diff options
| author | doc <doc@filenotfound.org> | 2025-06-30 20:06:28 +0000 |
|---|---|---|
| committer | doc <doc@filenotfound.org> | 2025-06-30 20:06:28 +0000 |
| commit | 717fcb9c81d2bc3cc7a84a3ebea6572d7ff0f5cf (patch) | |
| tree | 7cbd6a8d5046409a82b22d34b01aac93b3e24818 /genesishosting/security/incident-response.md | |
| parent | 8368ff389ec596dee6212ebeb85e01c638364fb3 (diff) | |
Diffstat (limited to 'genesishosting/security/incident-response.md')
| -rw-r--r-- | genesishosting/security/incident-response.md | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/genesishosting/security/incident-response.md b/genesishosting/security/incident-response.md new file mode 100644 index 0000000..29f7ce5 --- /dev/null +++ b/genesishosting/security/incident-response.md @@ -0,0 +1,25 @@ +# Incident Response Policy + +This document defines how we detect, respond to, and report security incidents. + +## Response Workflow + +1. Detection via monitoring, alert, or client report +2. Triage severity and affected systems +3. Contain and isolate threat (e.g., suspend access) +4. Notify stakeholders if client-impacting +5. Perform root cause analysis +6. Patch, re-secure, and document the event + +## Timelines + +- Initial triage: within 2 hours +- Client notification (if impacted): within 24 hours +- Final report delivered internally within 72 hours + +## Tools Used + +- Fail2Ban +- Genesis Shield alerting +- Zabbix/Prometheus incident flags +- Manual log reviews (forensic-level) |