Low Alerts
100 alerts
| ID | Timestamp | Alert Type | Severity | Status | Source | Hostname | User | Origin | Analyst | MITRE |
|---|---|---|---|---|---|---|---|---|---|---|
| ALR-00129 | 34m ago | Tor Exit Node Connection | Low | False Positive | Attack Surface Scanner | FW-EDGE-01 | f.hall | UA Ukraine | EmilyAI (auto) | T1090.003 |
| ALR-00197 | 49m ago | Suspicious Scheduled Task | Low | False Positive | Network IDS | WS-PC-002 | h.roberts | KP North Korea | EmilyAI (auto) | T1053.005 |
| ALR-00131 | 57m ago | Insider Threat Indicator | Low | Resolved | Dark Web Monitor | WS-MAC-005 | k.brown | RU Russia | EmilyAI (auto) | T1119 |
| ALR-00032 | 9h ago | Privilege Escalation Attempt | Low | Investigating | EmilyAI Triage | SRV-BACKUP-01 | r.davies | DE Germany | EmilyAI (auto) | T1134 |
| ALR-00194 | 9h ago | Failed MFA Challenge | Low | Resolved | Dark Web Monitor | WS-PC-006 | h.roberts | FR France | EmilyAI (auto) | T1621 |
| ALR-00109 | 12h ago | Anomalous DNS Query | Low | False Positive | EmilyAI Triage | SRV-MAIL-01 | a.wilson | UA Ukraine | EmilyAI (auto) | T1568.002 |
| ALR-00140 | 12h ago | Unusual Outbound Traffic | Low | Investigating | Email Gateway | WS-MAC-005 | n.clark | US United States | EmilyAI (auto) | T1041 |
| ALR-00132 | 13h ago | DecoyPulse Honeypot Triggered | Low | Resolved | DLP Module | WS-PC-003 | r.davies | NL Netherlands | EmilyAI (auto) | T1018 |
| ALR-00058 | 19h ago | Phishing Email Blocked | Low | Resolved | SOC365 Engine | WS-PC-004 | c.williams | NG Nigeria | EmilyAI (auto) | T1566.001 |
| ALR-00102 | 20h ago | Anomalous DNS Query | Low | Open | EmilyAI Triage | SRV-DC-01 | n.clark | GB United Kingdom | EmilyAI (auto) | T1568.002 |
| ALR-00067 | 20h ago | Certificate Anomaly | Low | Resolved | DecoyPulse | WS-PC-001 | a.wilson | FR France | EmilyAI (auto) | T1553.004 |
| ALR-00182 | 21h ago | Lateral Movement Detected | Low | Investigating | Cloud Connector | AP-WIFI-03 | p.thomas | US United States | EmilyAI (auto) | T1021.002 |
| ALR-00264 | 22h ago | Anomalous DNS Query | Low | Resolved | Dark Web Monitor | SRV-APP-01 | c.williams | RO Romania | EmilyAI (auto) | T1568.002 |
| ALR-00106 | 1d ago | Tor Exit Node Connection | Low | Investigating | Attack Surface Scanner | WS-PC-002 | d.walker | NL Netherlands | EmilyAI (auto) | T1090.003 |
| ALR-00073 | 1d ago | Rogue DHCP Server | Low | Investigating | Firewall | SRV-WEB-01 | s.jones | NG Nigeria | EmilyAI (auto) | T1557.003 |
| ALR-00199 | 1d ago | Brute Force SSH | Low | Investigating | Dark Web Monitor | SRV-WEB-01 | m.taylor | RO Romania | EmilyAI (auto) | T1110.001 |
| ALR-00104 | 1d ago | Privilege Escalation Attempt | Low | Resolved | SOC365 Engine | AP-WIFI-03 | p.thomas | CN China | EmilyAI (auto) | T1134 |
| ALR-00219 | 1d ago | Suspicious PowerShell Execution | Low | False Positive | Attack Surface Scanner | WS-MAC-005 | a.wilson | FR France | EmilyAI (auto) | T1059.001 |
| ALR-00113 | 1d ago | Anomalous DNS Query | Low | Investigating | Dark Web Monitor | SRV-APP-01 | p.thomas | VN Vietnam | EmilyAI (auto) | T1568.002 |
| ALR-00019 | 1d ago | Malware Signature Match | Low | Resolved | Email Gateway | WS-LAP-012 | m.taylor | RU Russia | EmilyAI (auto) | T1204.002 |
| ALR-00185 | 1d ago | DLP Policy Violation | Low | Escalated | Email Gateway | SRV-FILE-01 | f.hall | NG Nigeria | EmilyAI (auto) | T1048 |
| ALR-00181 | 1d ago | Rogue DHCP Server | Low | Open | DLP Module | FW-EDGE-01 | f.hall | UA Ukraine | EmilyAI (auto) | T1557.003 |
| ALR-00015 | 1d ago | Anomalous DNS Query | Low | Investigating | Email Gateway | AP-WIFI-03 | c.williams | NG Nigeria | EmilyAI (auto) | T1568.002 |
| ALR-00170 | 1d ago | Insider Threat Indicator | Low | False Positive | Firewall | SRV-APP-01 | a.wilson | NG Nigeria | EmilyAI (auto) | T1119 |
| ALR-00002 | 1d ago | Insider Threat Indicator | Low | Resolved | Network IDS | SRV-APP-01 | k.brown | RU Russia | EmilyAI (auto) | T1119 |
| ALR-00126 | 1d ago | Anomalous DNS Query | Low | Open | Cloud Connector | SRV-BACKUP-01 | d.walker | NG Nigeria | EmilyAI (auto) | T1568.002 |
| ALR-00134 | 1d ago | Anomalous DNS Query | Low | False Positive | Endpoint Agent | AP-WIFI-03 | k.brown | UA Ukraine | EmilyAI (auto) | T1568.002 |
| ALR-00043 | 1d ago | DecoyPulse Honeypot Triggered | Low | Open | Attack Surface Scanner | WS-LAP-011 | d.walker | BR Brazil | EmilyAI (auto) | T1018 |
| ALR-00072 | 1d ago | Unusual Outbound Traffic | Low | Escalated | SOC365 Engine | SRV-APP-01 | n.clark | GB United Kingdom | EmilyAI (auto) | T1041 |
| ALR-00172 | 1d ago | Privilege Escalation Attempt | Low | Resolved | Attack Surface Scanner | WS-PC-002 | p.thomas | IN India | EmilyAI (auto) | T1134 |
| ALR-00136 | 1d ago | Kerberoasting Attempt | Low | Investigating | EmilyAI Triage | FW-EDGE-01 | k.brown | IN India | EmilyAI (auto) | T1558.003 |
| ALR-00232 | 1d ago | Certificate Anomaly | Low | Open | Firewall | AP-WIFI-03 | e.evans | KP North Korea | EmilyAI (auto) | T1553.004 |
| ALR-00098 | 1d ago | Anomalous DNS Query | Low | False Positive | EmilyAI Triage | SRV-BACKUP-01 | k.brown | RU Russia | EmilyAI (auto) | T1568.002 |
| ALR-00144 | 1d ago | C2 Beacon Activity | Low | Open | SOC365 Engine | WS-PC-004 | a.wilson | RU Russia | EmilyAI (auto) | T1071.001 |
| ALR-00217 | 1d ago | Insider Threat Indicator | Low | Investigating | Firewall | SRV-MAIL-01 | l.johnson | KP North Korea | EmilyAI (auto) | T1119 |
| ALR-00243 | 1d ago | Phishing Email Blocked | Low | False Positive | Dark Web Monitor | WS-PC-004 | n.clark | NL Netherlands | EmilyAI (auto) | T1566.001 |
| ALR-00150 | 1d ago | Anomalous DNS Query | Low | Resolved | Attack Surface Scanner | SW-CORE-01 | p.thomas | KP North Korea | EmilyAI (auto) | T1568.002 |
| ALR-00063 | 2d ago | DLP Policy Violation | Low | Investigating | DecoyPulse | WS-MAC-005 | system | DE Germany | EmilyAI (auto) | T1048 |
| ALR-00016 | 2d ago | Data Exfiltration Attempt | Low | False Positive | Network IDS | SRV-MAIL-01 | system | VN Vietnam | EmilyAI (auto) | T1567.002 |
| ALR-00101 | 2d ago | C2 Beacon Activity | Low | False Positive | EmilyAI Triage | WS-MAC-005 | m.taylor | US United States | EmilyAI (auto) | T1071.001 |
| ALR-00091 | 2d ago | Failed MFA Challenge | Low | Resolved | SOC365 Engine | SW-CORE-01 | h.roberts | CN China | EmilyAI (auto) | T1621 |
| ALR-00265 | 2d ago | Suspicious Scheduled Task | Low | Escalated | Email Gateway | SRV-BACKUP-01 | m.taylor | RO Romania | EmilyAI (auto) | T1053.005 |
| ALR-00018 | 2d ago | C2 Beacon Activity | Low | Investigating | Dark Web Monitor | AP-WIFI-03 | d.walker | KP North Korea | EmilyAI (auto) | T1071.001 |
| ALR-00213 | 2d ago | Unusual Outbound Traffic | Low | Resolved | Firewall | SRV-MAIL-01 | f.hall | NG Nigeria | EmilyAI (auto) | T1041 |
| ALR-00051 | 2d ago | DLP Policy Violation | Low | Escalated | Email Gateway | AP-WIFI-03 | p.thomas | FR France | EmilyAI (auto) | T1048 |
| ALR-00210 | 2d ago | Tor Exit Node Connection | Low | Resolved | Network IDS | WS-LAP-010 | j.smith | US United States | EmilyAI (auto) | T1090.003 |
| ALR-00180 | 2d ago | Certificate Anomaly | Low | Investigating | Cloud Connector | WS-LAP-012 | e.evans | DE Germany | EmilyAI (auto) | T1553.004 |
| ALR-00075 | 2d ago | Phishing Email Blocked | Low | Investigating | Attack Surface Scanner | SRV-SQL-01 | p.thomas | DE Germany | EmilyAI (auto) | T1566.001 |
| ALR-00162 | 2d ago | Lateral Movement Detected | Low | Open | Firewall | WS-PC-004 | p.thomas | RO Romania | EmilyAI (auto) | T1021.002 |
| ALR-00225 | 2d ago | Rogue DHCP Server | Low | Open | Network IDS | SRV-WEB-01 | k.brown | RO Romania | EmilyAI (auto) | T1557.003 |
| ALR-00044 | 2d ago | Shadow IT Discovery | Low | False Positive | Attack Surface Scanner | WS-PC-006 | c.williams | IR Iran | EmilyAI (auto) | T1567 |
| ALR-00226 | 2d ago | Shadow IT Discovery | Low | Open | Email Gateway | SRV-SQL-01 | e.evans | RU Russia | EmilyAI (auto) | T1567 |
| ALR-00024 | 3d ago | Tor Exit Node Connection | Low | Open | DecoyPulse | AP-WIFI-03 | m.taylor | US United States | EmilyAI (auto) | T1090.003 |
| ALR-00146 | 3d ago | Port Scan Detected | Low | Investigating | Firewall | WS-PC-002 | e.evans | NG Nigeria | EmilyAI (auto) | T1046 |
| ALR-00008 | 3d ago | Kerberoasting Attempt | Low | Escalated | EmilyAI Triage | SRV-SQL-01 | h.roberts | DE Germany | EmilyAI (auto) | T1558.003 |
| ALR-00094 | 3d ago | Rogue DHCP Server | Low | Investigating | SOC365 Engine | WS-PC-001 | r.davies | RO Romania | EmilyAI (auto) | T1557.003 |
| ALR-00255 | 3d ago | Shadow IT Discovery | Low | Escalated | Dark Web Monitor | AP-WIFI-03 | r.davies | GB United Kingdom | EmilyAI (auto) | T1567 |
| ALR-00062 | 3d ago | Brute Force SSH | Low | Open | Firewall | SRV-APP-01 | j.smith | DE Germany | EmilyAI (auto) | T1110.001 |
| ALR-00013 | 3d ago | Phishing Email Blocked | Low | Investigating | Dark Web Monitor | WS-PC-002 | r.davies | VN Vietnam | EmilyAI (auto) | T1566.001 |
| ALR-00214 | 3d ago | DLP Policy Violation | Low | Resolved | Dark Web Monitor | SRV-BACKUP-01 | l.johnson | UA Ukraine | EmilyAI (auto) | T1048 |
| ALR-00078 | 3d ago | DLP Policy Violation | Low | False Positive | DecoyPulse | SW-CORE-01 | p.thomas | NL Netherlands | EmilyAI (auto) | T1048 |
| ALR-00054 | 3d ago | Pass-the-Hash Detected | Low | False Positive | Attack Surface Scanner | WS-LAP-010 | d.walker | KP North Korea | EmilyAI (auto) | T1550.002 |
| ALR-00022 | 3d ago | DecoyPulse Honeypot Triggered | Low | Open | Endpoint Agent | WS-PC-003 | h.roberts | FR France | EmilyAI (auto) | T1018 |
| ALR-00211 | 3d ago | Insider Threat Indicator | Low | False Positive | Email Gateway | SRV-MAIL-01 | n.clark | BR Brazil | EmilyAI (auto) | T1119 |
| ALR-00262 | 3d ago | Shadow IT Discovery | Low | Open | Cloud Connector | WS-PC-001 | a.wilson | RU Russia | EmilyAI (auto) | T1567 |
| ALR-00009 | 3d ago | Pass-the-Hash Detected | Low | Investigating | SOC365 Engine | SRV-FILE-01 | h.roberts | RU Russia | EmilyAI (auto) | T1550.002 |
| ALR-00006 | 4d ago | Credential Stuffing Attempt | Low | Resolved | Email Gateway | SRV-MAIL-01 | d.walker | NG Nigeria | EmilyAI (auto) | T1110.004 |
| ALR-00107 | 4d ago | Anomalous DNS Query | Low | Escalated | SOC365 Engine | WS-PC-006 | e.evans | GB United Kingdom | EmilyAI (auto) | T1568.002 |
| ALR-00230 | 4d ago | Data Exfiltration Attempt | Low | Open | DLP Module | SRV-FILE-01 | f.hall | US United States | EmilyAI (auto) | T1567.002 |
| ALR-00203 | 4d ago | Suspicious PowerShell Execution | Low | False Positive | EmilyAI Triage | FW-EDGE-01 | j.smith | RU Russia | EmilyAI (auto) | T1059.001 |
| ALR-00064 | 4d ago | Privilege Escalation Attempt | Low | Investigating | DecoyPulse | SRV-DC-01 | a.wilson | IR Iran | EmilyAI (auto) | T1134 |
| ALR-00088 | 4d ago | Malware Signature Match | Low | False Positive | DecoyPulse | SRV-WEB-01 | h.roberts | RO Romania | EmilyAI (auto) | T1204.002 |
| ALR-00201 | 4d ago | Insider Threat Indicator | Low | Open | Cloud Connector | AP-WIFI-03 | e.evans | GB United Kingdom | EmilyAI (auto) | T1119 |
| ALR-00125 | 4d ago | Suspicious PowerShell Execution | Low | Open | Firewall | SRV-APP-01 | c.williams | KP North Korea | EmilyAI (auto) | T1059.001 |
| ALR-00200 | 4d ago | Port Scan Detected | Low | Open | EmilyAI Triage | SRV-FILE-01 | f.hall | UA Ukraine | EmilyAI (auto) | T1046 |
| ALR-00149 | 4d ago | Suspicious Scheduled Task | Low | Resolved | Endpoint Agent | WS-PC-002 | a.wilson | BR Brazil | EmilyAI (auto) | T1053.005 |
| ALR-00212 | 4d ago | DecoyPulse Honeypot Triggered | Low | Escalated | SOC365 Engine | SRV-DC-01 | r.davies | KP North Korea | EmilyAI (auto) | T1018 |
| ALR-00124 | 4d ago | Rogue DHCP Server | Low | Resolved | Attack Surface Scanner | VM-DEV-01 | l.johnson | IR Iran | EmilyAI (auto) | T1557.003 |
| ALR-00135 | 4d ago | Phishing Email Blocked | Low | Escalated | DLP Module | SRV-DC-01 | r.davies | FR France | EmilyAI (auto) | T1566.001 |
| ALR-00251 | 4d ago | Brute Force SSH | Low | Investigating | EmilyAI Triage | SRV-WEB-01 | m.taylor | GB United Kingdom | EmilyAI (auto) | T1110.001 |
| ALR-00116 | 4d ago | Credential Stuffing Attempt | Low | Resolved | Firewall | SRV-SQL-01 | h.roberts | CN China | EmilyAI (auto) | T1110.004 |
| ALR-00127 | 5d ago | Phishing Email Blocked | Low | Investigating | Attack Surface Scanner | SRV-MAIL-01 | s.jones | UA Ukraine | EmilyAI (auto) | T1566.001 |
| ALR-00220 | 5d ago | Port Scan Detected | Low | Resolved | Dark Web Monitor | SRV-DC-01 | p.thomas | IN India | EmilyAI (auto) | T1046 |
| ALR-00033 | 5d ago | Anomalous DNS Query | Low | Open | Endpoint Agent | WS-LAP-012 | e.evans | GB United Kingdom | EmilyAI (auto) | T1568.002 |
| ALR-00163 | 5d ago | Privilege Escalation Attempt | Low | Escalated | Cloud Connector | SRV-APP-01 | d.walker | NG Nigeria | EmilyAI (auto) | T1134 |
| ALR-00161 | 5d ago | Data Exfiltration Attempt | Low | Resolved | Email Gateway | WS-PC-001 | r.davies | UA Ukraine | EmilyAI (auto) | T1567.002 |
| ALR-00252 | 5d ago | DLP Policy Violation | Low | False Positive | Cloud Connector | SRV-APP-01 | m.taylor | NG Nigeria | EmilyAI (auto) | T1048 |
| ALR-00253 | 5d ago | Shadow IT Discovery | Low | Escalated | Email Gateway | WS-PC-003 | p.thomas | IN India | EmilyAI (auto) | T1567 |
| ALR-00025 | 5d ago | Insider Threat Indicator | Low | Open | Cloud Connector | WS-PC-002 | f.hall | IR Iran | EmilyAI (auto) | T1119 |
| ALR-00141 | 5d ago | Credential Stuffing Attempt | Low | Escalated | Cloud Connector | WS-PC-001 | h.roberts | KP North Korea | EmilyAI (auto) | T1110.004 |
| ALR-00250 | 5d ago | Phishing Email Blocked | Low | Resolved | Attack Surface Scanner | VM-DEV-01 | k.brown | UA Ukraine | EmilyAI (auto) | T1566.001 |
| ALR-00115 | 6d ago | Privilege Escalation Attempt | Low | Open | Attack Surface Scanner | WS-MAC-005 | a.wilson | DE Germany | EmilyAI (auto) | T1134 |
| ALR-00178 | 6d ago | Insider Threat Indicator | Low | Escalated | Email Gateway | SW-CORE-01 | d.walker | US United States | EmilyAI (auto) | T1119 |
| ALR-00218 | 6d ago | Ransomware Behaviour Detected | Low | False Positive | Firewall | SRV-SQL-01 | m.taylor | NG Nigeria | EmilyAI (auto) | T1486 |
| ALR-00021 | 6d ago | Kerberoasting Attempt | Low | False Positive | Attack Surface Scanner | SRV-MAIL-01 | m.taylor | KP North Korea | EmilyAI (auto) | T1558.003 |
| ALR-00096 | 6d ago | Suspicious Scheduled Task | Low | Investigating | Email Gateway | FW-EDGE-01 | d.walker | CN China | EmilyAI (auto) | T1053.005 |
| ALR-00256 | 6d ago | Ransomware Behaviour Detected | Low | Open | Endpoint Agent | SRV-APP-01 | m.taylor | US United States | EmilyAI (auto) | T1486 |
| ALR-00166 | 6d ago | Kerberoasting Attempt | Low | Escalated | DecoyPulse | WS-PC-001 | s.jones | VN Vietnam | EmilyAI (auto) | T1558.003 |
| ALR-00086 | 6d ago | Kerberoasting Attempt | Low | Open | DecoyPulse | SW-CORE-01 | f.hall | US United States | EmilyAI (auto) | T1558.003 |
| ALR-00159 | 6d ago | DLP Policy Violation | Low | Open | Dark Web Monitor | WS-PC-004 | e.evans | IN India | EmilyAI (auto) | T1048 |