Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:23:23 UTC

DecoyPulse Honeypots

10
Total Honeypots
9
Active
22
Triggered (30d)
3
Internal Triggers
9
External Triggers
99.9%
Avg Uptime
0
False Positives
6
Unique Attackers

Honeypot Status

DP-SSH-01
SSH Server
Host: SRV-FILE-01
Port: 22
Protocol: ssh
Status: Active
Triggers (30d): 5
Last Trigger: 2026-07-04 07:50
Uptime: 98.6%
Deployed: 2026-02-18
DP-RDP-01
RDP Terminal
Host: WS-PC-003
Port: 3389
Protocol: rdp
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 98.4%
Deployed: 2026-05-30
DP-SMB-01
SMB File Share
Host: SRV-DC-01
Port: 445
Protocol: smb
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 99.3%
Deployed: 2026-05-12
DP-HTTP-01
Web Admin Panel
Host: SRV-WEB-01
Port: 8080
Protocol: http
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 98.1%
Deployed: 2026-05-01
DP-SQL-01
MSSQL Database
Host: SRV-SQL-01
Port: 1433
Protocol: sql
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 100%
Deployed: 2026-01-13
DP-FTP-01
FTP Server
Host: SRV-BACKUP-01
Port: 21
Protocol: ftp
Status: Offline
Triggers (30d): 0
Last Trigger: Never
Uptime: 0%
Deployed: 2026-01-16
DP-LDAP-01
LDAP Directory
Host: SRV-DC-01
Port: 389
Protocol: ldap
Status: Active
Triggers (30d): 1
Last Trigger: 2026-07-06 02:01
Uptime: 98.8%
Deployed: 2026-03-15
DP-SMTP-01
SMTP Mail Relay
Host: SRV-MAIL-01
Port: 25
Protocol: smtp
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 99.2%
Deployed: 2026-03-14
DP-CRED-01
Credential Lure
Host: SRV-APP-01
Protocol: credential
Status: Active
Triggers (30d): 3
Last Trigger: 2026-06-29 04:33
Uptime: 99.2%
Deployed: 2026-03-06
DP-FILE-01
Canary Documents
Host: SRV-FILE-01
Protocol: canary
Status: Triggered
Triggers (30d): 3
Last Trigger: 2026-07-01 10:18
Uptime: 98%
Deployed: 2026-04-30

Trigger Activity Log

25 events (last 30 days)
ID Time Honeypot Action Source IP Source Type User Context Severity Alert Raised
DPT-0022 1d ago DP-CRED-01 Directory traversal attempt on web honeypot External Medium Yes
DPT-0006 1d ago DP-FILE-01 SQL authentication probe detected Internal j.smith Critical Yes
DPT-0021 1d ago DP-HTTP-01 HTTP admin panel login attempted External Medium Yes
DPT-0011 2d ago DP-HTTP-01 LDAP bind with service account External High Yes
DPT-0013 3d ago DP-RDP-01 RDP brute force from internal IP Internal a.wilson Critical Yes
DPT-0009 4d ago DP-FILE-01 Canary document opened from workstation Internal system Critical Yes
DPT-0003 5d ago DP-RDP-01 Port scan followed by connection attempt External High Yes
DPT-0005 5d ago DP-CRED-01 Directory traversal attempt on web honeypot External High Yes
DPT-0001 7d ago DP-RDP-01 Port scan followed by connection attempt Internal r.davies Critical Yes
DPT-0020 8d ago DP-RDP-01 Multiple protocol probes from single source External Medium Yes
DPT-0008 9d ago DP-SMB-01 SMB share enumeration attempt Internal m.taylor Critical Yes
DPT-0014 13d ago DP-LDAP-01 FTP anonymous login attempt External Medium Yes
DPT-0019 16d ago DP-FILE-01 Port scan followed by connection attempt Internal e.evans Critical Yes
DPT-0012 18d ago DP-FTP-01 Multiple protocol probes from single source Internal k.brown Critical Yes
DPT-0004 18d ago DP-RDP-01 SQL authentication probe detected Internal system Critical Yes
DPT-0018 19d ago DP-HTTP-01 SQL authentication probe detected External High Yes
DPT-0010 20d ago DP-FTP-01 Automated tool fingerprint detected External Medium Yes
DPT-0015 21d ago DP-SQL-01 Automated tool fingerprint detected External Medium Yes
DPT-0002 21d ago DP-FILE-01 HTTP admin panel login attempted External Medium Yes
DPT-0016 22d ago DP-SMB-01 RDP brute force from internal IP External High Yes
DPT-0007 23d ago DP-FTP-01 Canary document opened from workstation External Medium Yes
DPT-0023 24d ago DP-SMB-01 SSH login attempt with user "admin" Internal n.clark Critical Yes
DPT-0017 26d ago DP-LDAP-01 Canary document opened from workstation External High Yes
DPT-0025 26d ago DP-HTTP-01 Port scan followed by connection attempt Internal p.thomas Critical Yes
DPT-0024 27d ago DP-CRED-01 SQL authentication probe detected Internal r.davies Critical Yes

Zero False Positive Detection

DecoyPulse honeypots have zero false positive rate because no legitimate user or service should ever interact with them. Any trigger is inherently suspicious and warrants investigation. Internal triggers are especially critical as they may indicate lateral movement or insider threat activity.