...
Report any potential incident as soon as possible. Time is critical so that the Security team can initiate our /wiki/spaces/AH/pages/2980282555 our Incident Response Plan (if needed).
To report a security incident
Send an email to <EMAIL_ADDRESS> to people operations team as soon as possible. If the incident is related to a phishing email, forward the email.
Include Security Incident in the subject line.
Describe briefly what happened.
Indicate the best way for the Security team to contact you, and include a telephone number as an alternate method if possible.
For a project-specific incident
Report the incident in your project Slack channel , and mention
@sre-svcs-team. This alerts your project's Incident Response Team and the Project Manager (PM).Send an email to <EMAIL_ADDRESS>. This alerts the Security team so that we can be aware of this issue and any potential impact to Axelerant.
and get in touch with your project manager.
Honor the "do not delete" rule
...
Finally - while this page is called "Security Incidents," not all incidents are security-related. It could be that a disk got full or a page got wedged and stopped updating properly. We call them "security incidents" because they might be security-related, and we want our Incident Response Team to be ready for security incidents. If all they have to do is restart Apache, well, that's a good day. And again - thank you for reporting the issue!
Incident Severity
TBD
Incident Recovery Timelines
TBD