Sentinel | Security Operations Center

critical

active threats

high

active threats

medium

active threats

low

142

active threats

Live Threat Feed

Real-time

criticalEVT-4821

14:32:07

SQL injection attempt on /api/auth/login — CVE-2024-3094 pattern detected

185.243.218.41web-prod-03

highEVT-4820

14:31:54

Brute force SSH authentication — 847 failed attempts in 60s

91.234.99.182bastion-01

criticalEVT-4819

14:31:22

Cobalt Strike beacon C2 callback detected on port 443

103.45.67.89workstation-142

mediumEVT-4818

14:30:58

Unusual lateral movement — SMB connection to 5 new hosts in 2 min

172.16.0.45dc-primary

highEVT-4817

14:30:41

Ransomware payload signature match (LockBit 3.0) blocked at endpoint

45.155.205.233file-server-02

lowEVT-4816

14:30:15

Failed certificate validation — expired TLS cert on internal service

10.0.12.88api-gateway-01

mediumEVT-4815

14:29:47

DNS tunneling attempt detected — abnormal TXT record queries

198.51.100.14dns-resolver-01

highEVT-4814

14:29:22

Privilege escalation — CVE-2024-21412 Windows SmartScreen bypass

203.0.113.77workstation-087

Incidents by Severity (24h)

critical

high

medium

low

Attack Origins

Last 24h

US East (12)

Netherlands (8)

Germany (5)

Iran (3)

China (18)

Vietnam (4)

Russia (15)

Indonesia (2)

Brazil (6)

India (9)

Network Traffic

Inbound

Outbound

Blocked

Asset Health

4/8 healthy

web-prod-01

healthy

Web Server

Uptime

99.97%

CPU

34%

Memory

62%

Checked 2s ago

db-primary

healthy

Database

Uptime

99.99%

CPU

48%

Memory

78%

Checked 1s ago

app-server-05

warning

Application

Uptime

98.42%

CPU

87%

Memory

91%

Checked 5s ago

bastion-01

critical

Jump Host

Uptime

94.21%

CPU

96%

Memory

94%

Checked 12s ago

api-gateway-01

healthy

API Gateway

Uptime

99.95%

CPU

22%

Memory

45%

Checked 3s ago

file-server-02

warning

Storage

Uptime

99.12%

CPU

41%

Memory

88%

Checked 8s ago

dns-resolver-01

healthy

DNS

Uptime

99.98%

CPU

12%

Memory

28%

Checked 1s ago

workstation-142

critical

Endpoint

Uptime

CPU

Memory

Checked 47s ago

Active Incidents7

ID	Severity	Description	Assignee	Status	Time Open
INC-0042	critical	Active C2 communication from workstation-142 to known Cobalt Strike infrastructure	SC Sarah Chen	investigating	12m
INC-0041	critical	Potential data exfiltration — 2.4GB transferred to 77.91.124.0/24 subnet	MW Marcus Webb	containment	28m
INC-0040	high	LockBit 3.0 ransomware payload detected and quarantined on file-server-02	SC Sarah Chen	remediation	1h 14m
INC-0039	high	Brute force campaign targeting SSH — source 91.234.99.0/24 — 12K attempts	JO James Okafor	monitoring	2h 03m
INC-0038	medium	Lateral movement detected from compromised endpoint to domain controller	MW Marcus Webb	investigating	3h 47m
INC-0037	medium	DNS tunneling — high volume abnormal TXT queries to suspicious domain	PP Priya Patel	investigating	4h 12m
INC-0036	low	Expired TLS certificate on internal API gateway causing service degradation	JO James Okafor	remediation	6h 31m