Low Alerts — SOC in a Box Demo

100 alerts

Critical: 2 High: 16 Medium: 72 Low: 268

ID	Timestamp	Alert Type	Severity	Status	Source	Hostname	User	Origin	Analyst	MITRE
ALR-00199	2h ago	Pass-the-Hash Detected	Low	Open	SOC365 Engine	SRV-SQL-01	a.wilson	UA Ukraine	EmilyAI (auto)	`T1550.002`
ALR-00123	3h ago	Insider Threat Indicator	Low	Investigating	Endpoint Agent	VM-DEV-01	k.brown	RU Russia	EmilyAI (auto)	`T1119`
ALR-00271	4h ago	Credential Stuffing Attempt	Low	Open	Firewall	WS-PC-004	h.roberts	US United States	EmilyAI (auto)	`T1110.004`
ALR-00183	5h ago	Data Exfiltration Attempt	Low	Resolved	Endpoint Agent	WS-PC-002	a.wilson	US United States	EmilyAI (auto)	`T1567.002`
ALR-00216	7h ago	Anomalous DNS Query	Low	Escalated	Email Gateway	WS-PC-004	d.walker	VN Vietnam	EmilyAI (auto)	`T1568.002`
ALR-00035	8h ago	Ransomware Behaviour Detected	Low	False Positive	SOC365 Engine	SRV-SQL-01	k.brown	KP North Korea	EmilyAI (auto)	`T1486`
ALR-00054	9h ago	Privilege Escalation Attempt	Low	Investigating	Firewall	SRV-WEB-01	n.clark	VN Vietnam	EmilyAI (auto)	`T1134`
ALR-00222	10h ago	Data Exfiltration Attempt	Low	Escalated	Endpoint Agent	SRV-MAIL-01	n.clark	UA Ukraine	EmilyAI (auto)	`T1567.002`
ALR-00259	12h ago	Rogue DHCP Server	Low	Resolved	SOC365 Engine	SW-CORE-01	n.clark	DE Germany	EmilyAI (auto)	`T1557.003`
ALR-00099	19h ago	Kerberoasting Attempt	Low	Open	EmilyAI Triage	SRV-BACKUP-01	h.roberts	NL Netherlands	EmilyAI (auto)	`T1558.003`
ALR-00162	1d ago	Suspicious PowerShell Execution	Low	Open	DecoyPulse	WS-LAP-011	c.williams	US United States	EmilyAI (auto)	`T1059.001`
ALR-00252	1d ago	Phishing Email Blocked	Low	Open	Email Gateway	WS-MAC-005	d.walker	CN China	EmilyAI (auto)	`T1566.001`
ALR-00214	1d ago	Rogue DHCP Server	Low	Escalated	DecoyPulse	SRV-BACKUP-01	a.wilson	UA Ukraine	EmilyAI (auto)	`T1557.003`
ALR-00263	1d ago	Malware Signature Match	Low	Open	Network IDS	WS-PC-006	l.johnson	NL Netherlands	EmilyAI (auto)	`T1204.002`
ALR-00142	1d ago	Suspicious Scheduled Task	Low	Escalated	SOC365 Engine	WS-LAP-011	c.williams	VN Vietnam	EmilyAI (auto)	`T1053.005`
ALR-00060	1d ago	Unauthorised USB Device	Low	Escalated	Cloud Connector	WS-PC-006	d.walker	UA Ukraine	EmilyAI (auto)	`T1091`
ALR-00153	1d ago	Phishing Email Blocked	Low	Resolved	EmilyAI Triage	WS-PC-001	k.brown	NL Netherlands	EmilyAI (auto)	`T1566.001`
ALR-00120	1d ago	Failed MFA Challenge	Low	Resolved	Dark Web Monitor	SRV-APP-01	n.clark	BR Brazil	EmilyAI (auto)	`T1621`
ALR-00154	1d ago	Phishing Email Blocked	Low	Resolved	Attack Surface Scanner	WS-PC-003	a.wilson	KP North Korea	EmilyAI (auto)	`T1566.001`
ALR-00093	1d ago	Phishing Email Blocked	Low	Resolved	SOC365 Engine	WS-MAC-005	j.smith	BR Brazil	EmilyAI (auto)	`T1566.001`
ALR-00006	1d ago	Unusual Outbound Traffic	Low	Open	DecoyPulse	WS-MAC-005	d.walker	IR Iran	EmilyAI (auto)	`T1041`
ALR-00177	1d ago	Ransomware Behaviour Detected	Low	False Positive	EmilyAI Triage	SRV-BACKUP-01	n.clark	IR Iran	EmilyAI (auto)	`T1486`
ALR-00090	1d ago	Suspicious Scheduled Task	Low	False Positive	Cloud Connector	SRV-WEB-01	a.wilson	IN India	EmilyAI (auto)	`T1053.005`
ALR-00050	2d ago	Ransomware Behaviour Detected	Low	Escalated	Attack Surface Scanner	WS-MAC-005	h.roberts	BR Brazil	EmilyAI (auto)	`T1486`
ALR-00163	2d ago	Brute Force SSH	Low	False Positive	Cloud Connector	SRV-APP-01	p.thomas	RU Russia	EmilyAI (auto)	`T1110.001`
ALR-00013	2d ago	Failed MFA Challenge	Low	Escalated	EmilyAI Triage	WS-LAP-012	e.evans	FR France	EmilyAI (auto)	`T1621`
ALR-00213	2d ago	Tor Exit Node Connection	Low	Resolved	EmilyAI Triage	SRV-APP-01	p.thomas	CN China	EmilyAI (auto)	`T1090.003`
ALR-00231	2d ago	Credential Stuffing Attempt	Low	Resolved	Network IDS	WS-PC-003	d.walker	IN India	EmilyAI (auto)	`T1110.004`
ALR-00180	2d ago	Anomalous DNS Query	Low	Open	Endpoint Agent	FW-EDGE-01	d.walker	US United States	EmilyAI (auto)	`T1568.002`
ALR-00103	2d ago	Failed MFA Challenge	Low	False Positive	Network IDS	WS-PC-001	p.thomas	CN China	EmilyAI (auto)	`T1621`
ALR-00160	2d ago	Shadow IT Discovery	Low	Resolved	DecoyPulse	WS-LAP-011	d.walker	DE Germany	EmilyAI (auto)	`T1567`
ALR-00243	2d ago	C2 Beacon Activity	Low	Open	Dark Web Monitor	SRV-BACKUP-01	system	IR Iran	EmilyAI (auto)	`T1071.001`
ALR-00046	2d ago	Kerberoasting Attempt	Low	False Positive	Email Gateway	SRV-FILE-01	l.johnson	RU Russia	EmilyAI (auto)	`T1558.003`
ALR-00205	2d ago	Brute Force SSH	Low	Escalated	DLP Module	SW-CORE-01	system	VN Vietnam	EmilyAI (auto)	`T1110.001`
ALR-00229	2d ago	Malware Signature Match	Low	Escalated	Endpoint Agent	SW-CORE-01	h.roberts	FR France	EmilyAI (auto)	`T1204.002`
ALR-00128	3d ago	Phishing Email Blocked	Low	Open	DecoyPulse	WS-PC-002	p.thomas	RU Russia	EmilyAI (auto)	`T1566.001`
ALR-00251	3d ago	Shadow IT Discovery	Low	Investigating	Firewall	WS-PC-006	p.thomas	DE Germany	EmilyAI (auto)	`T1567`
ALR-00051	3d ago	Shadow IT Discovery	Low	Escalated	Dark Web Monitor	SRV-BACKUP-01	m.taylor	NG Nigeria	EmilyAI (auto)	`T1567`
ALR-00115	3d ago	DecoyPulse Honeypot Triggered	Low	Investigating	Dark Web Monitor	SRV-DC-01	k.brown	RU Russia	EmilyAI (auto)	`T1018`
ALR-00264	3d ago	DecoyPulse Honeypot Triggered	Low	Investigating	Dark Web Monitor	WS-LAP-010	a.wilson	RU Russia	EmilyAI (auto)	`T1018`
ALR-00209	3d ago	Unauthorised USB Device	Low	Escalated	Email Gateway	SRV-SQL-01	k.brown	NG Nigeria	EmilyAI (auto)	`T1091`
ALR-00039	3d ago	Data Exfiltration Attempt	Low	Escalated	SOC365 Engine	SRV-BACKUP-01	s.jones	RO Romania	EmilyAI (auto)	`T1567.002`
ALR-00173	3d ago	Suspicious Scheduled Task	Low	Resolved	Firewall	AP-WIFI-03	j.smith	NL Netherlands	EmilyAI (auto)	`T1053.005`
ALR-00077	3d ago	Unauthorised USB Device	Low	Resolved	Network IDS	WS-PC-002	c.williams	UA Ukraine	EmilyAI (auto)	`T1091`
ALR-00088	3d ago	Certificate Anomaly	Low	Resolved	DLP Module	WS-MAC-005	k.brown	IR Iran	EmilyAI (auto)	`T1553.004`
ALR-00141	3d ago	Insider Threat Indicator	Low	Resolved	Attack Surface Scanner	WS-PC-006	m.taylor	RU Russia	EmilyAI (auto)	`T1119`
ALR-00089	3d ago	DLP Policy Violation	Low	Open	Dark Web Monitor	WS-LAP-012	system	UA Ukraine	EmilyAI (auto)	`T1048`
ALR-00175	3d ago	Lateral Movement Detected	Low	False Positive	DLP Module	WS-LAP-012	k.brown	IN India	EmilyAI (auto)	`T1021.002`
ALR-00098	4d ago	DLP Policy Violation	Low	Investigating	EmilyAI Triage	VM-DEV-01	s.jones	NG Nigeria	EmilyAI (auto)	`T1048`
ALR-00095	4d ago	Privilege Escalation Attempt	Low	Investigating	Endpoint Agent	WS-LAP-011	e.evans	DE Germany	EmilyAI (auto)	`T1134`
ALR-00132	4d ago	Unauthorised USB Device	Low	Escalated	Attack Surface Scanner	SRV-WEB-01	system	RO Romania	EmilyAI (auto)	`T1091`
ALR-00170	4d ago	Data Exfiltration Attempt	Low	False Positive	Network IDS	WS-LAP-011	m.taylor	BR Brazil	EmilyAI (auto)	`T1567.002`
ALR-00165	4d ago	Phishing Email Blocked	Low	False Positive	DLP Module	VM-DEV-01	e.evans	NG Nigeria	EmilyAI (auto)	`T1566.001`
ALR-00012	4d ago	Tor Exit Node Connection	Low	Resolved	Endpoint Agent	SRV-WEB-01	h.roberts	NG Nigeria	EmilyAI (auto)	`T1090.003`
ALR-00245	4d ago	Credential Stuffing Attempt	Low	Open	SOC365 Engine	WS-LAP-011	r.davies	NL Netherlands	EmilyAI (auto)	`T1110.004`
ALR-00107	4d ago	Unauthorised USB Device	Low	Open	Cloud Connector	SRV-DC-01	a.wilson	KP North Korea	EmilyAI (auto)	`T1091`
ALR-00232	4d ago	Failed MFA Challenge	Low	Resolved	EmilyAI Triage	WS-MAC-005	c.williams	BR Brazil	EmilyAI (auto)	`T1621`
ALR-00078	4d ago	Certificate Anomaly	Low	False Positive	Email Gateway	SRV-WEB-01	j.smith	RU Russia	EmilyAI (auto)	`T1553.004`
ALR-00023	4d ago	Phishing Email Blocked	Low	Resolved	DecoyPulse	SRV-BACKUP-01	p.thomas	NG Nigeria	EmilyAI (auto)	`T1566.001`
ALR-00116	4d ago	Shadow IT Discovery	Low	Investigating	SOC365 Engine	SRV-APP-01	p.thomas	DE Germany	EmilyAI (auto)	`T1567`
ALR-00164	4d ago	Lateral Movement Detected	Low	Escalated	DecoyPulse	SRV-SQL-01	system	FR France	EmilyAI (auto)	`T1021.002`
ALR-00052	4d ago	Certificate Anomaly	Low	Resolved	SOC365 Engine	WS-MAC-005	j.smith	CN China	EmilyAI (auto)	`T1553.004`
ALR-00031	4d ago	Tor Exit Node Connection	Low	Resolved	Firewall	SW-CORE-01	s.jones	IN India	EmilyAI (auto)	`T1090.003`
ALR-00254	4d ago	Pass-the-Hash Detected	Low	Escalated	Attack Surface Scanner	AP-WIFI-03	n.clark	VN Vietnam	EmilyAI (auto)	`T1550.002`
ALR-00048	5d ago	Suspicious Scheduled Task	Low	Open	Firewall	SRV-DC-01	m.taylor	UA Ukraine	EmilyAI (auto)	`T1053.005`
ALR-00159	5d ago	Ransomware Behaviour Detected	Low	Open	SOC365 Engine	SRV-APP-01	j.smith	US United States	EmilyAI (auto)	`T1486`
ALR-00102	5d ago	DLP Policy Violation	Low	Investigating	DecoyPulse	SRV-WEB-01	f.hall	VN Vietnam	EmilyAI (auto)	`T1048`
ALR-00195	5d ago	Unauthorised USB Device	Low	Escalated	Attack Surface Scanner	AP-WIFI-03	p.thomas	GB United Kingdom	EmilyAI (auto)	`T1091`
ALR-00148	5d ago	C2 Beacon Activity	Low	Resolved	DLP Module	SRV-MAIL-01	l.johnson	IR Iran	EmilyAI (auto)	`T1071.001`
ALR-00221	5d ago	Kerberoasting Attempt	Low	False Positive	SOC365 Engine	AP-WIFI-03	p.thomas	UA Ukraine	EmilyAI (auto)	`T1558.003`
ALR-00174	5d ago	Tor Exit Node Connection	Low	False Positive	DLP Module	SRV-WEB-01	a.wilson	CN China	EmilyAI (auto)	`T1090.003`
ALR-00172	5d ago	Suspicious PowerShell Execution	Low	False Positive	Network IDS	SRV-FILE-01	a.wilson	NG Nigeria	EmilyAI (auto)	`T1059.001`
ALR-00152	5d ago	Credential Stuffing Attempt	Low	False Positive	DecoyPulse	SRV-SQL-01	p.thomas	US United States	EmilyAI (auto)	`T1110.004`
ALR-00260	5d ago	Rogue DHCP Server	Low	Open	Email Gateway	SRV-SQL-01	m.taylor	UA Ukraine	EmilyAI (auto)	`T1557.003`
ALR-00236	5d ago	Unauthorised USB Device	Low	Investigating	Firewall	WS-LAP-012	j.smith	UA Ukraine	EmilyAI (auto)	`T1091`
ALR-00192	5d ago	Unusual Outbound Traffic	Low	Investigating	DecoyPulse	SW-CORE-01	m.taylor	IN India	EmilyAI (auto)	`T1041`
ALR-00265	5d ago	Suspicious Scheduled Task	Low	False Positive	DecoyPulse	WS-PC-002	l.johnson	VN Vietnam	EmilyAI (auto)	`T1053.005`
ALR-00057	5d ago	DecoyPulse Honeypot Triggered	Low	Resolved	EmilyAI Triage	SRV-MAIL-01	r.davies	FR France	EmilyAI (auto)	`T1018`
ALR-00087	6d ago	Tor Exit Node Connection	Low	Escalated	Firewall	WS-PC-003	d.walker	DE Germany	EmilyAI (auto)	`T1090.003`
ALR-00204	6d ago	Unauthorised USB Device	Low	False Positive	EmilyAI Triage	AP-WIFI-03	d.walker	GB United Kingdom	EmilyAI (auto)	`T1091`
ALR-00043	6d ago	Suspicious Scheduled Task	Low	False Positive	Network IDS	WS-LAP-011	j.smith	FR France	EmilyAI (auto)	`T1053.005`
ALR-00241	6d ago	Ransomware Behaviour Detected	Low	Resolved	DecoyPulse	WS-PC-006	j.smith	BR Brazil	EmilyAI (auto)	`T1486`
ALR-00070	6d ago	DecoyPulse Honeypot Triggered	Low	Resolved	Firewall	WS-PC-003	s.jones	VN Vietnam	EmilyAI (auto)	`T1018`
ALR-00235	6d ago	Unusual Outbound Traffic	Low	Escalated	Endpoint Agent	SW-CORE-01	f.hall	NG Nigeria	EmilyAI (auto)	`T1041`
ALR-00179	6d ago	Suspicious Scheduled Task	Low	Investigating	DLP Module	WS-LAP-010	system	IN India	EmilyAI (auto)	`T1053.005`
ALR-00105	6d ago	Ransomware Behaviour Detected	Low	Resolved	EmilyAI Triage	SRV-SQL-01	m.taylor	FR France	EmilyAI (auto)	`T1486`
ALR-00169	6d ago	Shadow IT Discovery	Low	Investigating	EmilyAI Triage	WS-PC-003	m.taylor	IR Iran	EmilyAI (auto)	`T1567`
ALR-00015	6d ago	Brute Force SSH	Low	Escalated	DecoyPulse	WS-MAC-005	j.smith	RU Russia	EmilyAI (auto)	`T1110.001`
ALR-00109	6d ago	Unusual Outbound Traffic	Low	False Positive	Cloud Connector	SRV-WEB-01	e.evans	IR Iran	EmilyAI (auto)	`T1041`
ALR-00138	6d ago	Brute Force SSH	Low	Resolved	Email Gateway	SRV-SQL-01	system	KP North Korea	EmilyAI (auto)	`T1110.001`
ALR-00016	6d ago	Unusual Outbound Traffic	Low	Escalated	Endpoint Agent	SW-CORE-01	s.jones	US United States	EmilyAI (auto)	`T1041`
ALR-00086	6d ago	Privilege Escalation Attempt	Low	Resolved	Dark Web Monitor	WS-PC-002	system	BR Brazil	EmilyAI (auto)	`T1134`
ALR-00190	6d ago	Failed MFA Challenge	Low	Investigating	Network IDS	WS-PC-004	f.hall	KP North Korea	EmilyAI (auto)	`T1621`
ALR-00082	6d ago	DecoyPulse Honeypot Triggered	Low	False Positive	Email Gateway	SRV-WEB-01	system	RU Russia	EmilyAI (auto)	`T1018`
ALR-00272	6d ago	Ransomware Behaviour Detected	Low	Open	Attack Surface Scanner	WS-PC-001	f.hall	GB United Kingdom	EmilyAI (auto)	`T1486`
ALR-00203	6d ago	Rogue DHCP Server	Low	Open	DLP Module	WS-PC-006	d.walker	BR Brazil	EmilyAI (auto)	`T1557.003`
ALR-00255	6d ago	Anomalous DNS Query	Low	Investigating	DecoyPulse	SW-CORE-01	a.wilson	FR France	EmilyAI (auto)	`T1568.002`
ALR-00246	6d ago	Insider Threat Indicator	Low	False Positive	Cloud Connector	AP-WIFI-03	c.williams	IN India	EmilyAI (auto)	`T1119`
ALR-00027	6d ago	Unauthorised USB Device	Low	False Positive	EmilyAI Triage	WS-MAC-005	d.walker	KP North Korea	EmilyAI (auto)	`T1091`
ALR-00244	6d ago	Ransomware Behaviour Detected	Low	Resolved	Cloud Connector	WS-MAC-005	r.davies	RU Russia	EmilyAI (auto)	`T1486`