Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:38:39 UTC

Request to whitelist IP 185.92.220.14 for vendor access

TKT-0003 Normal In Progress Policy Change
Created By
s.jones
Created
2026-06-15 06:22
Last Updated
2026-06-17 22:09
Assigned Analyst
Sarah Chen
Category
Policy Change
Messages
8

Conversation

s.jones Customer
2026-06-15 06:22
We'd like to request a change to our security policy:

Request to whitelist IP 185.92.220.14 for vendor access

Please let us know if this is feasible and what the security implications would be.
Sarah Chen SOC Analyst
2026-06-15 09:58
The vulnerability has been added to your remediation tracking. Our next scheduled scan is in 48 hours and will verify the patch was applied successfully.
s.jones Customer
2026-06-15 12:56
We've applied the patch on our end. Can you run a verification scan?
Sarah Chen SOC Analyst
2026-06-15 13:38
The alert you referenced (ALR-00023) was generated by our DecoyPulse honeypot system. This has zero false positive rate — the activity is genuine and warrants investigation.
s.jones Customer
2026-06-15 15:03
Understood. Is there anything we need to do on our end in the meantime?
Sarah Chen SOC Analyst
2026-06-15 15:49
Good news — our analysis confirms this is a true positive. We've implemented the containment measures and will send a full incident summary within 24 hours.
s.jones Customer
2026-06-15 18:57
Thanks. Could you also check if any other accounts were affected?
Sarah Chen SOC Analyst
2026-06-15 19:47
I've updated the DLP policy as requested. The HR shared drive is now excluded from the external transfer monitoring rule, but internal audit logging remains active.

Reply