Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:35:42 UTC

Medium Alerts

Clear
ID Timestamp Alert Type Severity Status Source Hostname User Origin Analyst MITRE
ALR-00065 5m ago Suspicious Scheduled Task Medium Investigating DLP Module SRV-FILE-01 l.johnson NL Netherlands Emma Richardson T1053.005
ALR-00005 1h ago Suspicious PowerShell Execution Medium False Positive DecoyPulse WS-MAC-005 r.davies RO Romania Anika Patel T1059.001
ALR-00267 3h ago Kerberoasting Attempt Medium False Positive Email Gateway SRV-APP-01 l.johnson DE Germany Sarah Chen T1558.003
ALR-00078 4h ago Certificate Anomaly Medium Resolved Firewall SRV-SQL-01 p.thomas VN Vietnam Anika Patel T1553.004
ALR-00070 4h ago Pass-the-Hash Detected Medium Open DLP Module WS-PC-004 p.thomas DE Germany Sarah Chen T1550.002
ALR-00155 5h ago Suspicious Scheduled Task Medium Investigating Network IDS WS-PC-002 s.jones DE Germany Marcus Webb T1053.005
ALR-00076 5h ago Unauthorised USB Device Medium False Positive Firewall SRV-APP-01 p.thomas IR Iran Anika Patel T1091
ALR-00204 7h ago Insider Threat Indicator Medium Open Email Gateway WS-MAC-005 k.brown IN India James Okonkwo T1119
ALR-00145 7h ago Port Scan Detected Medium Open Attack Surface Scanner WS-LAP-012 l.johnson BR Brazil Sarah Chen T1046
ALR-00026 10h ago Insider Threat Indicator Medium Open SOC365 Engine SRV-FILE-01 c.williams VN Vietnam James Okonkwo T1119
ALR-00248 13h ago Brute Force SSH Medium False Positive Network IDS SRV-BACKUP-01 f.hall US United States Marcus Webb T1110.001
ALR-00191 16h ago Port Scan Detected Medium Resolved Dark Web Monitor AP-WIFI-03 p.thomas KP North Korea Marcus Webb T1046
ALR-00275 16h ago Ransomware Behaviour Detected Medium Escalated Cloud Connector SRV-BACKUP-01 f.hall RU Russia Sarah Chen T1486
ALR-00059 16h ago DecoyPulse Honeypot Triggered Medium Investigating Firewall SW-CORE-01 system RO Romania Sarah Chen T1018
ALR-00286 18h ago Rogue DHCP Server Medium Escalated Firewall AP-WIFI-03 p.thomas UA Ukraine Marcus Webb T1557.003
ALR-00173 19h ago Credential Stuffing Attempt Medium Escalated Firewall WS-PC-002 a.wilson CN China Anika Patel T1110.004
ALR-00008 21h ago Privilege Escalation Attempt Medium Resolved DecoyPulse AP-WIFI-03 p.thomas US United States Emma Richardson T1134
ALR-00236 23h ago Tor Exit Node Connection Medium Escalated DecoyPulse WS-PC-004 system BR Brazil Marcus Webb T1090.003
ALR-00115 1d ago Insider Threat Indicator Medium Escalated Dark Web Monitor VM-DEV-01 f.hall KP North Korea Emma Richardson T1119
ALR-00249 1d ago C2 Beacon Activity Medium Resolved Email Gateway WS-PC-006 k.brown US United States Sarah Chen T1071.001
ALR-00151 1d ago Anomalous DNS Query Medium Open DecoyPulse VM-DEV-01 l.johnson UA Ukraine Sarah Chen T1568.002
ALR-00112 1d ago Pass-the-Hash Detected Medium Investigating DecoyPulse SRV-WEB-01 k.brown KP North Korea James Okonkwo T1550.002
ALR-00147 1d ago DLP Policy Violation Medium Escalated Attack Surface Scanner AP-WIFI-03 m.taylor KP North Korea Marcus Webb T1048
ALR-00219 1d ago Failed MFA Challenge Medium Resolved SOC365 Engine VM-DEV-01 m.taylor FR France Marcus Webb T1621
ALR-00188 1d ago Certificate Anomaly Medium Escalated Email Gateway WS-PC-003 a.wilson IN India Emma Richardson T1553.004
ALR-00122 1d ago DecoyPulse Honeypot Triggered Medium Resolved Attack Surface Scanner WS-PC-004 c.williams KP North Korea Marcus Webb T1018
ALR-00011 1d ago Data Exfiltration Attempt Medium False Positive Email Gateway WS-PC-002 h.roberts IN India Sarah Chen T1567.002
ALR-00084 1d ago Tor Exit Node Connection Medium False Positive Endpoint Agent SRV-WEB-01 system CN China Marcus Webb T1090.003
ALR-00038 1d ago Insider Threat Indicator Medium Investigating Attack Surface Scanner FW-EDGE-01 r.davies CN China James Okonkwo T1119
ALR-00105 1d ago Credential Stuffing Attempt Medium Escalated Dark Web Monitor WS-LAP-012 p.thomas RO Romania Emma Richardson T1110.004
ALR-00072 1d ago Rogue DHCP Server Medium Investigating Email Gateway WS-LAP-012 e.evans UA Ukraine James Okonkwo T1557.003
ALR-00229 1d ago C2 Beacon Activity Medium Escalated SOC365 Engine SRV-SQL-01 l.johnson CN China Anika Patel T1071.001
ALR-00063 1d ago Insider Threat Indicator Medium Resolved DecoyPulse AP-WIFI-03 p.thomas KP North Korea Anika Patel T1119
ALR-00329 1d ago Credential Stuffing Attempt Medium Resolved Attack Surface Scanner WS-LAP-010 l.johnson RO Romania Marcus Webb T1110.004
ALR-00060 2d ago Unusual Outbound Traffic Medium Resolved Cloud Connector SRV-BACKUP-01 e.evans GB United Kingdom James Okonkwo T1041
ALR-00339 2d ago Kerberoasting Attempt Medium Escalated EmilyAI Triage WS-PC-006 n.clark CN China Sarah Chen T1558.003
ALR-00270 2d ago C2 Beacon Activity Medium Resolved Attack Surface Scanner WS-PC-003 j.smith NL Netherlands James Okonkwo T1071.001
ALR-00087 2d ago Suspicious Scheduled Task Medium Open Email Gateway SRV-WEB-01 d.walker VN Vietnam Anika Patel T1053.005
ALR-00010 2d ago Port Scan Detected Medium Resolved SOC365 Engine WS-PC-002 a.wilson VN Vietnam Emma Richardson T1046
ALR-00243 2d ago Failed MFA Challenge Medium Resolved SOC365 Engine WS-PC-004 c.williams KP North Korea Anika Patel T1621
ALR-00091 2d ago Shadow IT Discovery Medium Open EmilyAI Triage SRV-DC-01 j.smith VN Vietnam James Okonkwo T1567
ALR-00090 2d ago Suspicious Scheduled Task Medium Open Cloud Connector SRV-DC-01 c.williams US United States Anika Patel T1053.005
ALR-00203 2d ago Privilege Escalation Attempt Medium Investigating EmilyAI Triage SRV-SQL-01 j.smith RO Romania Sarah Chen T1134
ALR-00051 3d ago Pass-the-Hash Detected Medium False Positive Attack Surface Scanner SRV-BACKUP-01 d.walker VN Vietnam James Okonkwo T1550.002
ALR-00113 3d ago Shadow IT Discovery Medium Escalated Cloud Connector WS-PC-001 n.clark BR Brazil Marcus Webb T1567
ALR-00176 3d ago Lateral Movement Detected Medium Open DecoyPulse SRV-DC-01 k.brown UA Ukraine Sarah Chen T1021.002
ALR-00096 3d ago Kerberoasting Attempt Medium Investigating SOC365 Engine AP-WIFI-03 r.davies DE Germany Emma Richardson T1558.003
ALR-00330 3d ago Brute Force SSH Medium Investigating Endpoint Agent WS-PC-004 c.williams US United States Sarah Chen T1110.001
ALR-00142 3d ago Anomalous DNS Query Medium False Positive EmilyAI Triage AP-WIFI-03 r.davies RO Romania Anika Patel T1568.002
ALR-00034 3d ago Data Exfiltration Attempt Medium Escalated SOC365 Engine SRV-SQL-01 e.evans KP North Korea Emma Richardson T1567.002
ALR-00207 3d ago Shadow IT Discovery Medium Escalated Attack Surface Scanner SW-CORE-01 d.walker RO Romania Emma Richardson T1567
ALR-00172 3d ago Unauthorised USB Device Medium Open Attack Surface Scanner SRV-BACKUP-01 j.smith DE Germany James Okonkwo T1091
ALR-00036 3d ago Certificate Anomaly Medium Escalated Attack Surface Scanner SRV-WEB-01 n.clark RU Russia Anika Patel T1553.004
ALR-00107 3d ago Malware Signature Match Medium False Positive Cloud Connector SRV-MAIL-01 j.smith RO Romania James Okonkwo T1204.002
ALR-00042 3d ago Rogue DHCP Server Medium Open Endpoint Agent SRV-SQL-01 f.hall UA Ukraine Sarah Chen T1557.003
ALR-00106 3d ago Tor Exit Node Connection Medium Open Attack Surface Scanner SRV-DC-01 j.smith GB United Kingdom Anika Patel T1090.003
ALR-00205 3d ago Rogue DHCP Server Medium Open Firewall WS-PC-003 j.smith BR Brazil Anika Patel T1557.003
ALR-00257 3d ago Credential Stuffing Attempt Medium Escalated EmilyAI Triage WS-LAP-011 j.smith CN China Sarah Chen T1110.004
ALR-00098 3d ago Anomalous DNS Query Medium Escalated EmilyAI Triage WS-PC-004 a.wilson IN India Marcus Webb T1568.002
ALR-00032 3d ago Shadow IT Discovery Medium Escalated Endpoint Agent AP-WIFI-03 c.williams US United States Emma Richardson T1567
ALR-00031 3d ago Shadow IT Discovery Medium Escalated Firewall WS-PC-002 e.evans DE Germany Sarah Chen T1567
ALR-00181 4d ago Failed MFA Challenge Medium Resolved Email Gateway WS-PC-001 m.taylor KP North Korea James Okonkwo T1621
ALR-00225 4d ago DecoyPulse Honeypot Triggered Medium False Positive Firewall WS-PC-004 system RO Romania Anika Patel T1018
ALR-00164 4d ago Rogue DHCP Server Medium Escalated SOC365 Engine SRV-DC-01 r.davies RO Romania Sarah Chen T1557.003
ALR-00029 4d ago Tor Exit Node Connection Medium False Positive Cloud Connector SRV-BACKUP-01 l.johnson US United States James Okonkwo T1090.003
ALR-00290 4d ago Kerberoasting Attempt Medium Escalated EmilyAI Triage SRV-WEB-01 m.taylor US United States James Okonkwo T1558.003
ALR-00192 4d ago Rogue DHCP Server Medium Open SOC365 Engine WS-LAP-011 d.walker KP North Korea Anika Patel T1557.003
ALR-00094 4d ago Credential Stuffing Attempt Medium False Positive Email Gateway AP-WIFI-03 system DE Germany Sarah Chen T1110.004
ALR-00282 4d ago Unusual Outbound Traffic Medium False Positive DecoyPulse SRV-WEB-01 j.smith RU Russia Sarah Chen T1041
ALR-00193 4d ago Unusual Outbound Traffic Medium Escalated Attack Surface Scanner WS-LAP-012 n.clark FR France Marcus Webb T1041
ALR-00158 4d ago Shadow IT Discovery Medium Resolved Firewall WS-PC-004 j.smith NG Nigeria Marcus Webb T1567
ALR-00237 4d ago DecoyPulse Honeypot Triggered Medium Open EmilyAI Triage WS-PC-001 r.davies FR France Anika Patel T1018
ALR-00024 4d ago Lateral Movement Detected Medium Resolved Dark Web Monitor SRV-DC-01 j.smith RU Russia Sarah Chen T1021.002
ALR-00095 5d ago Tor Exit Node Connection Medium Resolved DLP Module SRV-FILE-01 n.clark UA Ukraine Marcus Webb T1090.003
ALR-00128 5d ago Suspicious Scheduled Task Medium Resolved Email Gateway WS-PC-006 f.hall GB United Kingdom Emma Richardson T1053.005
ALR-00319 5d ago Unusual Outbound Traffic Medium Escalated EmilyAI Triage SRV-WEB-01 c.williams CN China Sarah Chen T1041
ALR-00152 5d ago Phishing Email Blocked Medium Open Cloud Connector SRV-FILE-01 k.brown UA Ukraine Anika Patel T1566.001
ALR-00141 5d ago Malware Signature Match Medium False Positive Dark Web Monitor WS-LAP-010 e.evans IN India Sarah Chen T1204.002
ALR-00340 5d ago DLP Policy Violation Medium Escalated Attack Surface Scanner WS-PC-001 system VN Vietnam Marcus Webb T1048
ALR-00160 5d ago Rogue DHCP Server Medium Open Attack Surface Scanner WS-MAC-005 s.jones GB United Kingdom Anika Patel T1557.003
ALR-00259 5d ago Failed MFA Challenge Medium Escalated SOC365 Engine WS-LAP-011 l.johnson FR France Emma Richardson T1621
ALR-00097 5d ago Tor Exit Node Connection Medium Investigating Firewall SRV-BACKUP-01 d.walker NG Nigeria Marcus Webb T1090.003
ALR-00292 5d ago Unauthorised USB Device Medium Escalated Endpoint Agent WS-MAC-005 a.wilson NG Nigeria Marcus Webb T1091
ALR-00265 5d ago Malware Signature Match Medium Investigating Email Gateway SRV-MAIL-01 m.taylor KP North Korea Emma Richardson T1204.002
ALR-00085 5d ago Brute Force SSH Medium Investigating Endpoint Agent FW-EDGE-01 l.johnson IN India James Okonkwo T1110.001
ALR-00279 6d ago Brute Force SSH Medium False Positive Firewall AP-WIFI-03 l.johnson NG Nigeria James Okonkwo T1110.001
ALR-00137 6d ago Suspicious Scheduled Task Medium Open Endpoint Agent WS-PC-004 l.johnson FR France James Okonkwo T1053.005
ALR-00266 6d ago Phishing Email Blocked Medium Resolved Firewall WS-LAP-010 system US United States James Okonkwo T1566.001
ALR-00064 6d ago Anomalous DNS Query Medium False Positive DecoyPulse SRV-SQL-01 e.evans GB United Kingdom James Okonkwo T1568.002
ALR-00200 6d ago C2 Beacon Activity Medium Open Email Gateway WS-LAP-012 p.thomas CN China Sarah Chen T1071.001
ALR-00276 6d ago C2 Beacon Activity Medium Investigating DLP Module WS-MAC-005 e.evans NL Netherlands Sarah Chen T1071.001
ALR-00247 6d ago Anomalous DNS Query Medium Resolved Attack Surface Scanner WS-PC-001 p.thomas DE Germany James Okonkwo T1568.002
ALR-00256 6d ago Unusual Outbound Traffic Medium Resolved Firewall WS-LAP-012 j.smith CN China Anika Patel T1041
ALR-00289 6d ago Ransomware Behaviour Detected Medium Open EmilyAI Triage WS-LAP-011 l.johnson KP North Korea James Okonkwo T1486
ALR-00273 6d ago C2 Beacon Activity Medium Investigating Network IDS SRV-APP-01 s.jones IR Iran Sarah Chen T1071.001
ALR-00197 6d ago DecoyPulse Honeypot Triggered Medium Escalated Email Gateway WS-LAP-012 k.brown NG Nigeria Emma Richardson T1018
ALR-00234 6d ago Suspicious PowerShell Execution Medium Investigating Email Gateway FW-EDGE-01 system FR France James Okonkwo T1059.001
ALR-00187 6d ago Malware Signature Match Medium Open DecoyPulse WS-PC-004 p.thomas NG Nigeria James Okonkwo T1204.002
ALR-00044 6d ago Certificate Anomaly Medium Resolved Attack Surface Scanner WS-PC-002 c.williams RO Romania James Okonkwo T1553.004
ALR-00184 6d ago Insider Threat Indicator Medium Escalated Network IDS AP-WIFI-03 k.brown BR Brazil Emma Richardson T1119