Dashboards
Investigate dashboard
Last 30 days
Refresh every minute
Risk Level
Show risk level of your infrastructure
Ongoing Alerts
Number of “ongoing” alerts
139
ongoing
Pending Alerts
Number of “pending” alerts
0
pending
Opened Cases
Number of opened cases
0
opened
Last comments
Show the last comments
Alerts
Show the last alerts
Cases
Show the last cases
| Title | Priority | Created by | Created at | Updated at |
|---|
Good news! No cases to display
Top Observed Threats
Show most frequently observed threats in alerts
| Threats | Number of alerts |
|---|---|
 Command and Scripting Interpreter | 97 |
| System Services | 96 |
| User Execution | 96 |
 EvilProxy | 24 |
| Multi-Factor Authentication Interception | 6 |
| Adversary-in-the-Middle | 6 |
 Chenlun | 4 |
| Create or Modify System Process: Windows Service | 3 |
Events by Data Sources
Statistics about events aggregated by data sources.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Based on the provided cyber-security alert, the rule triggered by the SEKOIA Intelligence Feed is looking for network traffic with a destination IP address of '172.252.85.250'. The alert was triggered by an event where the destination IP address was indeed '172.252.85.250' and the port was 80. The event details show that the connection was successful, and it was initiated by the process 'msedge.exe' which is Microsoft Edge browser. The source IP address was '192.168.1.72' which is a local IP address. The event occurred on a Windows machine with the hostname 'laptop-bb4aed248'. Given the information provided, it seems like a legitimate connection from the Microsoft Edge browser on a Windows machine to an external IP address. The connection was successful, and there is no indication of malicious activity in the event details. Therefore, it is unlikely that this alert is a false positive.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.
Security analysts are currently investigating this security alert and will provide an update on its status as soon as possible.