Recent Incidents
—
All alerts
Active Kill Chains
MITRE
MITRE ATT&CK Coverage
Covered
Partial
None
Top Attackers
Intel
IP Reputation
AbuseIPDB →
Alerts by Engine (24h)
Attack Vectors
7 days →
Traffic Volume (24h)
Engine Modules
Security Posture
Last audit: pending
Anomaly Baselines
IsolationForest Training
0 / 50 samples
TLS Fingerprints
JA3 →
0 malicious fingerprints active
View all 28 →
Alerts Timeline (24h)
Attacks by Type
Top CPU Processes
SIEM Integration
SOAR Webhook
HMAC-SHA256 signed
Last ping: —
All Incidents
0 alerts
| Severity | Event | Module | Source IP | Time | Action |
|---|
Active Chains
| Source IP | Stage | Progress | Coverage | Severity |
|---|
Chain Detail
Click a chain to inspect
Select a kill chain IP to view stage timeline and events
WAF Inspection
HTTP Method
Source IP
Target Path
Query String
Request Body
Attack payload presets
WAF Event Log
Refresh
| Source IP | Path | Rule | Time |
|---|
Custom WAF Rules
0 rules
| Name | Attack Type | Severity | Pattern | Action | Status | Default | Actions |
|---|
IP Lookup
Top Traffic IPs
| IP Address | Hits | Intel | Action |
|---|
Reputation Summary
Security Posture Score
Hardening audit pending
Hardening Findings
| Severity | Finding | Metric |
|---|
Audit Log
| Event | Actor | Type | Time |
|---|
Tamper Verification
[OK]
Audit Trail Integrity Verified
0 entries
Chain intact
Alert Rules
| Name | Severity | Module | Pattern | Webhook | Status | Actions |
|---|
Process Monitor
| PID | Process Name | User | CPU % | RSS | Status |
|---|
Network Connections
| Process | Local Address | Remote Address | Port | Status |
|---|
Monitored Directories
| Directory | Action |
|---|
Specific Files
| File Path | Action |
|---|
File Integrity Monitor
| Path | Hash | Size | Last Seen |
|---|
Login Monitor
| Time | Source IP | Username | Service | Status | Port | Log Source | Actions |
|---|
Fleet Agents
| Agent ID | Status | Version | Last Heartbeat | Uptime | Actions |
|---|