Guardian Agent

AlertContain · Isolate · Block · Remediate ·

2 endpoints flagged

🤖 Guardian AI recommends immediate action on 2 endpoints

WKSTN-042 has confirmed Emotet C2 connection (risk 97) · SRV-DC01 shows lateral movement pattern (risk 84). Isolation recommended before further propagation.

1,284
Total Endpoints
All reporting
5
Online
Active & clean
2
Flagged
Needs action
1
Isolated
Contained
4
IPs Blocked
Active rules
HostIP AddressUser / DeptRisk ScoreStatusCaseAction
WKSTN-042AI
192.168.1.42
j.martin
Finance
97
flaggedCASE-089
SRV-DC01AI
10.0.0.5
SYSTEM
Infra
84
flaggedCASE-088
WKSTN-007
192.168.1.7
a.kumar
HR
72
isolatedCASE-082 Contained
SRV-WEB02
10.0.0.22
www-data
DevOps
61
online
WKSTN-017
192.168.1.17
p.chen
Finance
44
online
SRV-APP01
10.0.0.30
app-svc
DevOps
28
online
WKSTN-099
192.168.1.99
m.dubois
Marketing
19
online
SRV-FILES
10.0.0.11
SYSTEM
Infra
15
online

Blocks Triggered (24h)

891connections blocked

Blocked IPs

4 active
185.220.101.47DE
Emotet C2 server
09:42·Guardian AI4 hits
194.165.16.72NL
Malware distribution node
08:15·Guardian AI2 hits
45.83.122.110RU
Brute-force source
Yesterday·Analyst847 hits
103.21.244.0/22US
Known Tor exit node range
3d ago·Policy12 hits
91.108.4.0/22IR
Suspicious geolocation
1w ago·Policy

Blocked Domains

update-cdn-fast.net
Malware C2·4h ago
secure-docs.ru
Phishing·Yesterday3 blocked
cdn-verify.io
Payload host·2d ago1 blocked