SOC Overview
Live threat dashboard
Real-time view of detections, blocked actors, and AI investigation activity across all sensors.
Active Threats
7
▲ 12%1 critical · 3 high
Blocked IPs (24h)
47
Auto-response simulation
Alerts Today
39
▼ 4%Mean Risk Score
68/100
Across active investigations
Attack Timeline · 12h
Alerts vs auto-blocked actions
Alerts Blocked
By Severity
Top MITRE Techniques
- T1059.001PowerShell1
- T1027Obfuscated Files1
- T1110.001Password Guessing1
- T1078Valid Accounts1
- T1190Exploit Public-Facing App1
Recent Alerts
Most recent 6 detections across all sensors
| ID | Severity | Title | Source | Detected |
|---|---|---|---|---|
| ALR-2401 | critical | Suspicious PowerShell with encoded payload | EDR — endpoint.fin-ws-04 | 30m ago |
| ALR-2400 | high | Brute-force on admin portal | WAF — edge-eu-2 | 45m ago |
| ALR-2399 | high | Impossible-travel sign-in | Identity — Azure AD | 1h ago |
| ALR-2398 | medium | SQL injection probe | WAF — edge-me-1 | 1h ago |
| ALR-2397 | high | New scheduled task created on DC | EDR — dc-01 | 2h ago |
| ALR-2396 | medium | Phishing email with credential-harvest link | Email — proofguard | 3h ago |