Alerts - XDR Test Manager

4,745

Critical

6,755

High

2,567

Medium

122

Low

4,973

Blocked

9,217

Detected

4,745

Vulnerability

9,444

Detection

Overview

By Severity

By Source

By Category

By Action

Time Analysis

Daily Trend (7 Days)

Hourly Distribution

By Day of Week

Detailed Analysis

Top 10 Hosts

MITRE Tactics

MITRE Techniques

Vulnerability vs Detection Alerts

Vulnerability Alerts 4,745

Detection Alerts 9,444

Process Analysis

Top 10 Processes

Top 10 Parent Processes

Top 10 Users

Alert Analysis

Alert Type

Resolution Status

Monthly Trend (6M)

Weekly Trend (4W)

Top 10 Alert Names

Most Frequent Alerts

MITRE ATT&CK Kill Chain

All Alerts Showing 1-100 of 14189

ID	Severity	Source	Name	Host	Action	Category	Detected
7136	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-05 14:25
3574	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-03 07:36
3468	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-03 05:52
3450	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-03 05:39
3429	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-03 05:26
3406	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-03 05:00
3251	medium	XDR BIOC	AMSI Bypass	DESKTOP-FNUMV3U	Detected	Lateral Movement	01-03 02:50
332	medium	XDR BIOC	AMSI Bypass	BOOK-R0BE6S1NC3	Detected	Lateral Movement	01-01 06:22
42259	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-20 11:15
37079	high	XDR Agent	Bypass Attempt - 911079455	BOOK-R0BE6S1NC3	Prevented (Blocked)	Malware	01-17 00:44
33759	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-15 02:27
32004	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-13 16:58
31999	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-13 16:51
31848	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-13 15:48
31838	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-13 15:34
31612	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-13 14:38
7021	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-05 13:54
6600	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-05 12:16
6441	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-05 11:06
5175	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-04 12:15
5157	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-04 11:46
3941	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-03 13:57
3786	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-03 11:09
3749	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-03 10:34
3734	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-03 10:20
2306	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-02 14:09
2159	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-02 13:28
2134	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-02 13:13
2091	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-02 12:52
1270	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 21:01
1106	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 16:35
1064	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 15:18
1059	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 15:11
755	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-01 13:26
674	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 11:20
635	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 10:17
614	high	XDR Agent	Bypass Attempt - 911079455	dwshin	Prevented (Blocked)	Malware	01-01 09:49
525	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 08:46
451	high	XDR Agent	Bypass Attempt - 911079455	DESKTOP-FNUMV3U	Prevented (Blocked)	Malware	01-01 07:36
37131	high	XDR BIOC	Command-line arguments match Mimikatz execution	BOOK-R0BE6S1NC3	Detected	Credential Access	01-17 01:13
35021	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-15 15:35
34998	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-15 15:22
34926	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-15 14:17
34919	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-15 14:05
8844	high	XDR BIOC	Command-line arguments match Mimikatz execution	BOOK-R0BE6S1NC3	Detected	Credential Access	01-06 02:17
7069	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 14:09
6966	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 13:41
6796	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 13:13
6423	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 10:46
6309	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 08:40
6290	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 08:26
6260	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 07:51
6016	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 03:18
5957	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 02:15
5931	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 01:47
5904	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 01:26
5893	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-05 01:19
5745	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 22:45
5698	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 21:56
5666	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 21:21
5004	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 09:06
4957	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 08:10
4906	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 07:14
4772	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 04:47
4688	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 03:16
4649	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 02:34
4608	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-04 01:59
4467	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 23:39
4442	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 23:18
4435	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 23:11
4365	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 21:47
4161	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 17:49
4155	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 17:42
4147	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 17:35
4119	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 17:00
4107	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 16:53
3989	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 14:40
3889	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 12:55
3843	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 12:06
3710	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 09:53
3587	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 07:49
3573	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 07:36
3569	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 07:33
3466	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 05:52
3423	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 05:20
3323	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 03:55
3287	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 03:28
3282	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 03:21
3247	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 02:46
3229	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 02:32
3132	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 01:08
3105	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-03 00:47
2875	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 20:49
2745	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 18:36
2717	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 18:15
2689	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 17:40
2582	high	XDR BIOC	Command-line arguments match Mimikatz execution	BOOK-R0BE6S1NC3	Detected	Credential Access	01-02 16:11
2575	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 16:09
2558	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 15:48
2444	high	XDR BIOC	Command-line arguments match Mimikatz execution	DESKTOP-FNUMV3U	Detected	Credential Access	01-02 14:45

1 2 3

Last refresh: 2026-01-20 13:33:29

Alerts 14,189