Guardian Agent
AlertContain · Isolate · Block · Remediate ·
2 endpoints flagged
🤖 Guardian AI recommends immediate action on 2 endpoints
WKSTN-042 has confirmed Emotet C2 connection (risk 97) · SRV-DC01 shows lateral movement pattern (risk 84). Isolation recommended before further propagation.
1,284
Total Endpoints
All reporting
5
Online
Active & clean
2
Flagged
Needs action
1
Isolated
Contained
4
IPs Blocked
Active rules
| Host | IP Address | User / Dept | Risk Score | Status | Case | Action |
|---|---|---|---|---|---|---|
WKSTN-042AI | 192.168.1.42 | j.martin Finance | 97 | flagged | CASE-089 | |
SRV-DC01AI | 10.0.0.5 | SYSTEM Infra | 84 | flagged | CASE-088 | |
WKSTN-007 | 192.168.1.7 | a.kumar HR | 72 | isolated | CASE-082 | Contained |
SRV-WEB02 | 10.0.0.22 | www-data DevOps | 61 | online | — | |
WKSTN-017 | 192.168.1.17 | p.chen Finance | 44 | online | — | |
SRV-APP01 | 10.0.0.30 | app-svc DevOps | 28 | online | — | |
WKSTN-099 | 192.168.1.99 | m.dubois Marketing | 19 | online | — | |
SRV-FILES | 10.0.0.11 | SYSTEM Infra | 15 | online | — |
Blocks Triggered (24h)
891connections blocked
Blocked IPs
4 active185.220.101.47DE
Emotet C2 server
09:42·Guardian AI4 hits
194.165.16.72NL
Malware distribution node
08:15·Guardian AI2 hits
45.83.122.110RU
Brute-force source
Yesterday·Analyst847 hits
103.21.244.0/22US
Known Tor exit node range
3d ago·Policy12 hits
91.108.4.0/22IR
Suspicious geolocation
1w ago·Policy
Blocked Domains
update-cdn-fast.net
Malware C2·4h ago
secure-docs.ru
Phishing·Yesterday3 blocked
cdn-verify.io
Payload host·2d ago1 blocked