Request to whitelist IP 185.92.220.14 for vendor access
TKT-0003
Normal
In Progress
Policy Change
- Created By
- s.jones
- Created
- 2026-06-15 06:22
- Last Updated
- 2026-06-17 22:09
- Assigned Analyst
- Sarah Chen
- Category
- Policy Change
- Messages
- 8
Conversation
s.jones
Customer
2026-06-15 06:22
We'd like to request a change to our security policy:
Request to whitelist IP 185.92.220.14 for vendor access
Please let us know if this is feasible and what the security implications would be.
Request to whitelist IP 185.92.220.14 for vendor access
Please let us know if this is feasible and what the security implications would be.
Sarah Chen
SOC Analyst
2026-06-15 09:58
The vulnerability has been added to your remediation tracking. Our next scheduled scan is in 48 hours and will verify the patch was applied successfully.
s.jones
Customer
2026-06-15 12:56
We've applied the patch on our end. Can you run a verification scan?
Sarah Chen
SOC Analyst
2026-06-15 13:38
The alert you referenced (ALR-00023) was generated by our DecoyPulse honeypot system. This has zero false positive rate — the activity is genuine and warrants investigation.
s.jones
Customer
2026-06-15 15:03
Understood. Is there anything we need to do on our end in the meantime?
Sarah Chen
SOC Analyst
2026-06-15 15:49
Good news — our analysis confirms this is a true positive. We've implemented the containment measures and will send a full incident summary within 24 hours.
s.jones
Customer
2026-06-15 18:57
Thanks. Could you also check if any other accounts were affected?
Sarah Chen
SOC Analyst
2026-06-15 19:47
I've updated the DLP policy as requested. The HR shared drive is now excluded from the external transfer monitoring rule, but internal audit logging remains active.