Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:37:09 UTC

Request to whitelist IP 185.92.220.14 for vendor access

TKT-0003 Normal In Progress Policy Change
Created By
j.smith
Created
2026-06-18 23:27
Last Updated
2026-06-21 17:02
Assigned Analyst
Emma Richardson
Category
Policy Change
Messages
7

Conversation

j.smith Customer
2026-06-18 23:27
We'd like to request a change to our security policy:

Request to whitelist IP 185.92.220.14 for vendor access

Please let us know if this is feasible and what the security implications would be.
Emma Richardson SOC Analyst
2026-06-19 00:48
The alert you referenced (ALR-00023) was generated by our DecoyPulse honeypot system. This has zero false positive rate — the activity is genuine and warrants investigation.
j.smith Customer
2026-06-19 04:38
Thanks. Could you also check if any other accounts were affected?
Emma Richardson SOC Analyst
2026-06-19 06:01
I've updated the DLP policy as requested. The HR shared drive is now excluded from the external transfer monitoring rule, but internal audit logging remains active.
j.smith Customer
2026-06-19 07:21
That's reassuring. Can we schedule a call to discuss the remediation steps?
Emma Richardson SOC Analyst
2026-06-19 10:57
I've checked with our threat intelligence team. The dark web finding is from a third-party breach, not a direct compromise. We recommend enforcing a password reset for the affected account.
j.smith Customer
2026-06-19 12:59
We've applied the patch on our end. Can you run a verification scan?

Reply