Analyst Notes

Capture, share and track investigation notes across the SOC team

248

Total Notes

96

Shared

14

Flagged

09

Drafts

Recent Notes
James Allaire
10 Jul 2026, 07:05 PM

Confirmed lateral movement attempt on FS-Cluster-02 was blocked at the segment firewall. Recommend a full forensic image before restoring the host from backup.

Ransomware INC-2043
Edit Note
Esther Schmidt
10 Jul 2026, 03:22 PM

Reviewed admin portal access logs. Source IP geolocates to an unusual region. Enforcing MFA on all privileged accounts as a precaution.

Access INC-2044
Edit Note
Valerie Padgett
09 Jul 2026, 11:48 AM

External port scan originated from a known scanning service. Low priority, but added the source range to the watchlist for correlation.

Recon Watchlist
Edit Note
Michael Smith
09 Jul 2026, 09:15 AM

Phishing campaign templates matched a previously tracked threat actor. Blocked sender domains at the mail gateway and notified affected users.

Phishing INC-2046
Edit Note
Sally Cavazos
08 Jul 2026, 05:40 PM

Impossible-travel alert resolved as a false positive after confirming the user was on a corporate VPN exit node. Documented for tuning the detection rule.

False Positive Tuning
Edit Note
Daniel Foster
08 Jul 2026, 10:02 AM

Completed the quarterly vulnerability sweep. Three medium-severity findings queued for remediation. Draft report attached for peer review.

Vulnerability Report
Edit Note
Categories
Malware 62
Phishing 48
Access Control 37
Vulnerabilities 29
Network 22
Top Contributors
James Allaire

Tier 2 Analyst

54 notes
Esther Schmidt

Tier 3 Analyst

41 notes
Valerie Padgett

SOC Analyst

33 notes
Michael Smith

Threat Hunter

28 notes