SOC overview · live

Dashboard

Posture, throughput, and AI-triage health across the last 24 hours. Drill into Incidents for correlated kill-chains or Alerts for individual investigations.

Alerts (24h)
14,280
vs 7d avg +8.2%
Auto-triaged
95.3%
13,602 closed by copilot +1.4pp
Open incidents
3
1 critical · 2 high
MTTR
18m
FP rate 4.2% -6m
Alert volume · 24h
10,455
peak 720 @ 13:00
00:0006:0012:0018:00now
AI verdict mix
  • True positive5
  • False positive1
  • Needs review2
  • Benign0
Severity distribution
  • critical2
  • high4
  • medium2
  • low0
ATT&CK tactic spreadmap →
  • Persistence2
  • Execution1
  • Credential Access1
  • Exfiltration1
  • Lateral Movement1
  • Initial Access1
  • Command & Control1
Top risk entities
  • 185.220.101.42
    ip · external
    96
  • DC-EU-01
    host · internal
    95
  • invoice-portal-corp[.]co
    domain · external
    93
  • a3f9...c21e
    file · external
    88
  • svc_backup
    user · internal
    84
Copilot today
  • 13,602 alerts auto-closed (auditable).
  • 67 escalated to analyst review.
  • Mean copilot verdict in 42s.
Connector healthall →
  • Microsoft SentinelSIEM
  • CrowdStrike FalconEDR
  • OktaIdP
  • AWS GuardDutyCloud
  • VirusTotalTIP
ATT&CK coverage
82%+3pp this week
View coverage map