Security Operations Center

Overview of alerts, cases, and detection sources

Active Alerts

1247

89 new today

+12%vs yesterday

Critical

Require immediate action

-3%vs yesterday

Open Cases

15 in progress

MTTR

42m

Mean time to resolve

-8%vs last week

Alert Volume (24h)

Last 24 hours

Severity Breakdown

Critical

High

Medium

156

Low

289

Top MITRE ATT&CK Tactics

Alert Sources

Endpoint Telemetry

412

SIEM Events

287

Cloud Audit

198

Network Sensors

243

Identity Provider

107

Live Feed

Connecting…

CRIT

Ransomware indicators detected on DESKTOP-7892

EDR · 8s ago

HIGH

Suspicious login from unexpected geo: RU → admin account

IdP · 16s ago

HIGH

PowerShell encoded command executed by service account

EDR · 24s ago

MEDI

Unusual outbound traffic to known C2 infrastructure

Firewall · 32s ago

LOW

New service installed on production server WEB-PROD-12

OS Audit · 40s ago