Request to whitelist IP 185.92.220.14 for vendor access
TKT-0003
Normal
In Progress
Policy Change
- Created By
- j.smith
- Created
- 2026-06-18 23:27
- Last Updated
- 2026-06-21 17:02
- Assigned Analyst
- Emma Richardson
- Category
- Policy Change
- Messages
- 7
Conversation
j.smith
Customer
2026-06-18 23:27
We'd like to request a change to our security policy:
Request to whitelist IP 185.92.220.14 for vendor access
Please let us know if this is feasible and what the security implications would be.
Request to whitelist IP 185.92.220.14 for vendor access
Please let us know if this is feasible and what the security implications would be.
Emma Richardson
SOC Analyst
2026-06-19 00:48
The alert you referenced (ALR-00023) was generated by our DecoyPulse honeypot system. This has zero false positive rate — the activity is genuine and warrants investigation.
j.smith
Customer
2026-06-19 04:38
Thanks. Could you also check if any other accounts were affected?
Emma Richardson
SOC Analyst
2026-06-19 06:01
I've updated the DLP policy as requested. The HR shared drive is now excluded from the external transfer monitoring rule, but internal audit logging remains active.
j.smith
Customer
2026-06-19 07:21
That's reassuring. Can we schedule a call to discuss the remediation steps?
Emma Richardson
SOC Analyst
2026-06-19 10:57
I've checked with our threat intelligence team. The dark web finding is from a third-party breach, not a direct compromise. We recommend enforcing a password reset for the affected account.
j.smith
Customer
2026-06-19 12:59
We've applied the patch on our end. Can you run a verification scan?