romania EmilyAI (auto) T1557.003
ALR-00044 2d ago Shadow IT Discovery Low False Positive Attack Surface Scanner WS-PC-006 c.williams IR Iran EmilyAI (auto) T1567
ALR-00226 2d ago Shadow IT Discovery Low Open Email Gateway SRV-SQL-01 e.evans RU Russia EmilyAI (auto) T1567
ALR-00024 3d ago Tor Exit Node Connection Low Open DecoyPulse AP-WIFI-03 m.taylor US United States EmilyAI (auto) T1090.003
ALR-00146 3d ago Port Scan Detected Low Investigating Firewall WS-PC-002 e.evans NG Nigeria EmilyAI (auto) T1046
ALR-00008 3d ago Kerberoasting Attempt Low Escalated EmilyAI Triage SRV-SQL-01 h.roberts DE Germany EmilyAI (auto) T1558.003
ALR-00094 3d ago Rogue DHCP Server Low Investigating SOC365 Engine WS-PC-001 r.davies RO Romania EmilyAI (auto) T1557.003
ALR-00255 3d ago Shadow IT Discovery Low Escalated Dark Web Monitor AP-WIFI-03 r.davies GB United Kingdom EmilyAI (auto) T1567
ALR-00062 3d ago Brute Force SSH Low Open Firewall SRV-APP-01 j.smith DE Germany EmilyAI (auto) T1110.001
ALR-00013 3d ago Phishing Email Blocked Low Investigating Dark Web Monitor WS-PC-002 r.davies VN Vietnam EmilyAI (auto) T1566.001
ALR-00214 3d ago DLP Policy Violation Low Resolved Dark Web Monitor SRV-BACKUP-01 l.johnson UA Ukraine EmilyAI (auto) T1048
ALR-00078 3d ago DLP Policy Violation Low False Positive DecoyPulse SW-CORE-01 p.thomas NL Netherlands EmilyAI (auto) T1048
ALR-00054 3d ago Pass-the-Hash Detected Low False Positive Attack Surface Scanner WS-LAP-010 d.walker KP North Korea EmilyAI (auto) T1550.002
ALR-00022 3d ago DecoyPulse Honeypot Triggered Low Open Endpoint Agent WS-PC-003 h.roberts FR France EmilyAI (auto) T1018
ALR-00211 3d ago Insider Threat Indicator Low False Positive Email Gateway SRV-MAIL-01 n.clark BR Brazil EmilyAI (auto) T1119
ALR-00262 3d ago Shadow IT Discovery Low Open Cloud Connector WS-PC-001 a.wilson RU Russia EmilyAI (auto) T1567
ALR-00009 3d ago Pass-the-Hash Detected Low Investigating SOC365 Engine SRV-FILE-01 h.roberts RU Russia EmilyAI (auto) T1550.002
ALR-00006 4d ago Credential Stuffing Attempt Low Resolved Email Gateway SRV-MAIL-01 d.walker NG Nigeria EmilyAI (auto) T1110.004
ALR-00107 4d ago Anomalous DNS Query Low Escalated SOC365 Engine WS-PC-006 e.evans GB United Kingdom EmilyAI (auto) T1568.002
ALR-00230 4d ago Data Exfiltration Attempt Low Open DLP Module SRV-FILE-01 f.hall US United States EmilyAI (auto) T1567.002
ALR-00203 4d ago Suspicious PowerShell Execution Low False Positive EmilyAI Triage FW-EDGE-01 j.smith RU Russia EmilyAI (auto) T1059.001
ALR-00064 4d ago Privilege Escalation Attempt Low Investigating DecoyPulse SRV-DC-01 a.wilson IR Iran EmilyAI (auto) T1134
ALR-00088 4d ago Malware Signature Match Low False Positive DecoyPulse SRV-WEB-01 h.roberts RO Romania EmilyAI (auto) T1204.002
ALR-00201 4d ago Insider Threat Indicator Low Open Cloud Connector AP-WIFI-03 e.evans GB United Kingdom EmilyAI (auto) T1119
ALR-00125 4d ago Suspicious PowerShell Execution Low Open Firewall SRV-APP-01 c.williams KP North Korea EmilyAI (auto) T1059.001
ALR-00200 4d ago Port Scan Detected Low Open EmilyAI Triage SRV-FILE-01 f.hall UA Ukraine EmilyAI (auto) T1046
ALR-00149 4d ago Suspicious Scheduled Task Low Resolved Endpoint Agent WS-PC-002 a.wilson BR Brazil EmilyAI (auto) T1053.005
ALR-00212 4d ago DecoyPulse Honeypot Triggered Low Escalated SOC365 Engine SRV-DC-01 r.davies KP North Korea EmilyAI (auto) T1018
ALR-00124 4d ago Rogue DHCP Server Low Resolved Attack Surface Scanner VM-DEV-01 l.johnson IR Iran EmilyAI (auto) T1557.003
ALR-00135 4d ago Phishing Email Blocked Low Escalated DLP Module SRV-DC-01 r.davies FR France EmilyAI (auto) T1566.001
ALR-00251 4d ago Brute Force SSH Low Investigating EmilyAI Triage SRV-WEB-01 m.taylor GB United Kingdom EmilyAI (auto) T1110.001
ALR-00116 4d ago Credential Stuffing Attempt Low Resolved Firewall SRV-SQL-01 h.roberts CN China EmilyAI (auto) T1110.004
ALR-00127 5d ago Phishing Email Blocked Low Investigating Attack Surface Scanner SRV-MAIL-01 s.jones UA Ukraine EmilyAI (auto) T1566.001
ALR-00220 5d ago Port Scan Detected Low Resolved Dark Web Monitor SRV-DC-01 p.thomas IN India EmilyAI (auto) T1046
ALR-00033 5d ago Anomalous DNS Query Low Open Endpoint Agent WS-LAP-012 e.evans GB United Kingdom EmilyAI (auto) T1568.002
ALR-00163 5d ago Privilege Escalation Attempt Low Escalated Cloud Connector SRV-APP-01 d.walker NG Nigeria EmilyAI (auto) T1134
ALR-00161 5d ago Data Exfiltration Attempt Low Resolved Email Gateway WS-PC-001 r.davies UA Ukraine EmilyAI (auto) T1567.002
ALR-00252 5d ago DLP Policy Violation Low False Positive Cloud Connector SRV-APP-01 m.taylor NG Nigeria EmilyAI (auto) T1048
ALR-00253 5d ago Shadow IT Discovery Low Escalated Email Gateway WS-PC-003 p.thomas IN India EmilyAI (auto) T1567
ALR-00025 5d ago Insider Threat Indicator Low Open Cloud Connector WS-PC-002 f.hall IR Iran EmilyAI (auto) T1119
ALR-00141 5d ago Credential Stuffing Attempt Low Escalated Cloud Connector WS-PC-001 h.roberts KP North Korea EmilyAI (auto) T1110.004
ALR-00250 5d ago Phishing Email Blocked Low Resolved Attack Surface Scanner VM-DEV-01 k.brown UA Ukraine EmilyAI (auto) T1566.001
ALR-00115 6d ago Privilege Escalation Attempt Low Open Attack Surface Scanner WS-MAC-005 a.wilson DE Germany EmilyAI (auto) T1134
ALR-00178 6d ago Insider Threat Indicator Low Escalated Email Gateway SW-CORE-01 d.walker US United States EmilyAI (auto) T1119
ALR-00218 6d ago Ransomware Behaviour Detected Low False Positive Firewall SRV-SQL-01 m.taylor NG Nigeria EmilyAI (auto) T1486
ALR-00021 6d ago Kerberoasting Attempt Low False Positive Attack Surface Scanner SRV-MAIL-01 m.taylor KP North Korea EmilyAI (auto) T1558.003
ALR-00096 6d ago Suspicious Scheduled Task Low Investigating Email Gateway FW-EDGE-01 d.walker CN China EmilyAI (auto) T1053.005
ALR-00256 6d ago Ransomware Behaviour Detected Low Open Endpoint Agent SRV-APP-01 m.taylor US United States EmilyAI (auto) T1486
ALR-00166 6d ago Kerberoasting Attempt Low Escalated DecoyPulse WS-PC-001 s.jones VN Vietnam EmilyAI (auto) T1558.003
ALR-00086 6d ago Kerberoasting Attempt Low Open DecoyPulse SW-CORE-01 f.hall US United States EmilyAI (auto) T1558.003
ALR-00159 6d ago DLP Policy Violation Low Open Dark Web Monitor WS-PC-004 e.evans IN India EmilyAI (auto) T1048