Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 12:11:44 UTC

DecoyPulse Honeypots

10
Total Honeypots
10
Active
24
Triggered (30d)
3
Internal Triggers
9
External Triggers
98.7%
Avg Uptime
0
False Positives
9
Unique Attackers

Honeypot Status

DP-SSH-01
SSH Server
Host: SRV-FILE-01
Port: 22
Protocol: ssh
Status: Active
Triggers (30d): 3
Last Trigger: 2026-04-09 13:38
Uptime: 99.4%
Deployed: 2026-01-27
DP-RDP-01
RDP Terminal
Host: WS-PC-003
Port: 3389
Protocol: rdp
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 99%
Deployed: 2025-11-19
DP-SMB-01
SMB File Share
Host: SRV-DC-01
Port: 445
Protocol: smb
Status: Active
Triggers (30d): 5
Last Trigger: 2026-04-06 11:42
Uptime: 98.4%
Deployed: 2026-01-06
DP-HTTP-01
Web Admin Panel
Host: SRV-WEB-01
Port: 8080
Protocol: http
Status: Active
Triggers (30d): 2
Last Trigger: 2026-04-05 07:51
Uptime: 99.1%
Deployed: 2025-10-22
DP-SQL-01
MSSQL Database
Host: SRV-SQL-01
Port: 1433
Protocol: sql
Status: Offline
Triggers (30d): 1
Last Trigger: 2026-04-10 04:22
Uptime: 0%
Deployed: 2026-03-03
DP-FTP-01
FTP Server
Host: SRV-BACKUP-01
Port: 21
Protocol: ftp
Status: Active
Triggers (30d): 2
Last Trigger: 2026-03-31 14:56
Uptime: 99%
Deployed: 2025-11-13
DP-LDAP-01
LDAP Directory
Host: SRV-DC-01
Port: 389
Protocol: ldap
Status: Triggered
Triggers (30d): 3
Last Trigger: 2026-04-04 09:43
Uptime: 99.2%
Deployed: 2026-02-16
DP-SMTP-01
SMTP Mail Relay
Host: SRV-MAIL-01
Port: 25
Protocol: smtp
Status: Active
Triggers (30d): 2
Last Trigger: 2026-04-09 18:11
Uptime: 99.5%
Deployed: 2026-02-09
DP-CRED-01
Credential Lure
Host: SRV-APP-01
Protocol: credential
Status: Active
Triggers (30d): 4
Last Trigger: 2026-04-06 23:44
Uptime: 99.2%
Deployed: 2025-12-11
DP-FILE-01
Canary Documents
Host: SRV-FILE-01
Protocol: canary
Status: Active
Triggers (30d): 5
Last Trigger: 2026-04-10 08:45
Uptime: 98.3%
Deployed: 2025-12-06

Trigger Activity Log

25 events (last 30 days)
ID Time Honeypot Action Source IP Source Type User Context Severity Alert Raised
DPT-0014 13h ago DP-SQL-01 SQL authentication probe detected 45.225.148.252 External Medium Yes
DPT-0011 23h ago DP-CRED-01 HTTP admin panel login attempted 10.1.205.67 Internal r.davies Critical Yes
DPT-0010 1d ago DP-FILE-01 Credential spray against honeypot service 194.183.62.8 External Medium Yes
DPT-0020 2d ago DP-SQL-01 Multiple protocol probes from single source 91.231.195.185 External High No
DPT-0021 3d ago DP-LDAP-01 Decoy credentials used from new IP 103.243.216.119 External High Yes
DPT-0012 4d ago DP-RDP-01 SQL authentication probe detected 10.1.31.229 Internal h.roberts Critical Yes
DPT-0001 4d ago DP-FILE-01 Credential spray against honeypot service 45.190.148.29 External High Yes
DPT-0022 4d ago DP-RDP-01 FTP anonymous login attempt 194.201.62.205 External High Yes
DPT-0025 4d ago DP-HTTP-01 SSH login attempt with user "admin" 91.149.195.152 External Medium Yes
DPT-0007 7d ago DP-CRED-01 Directory traversal attempt on web honeypot 10.2.132.149 Internal j.smith Critical Yes
DPT-0002 8d ago DP-FILE-01 LDAP bind with service account 194.212.62.195 External Medium No
DPT-0009 9d ago DP-LDAP-01 Directory traversal attempt on web honeypot 10.2.145.22 Internal n.clark Critical Yes
DPT-0008 9d ago DP-FILE-01 Automated tool fingerprint detected 10.1.223.216 Internal k.brown Critical Yes
DPT-0023 9d ago DP-RDP-01 SSH login attempt with user "admin" 10.2.178.203 Internal m.taylor Critical No
DPT-0016 10d ago DP-SSH-01 LDAP bind with service account 185.46.220.159 External High Yes
DPT-0013 14d ago DP-SQL-01 HTTP admin panel login attempted 10.3.89.144 Internal j.smith Critical Yes
DPT-0019 16d ago DP-SMB-01 RDP brute force from internal IP 194.60.62.145 External Medium Yes
DPT-0018 17d ago DP-LDAP-01 FTP anonymous login attempt 185.32.220.61 External Medium Yes
DPT-0017 20d ago DP-SMB-01 LDAP bind with service account 194.187.62.44 External High Yes
DPT-0004 22d ago DP-FILE-01 Automated tool fingerprint detected 10.0.250.191 Internal c.williams Critical No
DPT-0006 22d ago DP-SQL-01 Canary document opened from workstation 194.1.62.224 External Medium Yes
DPT-0015 22d ago DP-SQL-01 SMB share enumeration attempt 194.241.62.199 External High No
DPT-0005 25d ago DP-SSH-01 SQL authentication probe detected 10.0.204.170 Internal n.clark Critical Yes
DPT-0024 25d ago DP-SQL-01 HTTP admin panel login attempted 194.183.62.158 External High Yes
DPT-0003 29d ago DP-SMB-01 Decoy credentials used from new IP 10.2.230.68 Internal a.wilson Critical Yes

Zero False Positive Detection

DecoyPulse honeypots have zero false positive rate because no legitimate user or service should ever interact with them. Any trigger is inherently suspicious and warrants investigation. Internal triggers are especially critical as they may indicate lateral movement or insider threat activity.