Avalanche — Early Warning System for Organizational Crises

See Avalanche in Action

Click each signal to activate detection and discover hidden patterns

Unusual Slack Patterns

Dormant channels suddenly active at 3 AM across three departments simultaneously

Dormant Server Activity

Legacy server in forgotten subnet transmitting to new external IP in Ukraine

Legacy File Access

Three employees who never touched finance files accessing 2019_Q3_budget.xlsx

Anomalous Network Traffic

Encrypted outbound traffic spike during maintenance window matching known C2 patterns

Shadow IT Activation

Unapproved file sharing service spun up in procurement department

Behavioral Anomaly

Senior engineer accessing systems outside normal role and time patterns

🚨 Pattern Detection Alert

CRITICAL

Supply Chain Attack Pattern Detected

The activated signals match the exact precursor pattern observed in the SolarWinds-style supply chain attack from 6 months ago. Estimated window to prevent cascade failure: 47 hours.

T-47 hours

Shadow IT service established in procurement (potential initial access vector)

T-32 hours

Legacy server activates with C2-beaconing patterns to external IP

T-18 hours

Unusual Slack coordination across departments (lateral movement preparation)

T-6 hours

Finance file access pattern (credential harvesting or data exfiltration recon)

NOW

Network traffic spike indicates active stage—immediate incident response required