Alerts 14,189

Jobs
4,745
Critical
6,755
High
2,567
Medium
122
Low
4,973
Blocked
9,217
Detected
4,745
Vulnerability
9,444
Detection
Clear
Overview
By Severity
By Source
By Category
By Action
Time Analysis
Daily Trend (7 Days)
Hourly Distribution
By Day of Week
Detailed Analysis
Top 10 Hosts
MITRE Tactics
MITRE Techniques
Vulnerability vs Detection Alerts
Vulnerability Alerts 4,745
Detection Alerts 9,444
Process Analysis
Top 10 Processes
Top 10 Parent Processes
Top 10 Users
Alert Analysis
Alert Type
Resolution Status
Monthly Trend (6M)
Weekly Trend (4W)
Top 10 Alert Names
Most Frequent Alerts
MITRE ATT&CK Kill Chain
All Alerts Showing 1-100 of 14189
ID Severity Source Name Host Action Category Detected
1 critical Vulnerability Policy CVE-2024-24790 vulnerability in net/netip at docker.io/library/traefik:v2.10 Detected (Scanned) VULNERABILITY 01-20 22:00
10 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-30 16:33
100 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Prevented (Blocked) Malware 12-31 01:20
1000 high XDR Agent Persistency - 779040014 inbridge-ubt-24 Prevented (Blocked) Malware 01-01 14:33
1002 high XDR Agent Persistency - 779040014 inbridge-ubt-24 Prevented (Blocked) Malware 01-01 14:33
10023 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:37
10026 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 14:35
10027 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10029 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10031 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 14:31
10032 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10033 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 14:35
10034 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:30
10035 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 16:30
10037 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 11:37
10038 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 12:35
10039 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 12:35
1004 high XDR Agent Persistency - 779040014 inbridge-ubt-24 Prevented (Blocked) Malware 01-01 14:33
10040 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:30
10042 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10043 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10045 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10046 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 15:31
10049 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 14:35
1007 high XDR Agent Process Injection - 288965039 inbridge-42 Detected (Reported) Malware 01-01 14:34
101 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 01:20
1011 high XDR Agent Process Injection - 288965039 inbridge-ubt-24 Detected (Reported) Malware 01-01 14:34
1012 high XDR Agent Process Injection - 288965039 in-bridge-40 Detected (Reported) Malware 01-01 14:35
1019 high XDR Agent Persistency - 779040014 inbridge-ubt-24 Prevented (Blocked) Malware 01-01 14:35
102 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 01:23
1021 high XDR Agent Persistency - 779040014 inbridge-ubt-24 Prevented (Blocked) Malware 01-01 14:35
1024 high XDR Agent Persistency - 779040014 in-bridge-40 Prevented (Blocked) Malware 01-01 14:35
1026 high XDR Agent Persistency - 779040014 in-bridge-40 Prevented (Blocked) Malware 01-01 14:35
1028 high XDR Agent Powershell Activity - 3083271452 DESKTOP-FNUMV3U Detected (Reported) Malware 01-01 14:36
1029 high XDR Agent Powershell Activity - 3990759154 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 14:36
103 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 01:23
1035 medium XDR BIOC Perl script connecting to network inbridge-42 Detected Execution 01-01 14:35
104 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 12:52
1040 high XDR Agent Evasion Technique - 1720575843 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 14:43
1044 high XDR Agent Powershell Activity - 3083271452 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 14:50
105 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Prevented (Blocked) Malware 12-31 12:52
1050 high XDR Agent Powershell Activity - 3083271452 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 14:57
1052 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:04
1054 high XDR Agent File Drop - 2775215878 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:04
1055 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 15:04
1058 medium XDR Agent WildFire Malware DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:11
1059 high XDR Agent Bypass Attempt - 911079455 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:11
106 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 12:53
1060 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Detected (Reported) Malware 01-01 15:11
1062 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 01-01 15:11
1063 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 01-01 15:18
1064 high XDR Agent Bypass Attempt - 911079455 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:18
1067 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:25
1069 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:32
107 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Prevented (Blocked) Malware 12-31 12:53
1071 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 15:32
1074 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:39
1075 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 01-01 15:39
1078 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 15:46
1079 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 15:46
108 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 12:58
1082 high XDR Agent Evasion Technique - 527483761 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:00
1083 high XDR Agent Powershell Activity - 3990759154 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:07
1084 high XDR Agent Powershell Activity - 3083271452 DESKTOP-FNUMV3U Detected (Reported) Malware 01-01 16:07
1088 high XDR Agent Script Activity - 3055004603 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:14
1089 high XDR Agent Staged Malware Activity - 2394207323 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:14
109 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 12:58
1091 medium XDR BIOC Process calls ActiveX Object with a shell command DESKTOP-FNUMV3U Detected Execution 01-01 16:14
1092 low XDR BIOC Dumping Registry hives with passwords DESKTOP-FNUMV3U Detected Credential Access 01-01 16:14
1093 medium XDR Agent WildFire Malware DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:17
1097 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:28
1098 high XDR BIOC Command-line arguments match Mimikatz execution DESKTOP-FNUMV3U Detected Credential Access 01-01 16:28
1099 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 16:28
11 high XDR Agent Powershell Activity - 3083271452 DESKTOP-FNUMV3U Prevented (Blocked) Malware 12-30 16:38
110 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 13:03
1101 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:35
1105 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 01-01 16:35
1106 high XDR Agent Bypass Attempt - 911079455 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:35
1107 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 16:35
111 high XDR Agent Script Engine Activity - 2431936258 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 13:03
1110 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:42
1112 high XDR BIOC Command-line arguments match Mimikatz execution DESKTOP-FNUMV3U Detected Credential Access 01-01 16:42
1114 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 16:42
11173 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at docker.io/library/symantec-testmanager:latest Detected (Scanned) VULNERABILITY 01-13 16:00
1119 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:56
112 medium XDR Agent WildFire Malware DESKTOP-FNUMV3U Prevented (Blocked) Malware 12-31 13:05
1121 high XDR Agent File Drop - 2775215878 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 16:56
1123 high XDR BIOC Regsvr32 may have run code from an untrusted source DESKTOP-FNUMV3U Detected Execution 01-01 16:56
1124 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:03
1126 high XDR BIOC Command-line arguments match Mimikatz execution DESKTOP-FNUMV3U Detected Credential Access 01-01 17:03
1127 medium XDR BIOC PowerShell runs with known Mimikatz arguments DESKTOP-FNUMV3U Detected Collection 01-01 17:03
1128 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:10
1129 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:10
113 high XDR Agent Script Engine Activity - 2325564505 BOOK-R0BE6S1NC3 Detected (Reported) Malware 12-31 13:08
1132 high XDR Agent File Drop - 3732557733 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:17
1133 high XDR Agent File Drop - 1815185192 DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:17
1136 medium XDR Agent WildFire Malware DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:23
1137 medium XDR Agent Suspicious Process Creation DESKTOP-FNUMV3U Prevented (Blocked) Malware 01-01 17:24
11384 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 12:37
11386 critical Vulnerability Policy CVE-2023-45853 vulnerability in zlib at /symantec_testmanager Detected (Scanned) VULNERABILITY 01-13 12:37
Last refresh: 2026-01-20 13:33:29