Security Incidents
4 openConfirmed incidents escalated from the investigation pipeline. Select an incident to open its Storyline — a full-page visual timeline you can replay.
Severity
Incident
Outcome
Assets
Conf.
Actions
Critical
Emotet intrusion — phishing to attempted data theft, contained
INC-0193 · ALRT-2847
Security Incident
host WKSTN-4211 · j.malik
97%
Critical
Credential stuffing wave → account takeover, SaaS tenant
INC-0201 · ALRT-3120
Security Incident
idp okta/acme · m.torres
91%
High
Impossible-travel sign-in escalated to token replay
INC-0188 · ALRT-3061
Security Event
idp azure-ad · a.okafor
73%
Medium
Encoded PowerShell chain flagged on finance endpoint
INC-0184 · ALRT-2990
Undetermined
host WKSTN-4187 · d.kim
48%