Incident Response

Security Operations Center (SOC) tactical command center

SOC Status: OPERATIONAL
Analysts Online: 8
Current Time: 2025-12-12 21:03:15
CRITICAL

3

HIGH

12

MEDIUM

28

LOW

45

MTTD
4.2 min
-12% vs last week
MTTR
18.5 min
-8% vs last week
Real-time Security Alerts
LIVE
Severity Time
 Alert ID
 Category Source
 Description
 Affected Asset
 Status Assigned
21:01:15 ALT-2024-001
Model Extraction
 API Gateway Suspicious query pattern detected - possible model extraction attempt GPT-Finance-Model-v3
New
20:58:15 ALT-2024-002
Adversarial
 Input Validation Adversarial example detected in image classification request Vision-Security-Cam-01
Investigating
20:55:15 ALT-2024-003
Data Poisoning
 Training Pipeline Statistical anomaly in training data batch - outlier detection triggered Recommendation-Engine-Training
New
20:48:15 ALT-2024-004
API Abuse
 Rate Limiter Excessive API calls from single IP - rate limit exceeded NLP-API-Endpoint
Contained
20:43:15 ALT-2024-005
Prompt Injection
 LLM Monitor Potential jailbreak attempt detected in chat session Customer-Support-LLM
Investigating
Incident Pipeline

New

Unassigned incidents

7

Investigating

Active analysis

15

Contained

Threat isolated

8

Resolved

Last 24 hours

42

Quick Actions

False Positive Analysis by Detection Source
020406080100 Adversarial DetectionData DriftModel ExtractionAPI AnomalyBehavioral Analysis
False Positives
True Positives
Total FP Rate
18.5%
Weekly Trend
-3.2%
Tuning Required
5
Analyst Workload & Efficiency

John Doe

5 cases

12 resolved

92% eff

Mary Smith

8 cases

8 resolved

88% eff

Alex Kim

3 cases

15 resolved

95% eff

Sam Wilson

0 cases

10 resolved

90% eff
Automated Response Actions

Block IP Address

192.168.1.105

21:00:15 - Success

Quarantine Model

suspicious-model-v2

20:53:15 - Success

Rate Limit Applied

API-User-42831

20:48:15 - Success

Rollback Deployment

prod-model-finance

20:38:15 - Failed
Active Incidents Requiring Attention

Coordinated Model Extraction Attack

INC-10234 | Model Extraction | 2h 15m elapsed
Investigating

Data Poisoning in Training Pipeline

INC-10235 | Data Poisoning | 45m elapsed
Contained

LLM Jailbreak Attempts

INC-10236 | Prompt Injection | 1h 30m elapsed
Investigating

Response Time Metrics (Last 24 Hours)
0102030 000102030405060708091011121314151617181920212223
MTTD (minutes)
MTTR (minutes)
An unhandled error has occurred. Reload 🗙