Incident Response
Our Security Incident Response Program is designed to ensure timely detection, containment, and remediation of security incidents to minimize impact on our services and customers. The program includes:
Defined roles and responsibilities: We have a dedicated security and operations team responsible for incident investigation and management. Alerts from monitoring tools like Cloudflare and Atatus trigger immediate review.
Incident classification and prioritization: Incidents are categorized based on severity and potential impact, allowing us to allocate resources efficiently.
Incident handling procedures: We follow a structured process including identification, containment, eradication, recovery, and post-incident analysis.
Communication protocols: Internal notifications are sent promptly via Slack and email to relevant stakeholders. If necessary, we escalate incidents to senior leadership.
Documentation and reporting: All incidents are logged with details on cause, resolution steps, and lessons learned to improve future response.
We test our Incident Response Plan through periodic tabletop exercises and simulated scenarios involving key team members from security, operations, and development. These exercises occur at least bi-annually and are designed to validate the effectiveness of our procedures, communication, and coordination under realistic conditions.
Additionally, we review and update the plan after any significant incident or change to our infrastructure to ensure it remains current and effective.
We test our Incident Response Plan through periodic tabletop exercises and simulated scenarios involving key team members from security, operations, and development. These exercises occur at least bi-annually and are designed to validate the effectiveness of our procedures, communication, and coordination under realistic conditions.
Additionally, we review and update the plan after any significant incident or change to our infrastructure to ensure it remains current and effective.