Alerts 40,233

Jobs
8,584
Critical
19,901
High
10,146
Medium
1,602
Low
20,151
Blocked
20,083
Detected
8,584
Vulnerability
31,649
Detection
Clear
Overview
By Severity
By Source
By Category
By Action
Time Analysis
Daily Trend (7 Days)
Hourly Distribution
By Day of Week
Detailed Analysis
Top 10 Hosts
MITRE Tactics
MITRE Techniques
Vulnerability vs Detection Alerts
Vulnerability Alerts 8,584
Detection Alerts 31,649
Process Analysis
Top 10 Processes
Top 10 Parent Processes
Top 10 Users
Alert Analysis
Alert Type
Resolution Status
Monthly Trend (6M)
Weekly Trend (4W)
Top 10 Alert Names
Most Frequent Alerts
MITRE ATT&CK Kill Chain
All Alerts Showing 1-100 of 40233
ID Severity Source Name Host Action Category Detected
114202 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 02-23 09:02
114200 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 09:02
114199 high XDR Agent File Drop - 2775215878 dwshin Prevented (Blocked) Malware 02-23 09:01
81977 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at docker.io/library/symantec-manager:latest Detected (Scanned) VULNERABILITY 02-23 09:00
81975 critical Vulnerability Policy CVE-2021-24112 vulnerability in system.drawing.common at docker.io/library/symantec-manager:latest Detected (Scanned) VULNERABILITY 02-23 09:00
81974 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at docker.io/library/symantec-worker:latest Detected (Scanned) VULNERABILITY 02-23 09:00
81976 critical Vulnerability Policy CVE-2021-24112 vulnerability in system.drawing.common at docker.io/library/symantec-worker:latest Detected (Scanned) VULNERABILITY 02-23 09:00
1 critical Vulnerability Policy CVE-2024-24790 vulnerability in net/netip at docker.io/library/traefik:v2.10 Detected (Scanned) VULNERABILITY 02-23 09:00
96139 critical Vulnerability Policy CVE-2025-68121 vulnerability in crypto/tls at docker.io/library/traefik:v2.10 Detected (Scanned) VULNERABILITY 02-23 09:00
114195 low XDR BIOC Microsoft Connection Manager Profile Installer loads a file from the users to temporary folder DESKTOP-FNUMV3U Detected Evasion 02-23 08:55
114192 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 08:54
114190 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:52
114191 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:52
114187 high XDR Agent Protection Against Security Measures Bypass Techniques - 1952317967 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:48
114184 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:41
114182 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:41
114183 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:41
114179 medium XDR Agent WildFire Malware teahee Prevented (Blocked) Malware 02-23 08:39
114178 medium XDR Agent WildFire Malware teahee Prevented (Blocked) Malware 02-23 08:37
114170 medium XDR Agent WildFire Malware dwshin Prevented (Blocked) Malware 02-23 08:36
114169 medium XDR BIOC Rundll32.exe was used to run JavaScript DESKTOP-FNUMV3U Detected Execution 02-23 08:34
114162 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 08:33
114164 high XDR Agent Staged Malware Activity - 2394207323 dwshin Prevented (Blocked) Malware 02-23 08:33
114163 high XDR Agent Script Activity - 3055004603 dwshin Prevented (Blocked) Malware 02-23 08:33
114157 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 08:26
114150 high XDR Agent Network Connection - 1971152322 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:19
114148 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 08:19
114149 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 02-23 08:19
114138 high XDR Agent Network Connection - 1971152322 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:08
114139 medium XDR BIOC Credential Vault command-line access DESKTOP-FNUMV3U Detected Credential Access 02-23 08:06
114126 high XDR Agent Script Activity - 1355359002 in-bridge-40 Detected (Reported) Malware 02-23 08:03
114124 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:01
114125 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 08:01
114116 high XDR Agent Protection Against Security Measures Bypass Techniques - 1940197314 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:59
114114 high XDR Agent File Drop - 1815185192 dwshin Detected (Reported) Malware 02-23 07:58
114113 high XDR Agent File Drop - 3732557733 dwshin Prevented (Blocked) Malware 02-23 07:58
114112 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 02-23 07:57
114110 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:57
114111 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 02-23 07:57
114107 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 02-23 07:52
114105 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:52
114104 high XDR Agent Protection Against Security Measures Bypass Techniques - 1952317967 dwshin Prevented (Blocked) Malware 02-23 07:51
114101 high XDR Agent Network Connection - 1971152322 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:46
114097 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 02-23 07:45
114096 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:45
114095 high XDR Agent Evasion Technique - 527483761 dwshin Prevented (Blocked) Malware 02-23 07:44
114090 high XDR Agent Network Connection - 1971152322 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:38
114088 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 07:37
114087 medium XDR Agent WildFire Malware teahee Prevented (Blocked) Malware 02-23 07:36
114085 low XDR BIOC Accessing bash history file in-bridge-40 Detected Evasion 02-23 07:36
114084 low XDR BIOC Accessing bash history file using bash commands in-bridge-40 Detected Evasion 02-23 07:36
114086 high XDR Agent Staged Malware Activity - 192330647 in-bridge-40 Prevented (Blocked) Malware 02-23 07:35
114078 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:35
114075 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 02-23 07:35
114074 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:35
114072 medium XDR Agent WildFire Malware teahee Prevented (Blocked) Malware 02-23 07:31
114066 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 07:30
114063 medium XDR Agent WildFire Malware dwshin Prevented (Blocked) Malware 02-23 07:30
114058 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 02-23 07:24
114059 high XDR BIOC Command-line arguments match Mimikatz execution DESKTOP-FNUMV3U Detected Credential Access 02-23 07:24
114060 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:24
114054 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:24
114055 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:24
114057 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 02-23 07:24
114053 high XDR Agent Credential Gathering Protection - 122198212 dwshin Prevented (Blocked) Malware 02-23 07:23
114050 high XDR BIOC Command-line arguments match Mimikatz execution DESKTOP-FNUMV3U Detected Credential Access 02-23 07:17
114049 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 02-23 07:17
114048 high XDR Agent Credential Gathering Protection - 510630382 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:17
114044 high XDR Agent Network Connection - 1971152322 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:13
114040 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 02-23 07:10
114038 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:10
114036 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 07:09
114028 medium XDR BIOC Process calls ActiveX Object with a shell command DESKTOP-FNUMV3U Detected Execution 02-23 07:03
114027 high XDR Agent Staged Malware Activity - 2394207323 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:03
114029 high XDR Agent Script Activity - 3055004603 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:03
114023 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:02
114024 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 07:02
114019 high XDR Agent File Drop - 1815185192 dwshin Prevented (Blocked) Malware 02-23 07:02
114025 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 02-23 07:02
114020 high XDR Agent File Drop - 3732557733 dwshin Prevented (Blocked) Malware 02-23 07:02
114021 high XDR Agent File Drop - 2775215878 dwshin Prevented (Blocked) Malware 02-23 07:02
114013 high XDR Agent Staged Malware Activity - 2123359011 inbridge-42 Detected (Reported) Malware 02-23 07:00
114010 high XDR Agent Script Activity - 1355359002 in-bridge-40 Detected (Reported) Malware 02-23 07:00
114009 high XDR Agent Script Activity - 1355359002 in-bridge-40 Detected (Reported) Malware 02-23 07:00
114007 high XDR BIOC Command-line arguments match Mimikatz execution DESKTOP-FNUMV3U Detected Credential Access 02-23 06:56
114006 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 02-23 06:56
114004 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:56
113996 medium XDR Agent Suspicious Process Creation dwshin Prevented (Blocked) Malware 02-23 06:55
113997 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:55
113998 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:55
113994 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 02-23 06:51
113990 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:51
113991 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 02-23 06:51
113987 high XDR Agent Powershell Activity - 3990759154 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:49
113983 high XDR Agent Powershell Activity - 3990759154 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:42
113978 high XDR Agent File Drop - 1815185192 dwshin Detected (Reported) Malware 02-23 06:41
113979 high XDR Agent File Drop - 3732557733 dwshin Prevented (Blocked) Malware 02-23 06:41
113976 high XDR Agent Network Connection - 1971152322 DESKTOP-FNUMV3U Prevented (Blocked) Malware 02-23 06:40
113973 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 02-23 06:40
113974 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 02-23 06:40
Last refresh: 2026-03-11 10:18:56