Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 14:37:50 UTC

DecoyPulse Honeypots

10
Total Honeypots
9
Active
20
Triggered (30d)
5
Internal Triggers
18
External Triggers
99.7%
Avg Uptime
0
False Positives
5
Unique Attackers

Honeypot Status

DP-SSH-01
SSH Server
Host: SRV-FILE-01
Port: 22
Protocol: ssh
Status: Offline
Triggers (30d): 3
Last Trigger: 2026-05-13 22:18
Uptime: 0%
Deployed: 2025-12-11
DP-RDP-01
RDP Terminal
Host: WS-PC-003
Port: 3389
Protocol: rdp
Status: Active
Triggers (30d): 5
Last Trigger: 2026-05-24 00:21
Uptime: 98.6%
Deployed: 2026-04-07
DP-SMB-01
SMB File Share
Host: SRV-DC-01
Port: 445
Protocol: smb
Status: Active
Triggers (30d): 1
Last Trigger: 2026-05-13 20:53
Uptime: 98.5%
Deployed: 2026-04-15
DP-HTTP-01
Web Admin Panel
Host: SRV-WEB-01
Port: 8080
Protocol: http
Status: Triggered
Triggers (30d): 7
Last Trigger: 2026-05-20 03:32
Uptime: 99.7%
Deployed: 2025-12-07
DP-SQL-01
MSSQL Database
Host: SRV-SQL-01
Port: 1433
Protocol: sql
Status: Offline
Triggers (30d): 0
Last Trigger: Never
Uptime: 0%
Deployed: 2025-12-09
DP-FTP-01
FTP Server
Host: SRV-BACKUP-01
Port: 21
Protocol: ftp
Status: Active
Triggers (30d): 3
Last Trigger: 2026-05-18 20:35
Uptime: 98.4%
Deployed: 2026-03-28
DP-LDAP-01
LDAP Directory
Host: SRV-DC-01
Port: 389
Protocol: ldap
Status: Active
Triggers (30d): 2
Last Trigger: 2026-05-22 03:47
Uptime: 99.2%
Deployed: 2026-04-17
DP-SMTP-01
SMTP Mail Relay
Host: SRV-MAIL-01
Port: 25
Protocol: smtp
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 99.9%
Deployed: 2026-01-23
DP-CRED-01
Credential Lure
Host: SRV-APP-01
Protocol: credential
Status: Active
Triggers (30d): 3
Last Trigger: 2026-05-14 19:53
Uptime: 99.4%
Deployed: 2026-02-11
DP-FILE-01
Canary Documents
Host: SRV-FILE-01
Protocol: canary
Status: Active
Triggers (30d): 0
Last Trigger: Never
Uptime: 98.3%
Deployed: 2026-03-10

Trigger Activity Log

25 events (last 30 days)
ID Time Honeypot Action Source IP Source Type User Context Severity Alert Raised
DPT-0011 13h ago DP-FTP-01 SSH login attempt with user "admin" 103.229.216.23 External High Yes
DPT-0019 23h ago DP-SQL-01 Canary document opened from workstation 10.1.178.95 Internal system Critical Yes
DPT-0001 2d ago DP-RDP-01 Credential spray against honeypot service 10.2.107.137 Internal s.jones Critical Yes
DPT-0006 3d ago DP-RDP-01 RDP brute force from internal IP 91.29.195.171 External High Yes
DPT-0002 6d ago DP-FILE-01 HTTP admin panel login attempted 10.0.79.14 Internal n.clark Critical Yes
DPT-0015 10d ago DP-LDAP-01 FTP anonymous login attempt 185.253.220.68 External Medium No
DPT-0003 11d ago DP-CRED-01 SSH login attempt with user "admin" 45.147.148.141 External High Yes
DPT-0018 11d ago DP-RDP-01 Decoy credentials used from new IP 185.201.220.127 External High Yes
DPT-0021 12d ago DP-SMB-01 Credential spray against honeypot service 10.1.254.184 Internal p.thomas Critical Yes
DPT-0022 13d ago DP-FTP-01 HTTP admin panel login attempted 10.1.75.211 Internal f.hall Critical Yes
DPT-0025 13d ago DP-RDP-01 Port scan followed by connection attempt 91.253.195.237 External High Yes
DPT-0014 13d ago DP-SMB-01 Decoy credentials used from new IP 91.129.195.131 External High Yes
DPT-0007 15d ago DP-SQL-01 Lateral movement using honeypot credentials 45.72.148.33 External Medium Yes
DPT-0004 15d ago DP-FILE-01 Decoy credentials used from new IP 194.60.62.169 External Medium Yes
DPT-0012 16d ago DP-HTTP-01 SSH login attempt with user "admin" 185.2.220.128 External Medium Yes
DPT-0013 20d ago DP-FTP-01 Lateral movement using honeypot credentials 10.2.221.172 Internal p.thomas Critical Yes
DPT-0016 23d ago DP-SSH-01 FTP anonymous login attempt 10.1.124.32 Internal s.jones Critical Yes
DPT-0017 25d ago DP-SMB-01 Lateral movement using honeypot credentials 194.88.62.96 External Medium Yes
DPT-0008 25d ago DP-HTTP-01 SMB share enumeration attempt 10.0.195.216 Internal p.thomas Critical Yes
DPT-0023 26d ago DP-LDAP-01 Canary document opened from workstation 45.192.148.209 External Medium Yes
DPT-0020 27d ago DP-HTTP-01 Lateral movement using honeypot credentials 194.213.62.7 External High Yes
DPT-0024 28d ago DP-FILE-01 Automated tool fingerprint detected 103.237.216.102 External Medium Yes
DPT-0009 28d ago DP-FTP-01 SMB share enumeration attempt 194.149.62.227 External Medium Yes
DPT-0005 29d ago DP-SMB-01 SMB share enumeration attempt 10.1.53.231 Internal k.brown Critical Yes
DPT-0010 29d ago DP-FTP-01 LDAP bind with service account 103.65.216.72 External Medium Yes

Zero False Positive Detection

DecoyPulse honeypots have zero false positive rate because no legitimate user or service should ever interact with them. Any trigger is inherently suspicious and warrants investigation. Internal triggers are especially critical as they may indicate lateral movement or insider threat activity.