Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:36:35 UTC

Medium Alerts

Clear
ID Timestamp Alert Type Severity Status Source Hostname User Origin Analyst MITRE
ALR-00092 44m ago Unusual Outbound Traffic Medium Escalated DLP Module WS-LAP-012 system UA Ukraine Sarah Chen T1041
ALR-00108 1h ago Failed MFA Challenge Medium Resolved SOC365 Engine WS-LAP-011 a.wilson DE Germany Emma Richardson T1621
ALR-00192 2h ago Phishing Email Blocked Medium Investigating Endpoint Agent WS-PC-006 n.clark NG Nigeria Anika Patel T1566.001
ALR-00190 4h ago C2 Beacon Activity Medium Escalated Dark Web Monitor WS-PC-004 e.evans BR Brazil James Okonkwo T1071.001
ALR-00048 5h ago Phishing Email Blocked Medium Resolved Cloud Connector WS-PC-002 s.jones IR Iran Emma Richardson T1566.001
ALR-00112 6h ago Pass-the-Hash Detected Medium Investigating Network IDS WS-LAP-012 p.thomas NL Netherlands Sarah Chen T1550.002
ALR-00061 6h ago Insider Threat Indicator Medium False Positive SOC365 Engine WS-PC-001 k.brown GB United Kingdom James Okonkwo T1119
ALR-00228 10h ago Malware Signature Match Medium Investigating Dark Web Monitor SRV-SQL-01 d.walker UA Ukraine Sarah Chen T1204.002
ALR-00350 13h ago Port Scan Detected Medium Resolved Firewall AP-WIFI-03 system UA Ukraine Sarah Chen T1046
ALR-00177 15h ago DLP Policy Violation Medium Investigating EmilyAI Triage WS-MAC-005 r.davies RU Russia Marcus Webb T1048
ALR-00276 16h ago Unauthorised USB Device Medium Open DecoyPulse WS-PC-003 h.roberts RO Romania Anika Patel T1091
ALR-00175 18h ago C2 Beacon Activity Medium False Positive DLP Module SW-CORE-01 c.williams GB United Kingdom Marcus Webb T1071.001
ALR-00267 19h ago Failed MFA Challenge Medium False Positive Email Gateway SRV-DC-01 m.taylor NG Nigeria Marcus Webb T1621
ALR-00068 21h ago Pass-the-Hash Detected Medium Open DLP Module SRV-DC-01 j.smith CN China Marcus Webb T1550.002
ALR-00012 21h ago Shadow IT Discovery Medium Investigating Endpoint Agent WS-PC-003 m.taylor NG Nigeria Sarah Chen T1567
ALR-00204 22h ago Data Exfiltration Attempt Medium Open Email Gateway VM-DEV-01 c.williams UA Ukraine Sarah Chen T1567.002
ALR-00236 22h ago Port Scan Detected Medium Resolved Dark Web Monitor WS-PC-001 c.williams BR Brazil Marcus Webb T1046
ALR-00119 1d ago Certificate Anomaly Medium Investigating EmilyAI Triage VM-DEV-01 r.davies RO Romania Emma Richardson T1553.004
ALR-00319 1d ago Credential Stuffing Attempt Medium Escalated SOC365 Engine WS-PC-004 f.hall CN China James Okonkwo T1110.004
ALR-00121 1d ago Malware Signature Match Medium Escalated DecoyPulse WS-MAC-005 e.evans UA Ukraine Sarah Chen T1204.002
ALR-00128 1d ago Lateral Movement Detected Medium False Positive Attack Surface Scanner SRV-BACKUP-01 r.davies UA Ukraine Marcus Webb T1021.002
ALR-00358 1d ago Port Scan Detected Medium Resolved Cloud Connector SRV-SQL-01 k.brown CN China Marcus Webb T1046
ALR-00077 1d ago Malware Signature Match Medium False Positive DecoyPulse SRV-FILE-01 f.hall IR Iran Marcus Webb T1204.002
ALR-00257 1d ago Shadow IT Discovery Medium False Positive DLP Module WS-PC-006 system KP North Korea Sarah Chen T1567
ALR-00347 1d ago DLP Policy Violation Medium Escalated SOC365 Engine WS-LAP-012 p.thomas DE Germany Emma Richardson T1048
ALR-00093 1d ago Failed MFA Challenge Medium Open DLP Module SRV-DC-01 j.smith VN Vietnam Anika Patel T1621
ALR-00313 1d ago Unauthorised USB Device Medium Open DecoyPulse WS-PC-006 l.johnson GB United Kingdom Anika Patel T1091
ALR-00244 1d ago Data Exfiltration Attempt Medium Investigating Dark Web Monitor AP-WIFI-03 p.thomas DE Germany Marcus Webb T1567.002
ALR-00186 2d ago Lateral Movement Detected Medium False Positive SOC365 Engine SRV-FILE-01 k.brown DE Germany Anika Patel T1021.002
ALR-00245 2d ago C2 Beacon Activity Medium False Positive Cloud Connector AP-WIFI-03 system BR Brazil Anika Patel T1071.001
ALR-00050 2d ago Suspicious PowerShell Execution Medium False Positive Cloud Connector SRV-BACKUP-01 d.walker CN China Sarah Chen T1059.001
ALR-00053 2d ago Data Exfiltration Attempt Medium Resolved EmilyAI Triage FW-EDGE-01 k.brown NL Netherlands Anika Patel T1567.002
ALR-00029 2d ago Port Scan Detected Medium False Positive Network IDS WS-PC-001 k.brown FR France Sarah Chen T1046
ALR-00120 2d ago Kerberoasting Attempt Medium Investigating Attack Surface Scanner SRV-BACKUP-01 m.taylor IR Iran James Okonkwo T1558.003
ALR-00193 2d ago Shadow IT Discovery Medium Resolved Attack Surface Scanner WS-PC-002 s.jones RO Romania Emma Richardson T1567
ALR-00079 2d ago C2 Beacon Activity Medium Open DecoyPulse SRV-FILE-01 a.wilson RU Russia Anika Patel T1071.001
ALR-00277 2d ago Brute Force SSH Medium Open SOC365 Engine WS-LAP-012 d.walker NG Nigeria Sarah Chen T1110.001
ALR-00138 2d ago Malware Signature Match Medium Escalated DecoyPulse WS-LAP-012 s.jones NL Netherlands Anika Patel T1204.002
ALR-00183 2d ago Phishing Email Blocked Medium False Positive SOC365 Engine WS-PC-006 l.johnson BR Brazil James Okonkwo T1566.001
ALR-00168 3d ago Tor Exit Node Connection Medium False Positive Email Gateway WS-PC-006 a.wilson VN Vietnam Sarah Chen T1090.003
ALR-00345 3d ago Suspicious PowerShell Execution Medium Escalated SOC365 Engine SRV-MAIL-01 r.davies DE Germany James Okonkwo T1059.001
ALR-00010 3d ago Unauthorised USB Device Medium Open DecoyPulse WS-LAP-012 h.roberts BR Brazil Marcus Webb T1091
ALR-00042 3d ago DecoyPulse Honeypot Triggered Medium Resolved Email Gateway FW-EDGE-01 l.johnson NG Nigeria Marcus Webb T1018
ALR-00089 3d ago Malware Signature Match Medium Escalated Dark Web Monitor SRV-MAIL-01 h.roberts UA Ukraine James Okonkwo T1204.002
ALR-00003 3d ago Insider Threat Indicator Medium Resolved Firewall VM-DEV-01 a.wilson US United States Marcus Webb T1119
ALR-00110 3d ago Pass-the-Hash Detected Medium Resolved Email Gateway VM-DEV-01 p.thomas KP North Korea James Okonkwo T1550.002
ALR-00171 3d ago C2 Beacon Activity Medium Investigating SOC365 Engine SRV-FILE-01 system DE Germany Emma Richardson T1071.001
ALR-00208 3d ago Privilege Escalation Attempt Medium Escalated Email Gateway SRV-WEB-01 j.smith DE Germany Marcus Webb T1134
ALR-00173 3d ago Suspicious PowerShell Execution Medium Investigating EmilyAI Triage WS-MAC-005 h.roberts UA Ukraine Emma Richardson T1059.001
ALR-00216 4d ago C2 Beacon Activity Medium Resolved Attack Surface Scanner WS-LAP-011 p.thomas KP North Korea Sarah Chen T1071.001
ALR-00205 4d ago Unusual Outbound Traffic Medium Escalated SOC365 Engine AP-WIFI-03 c.williams IR Iran Sarah Chen T1041
ALR-00030 4d ago Port Scan Detected Medium Investigating Email Gateway SW-CORE-01 k.brown RO Romania Emma Richardson T1046
ALR-00039 4d ago Lateral Movement Detected Medium Open Attack Surface Scanner SRV-DC-01 system UA Ukraine James Okonkwo T1021.002
ALR-00047 4d ago C2 Beacon Activity Medium Escalated Dark Web Monitor WS-PC-003 k.brown KP North Korea Emma Richardson T1071.001
ALR-00268 4d ago Phishing Email Blocked Medium Investigating DecoyPulse WS-PC-003 d.walker IN India Emma Richardson T1566.001
ALR-00028 4d ago Brute Force SSH Medium Escalated Email Gateway FW-EDGE-01 r.davies NL Netherlands Sarah Chen T1110.001
ALR-00351 4d ago Privilege Escalation Attempt Medium Investigating Dark Web Monitor VM-DEV-01 system VN Vietnam Emma Richardson T1134
ALR-00139 4d ago Insider Threat Indicator Medium Investigating EmilyAI Triage WS-MAC-005 h.roberts VN Vietnam Sarah Chen T1119
ALR-00198 4d ago Malware Signature Match Medium Investigating Firewall WS-PC-001 m.taylor US United States James Okonkwo T1204.002
ALR-00248 4d ago Suspicious PowerShell Execution Medium False Positive Endpoint Agent WS-PC-004 l.johnson GB United Kingdom Marcus Webb T1059.001
ALR-00263 4d ago Tor Exit Node Connection Medium Investigating Firewall WS-MAC-005 p.thomas NG Nigeria Sarah Chen T1090.003
ALR-00020 4d ago Rogue DHCP Server Medium Open DLP Module SRV-FILE-01 p.thomas IR Iran Marcus Webb T1557.003
ALR-00298 4d ago Tor Exit Node Connection Medium Escalated EmilyAI Triage WS-PC-003 f.hall GB United Kingdom Sarah Chen T1090.003
ALR-00017 4d ago Brute Force SSH Medium False Positive DecoyPulse VM-DEV-01 k.brown BR Brazil James Okonkwo T1110.001
ALR-00071 4d ago Credential Stuffing Attempt Medium Escalated Dark Web Monitor SRV-FILE-01 n.clark NG Nigeria Sarah Chen T1110.004
ALR-00040 4d ago Data Exfiltration Attempt Medium Resolved DecoyPulse SRV-APP-01 l.johnson RO Romania Anika Patel T1567.002
ALR-00080 4d ago Unauthorised USB Device Medium Escalated Firewall SRV-MAIL-01 k.brown NG Nigeria Marcus Webb T1091
ALR-00179 4d ago Ransomware Behaviour Detected Medium Resolved Email Gateway VM-DEV-01 a.wilson NL Netherlands Anika Patel T1486
ALR-00284 4d ago Lateral Movement Detected Medium Investigating EmilyAI Triage AP-WIFI-03 p.thomas CN China Emma Richardson T1021.002
ALR-00317 4d ago Suspicious Scheduled Task Medium Investigating Dark Web Monitor AP-WIFI-03 j.smith US United States Sarah Chen T1053.005
ALR-00084 5d ago Phishing Email Blocked Medium Investigating SOC365 Engine WS-PC-001 h.roberts NL Netherlands Sarah Chen T1566.001
ALR-00158 5d ago Rogue DHCP Server Medium Escalated Network IDS WS-MAC-005 s.jones KP North Korea James Okonkwo T1557.003
ALR-00085 5d ago Ransomware Behaviour Detected Medium Open Cloud Connector SRV-SQL-01 d.walker IN India Sarah Chen T1486
ALR-00041 5d ago Insider Threat Indicator Medium Escalated SOC365 Engine AP-WIFI-03 j.smith UA Ukraine James Okonkwo T1119
ALR-00259 5d ago Unauthorised USB Device Medium Investigating Email Gateway FW-EDGE-01 f.hall DE Germany Anika Patel T1091
ALR-00233 5d ago Ransomware Behaviour Detected Medium False Positive Attack Surface Scanner SRV-DC-01 e.evans US United States Marcus Webb T1486
ALR-00207 5d ago Unusual Outbound Traffic Medium False Positive DecoyPulse FW-EDGE-01 d.walker KP North Korea Sarah Chen T1041
ALR-00222 5d ago C2 Beacon Activity Medium Escalated Email Gateway SW-CORE-01 system UA Ukraine Emma Richardson T1071.001
ALR-00287 5d ago DLP Policy Violation Medium Open Dark Web Monitor WS-MAC-005 system UA Ukraine Anika Patel T1048
ALR-00148 5d ago Shadow IT Discovery Medium False Positive Endpoint Agent WS-LAP-012 e.evans CN China James Okonkwo T1567
ALR-00334 5d ago Suspicious Scheduled Task Medium Escalated Firewall WS-MAC-005 p.thomas IN India Marcus Webb T1053.005
ALR-00337 5d ago Malware Signature Match Medium False Positive Network IDS WS-LAP-011 system CN China Marcus Webb T1204.002
ALR-00332 5d ago Suspicious Scheduled Task Medium False Positive Firewall SRV-BACKUP-01 e.evans GB United Kingdom James Okonkwo T1053.005
ALR-00330 5d ago Ransomware Behaviour Detected Medium Investigating Network IDS WS-LAP-012 e.evans RU Russia James Okonkwo T1486
ALR-00082 6d ago Unauthorised USB Device Medium Resolved Firewall WS-MAC-005 j.smith BR Brazil James Okonkwo T1091
ALR-00283 6d ago Pass-the-Hash Detected Medium False Positive Network IDS WS-LAP-011 e.evans IR Iran Anika Patel T1550.002
ALR-00304 6d ago Pass-the-Hash Detected Medium Resolved SOC365 Engine WS-PC-001 c.williams DE Germany Anika Patel T1550.002
ALR-00246 6d ago Unauthorised USB Device Medium Resolved Dark Web Monitor SRV-BACKUP-01 n.clark UA Ukraine Marcus Webb T1091
ALR-00045 6d ago Suspicious PowerShell Execution Medium Open Attack Surface Scanner SRV-MAIL-01 k.brown KP North Korea Emma Richardson T1059.001
ALR-00123 6d ago Privilege Escalation Attempt Medium Open EmilyAI Triage WS-PC-001 a.wilson US United States Anika Patel T1134
ALR-00231 6d ago DLP Policy Violation Medium Resolved Cloud Connector WS-LAP-012 h.roberts UA Ukraine Marcus Webb T1048
ALR-00122 6d ago Suspicious PowerShell Execution Medium False Positive Dark Web Monitor SW-CORE-01 d.walker RO Romania James Okonkwo T1059.001
ALR-00340 6d ago C2 Beacon Activity Medium Investigating Attack Surface Scanner WS-PC-004 h.roberts GB United Kingdom Emma Richardson T1071.001
ALR-00271 6d ago Pass-the-Hash Detected Medium Resolved EmilyAI Triage SRV-FILE-01 h.roberts RU Russia Anika Patel T1550.002
ALR-00333 6d ago Phishing Email Blocked Medium Resolved Endpoint Agent WS-PC-004 h.roberts BR Brazil Anika Patel T1566.001
ALR-00188 6d ago Data Exfiltration Attempt Medium Open Endpoint Agent WS-LAP-010 p.thomas CN China James Okonkwo T1567.002
ALR-00049 6d ago Unusual Outbound Traffic Medium Investigating DecoyPulse VM-DEV-01 j.smith IR Iran Anika Patel T1041
ALR-00278 6d ago Tor Exit Node Connection Medium Open Network IDS WS-PC-002 h.roberts IN India Emma Richardson T1090.003
ALR-00221 6d ago Shadow IT Discovery Medium Investigating Network IDS SRV-MAIL-01 system VN Vietnam Sarah Chen T1567
ALR-00354 6d ago Credential Stuffing Attempt Medium Escalated SOC365 Engine SRV-SQL-01 f.hall DE Germany James Okonkwo T1110.004