Incident response plan
Intrro has a documented incident response plan that establishes the procedures to be undertaken in response to information security incidents.
This incident response plan includes:
- Escalation procedures
- Incident severity identification and classification
- Roles, responsibilities, and communication strategies in the event of a compromise
- Containment and remediation strategies
- Communication protocols, both internally and externally
- A retrospective analysis to determine the root cause and implement improvements to incident response procedures
Monitoring and alerting
Intrro has continuous monitoring, logging, and alerting in place that will automatically escalate any issues. Depending on severity, these incidents may trigger an incident to dedicated on-call engineering 24 hours a day, 7 days a week, 365 days a year. Potential catalysts that may trigger an incident include:
- severe vulnerabilities
- vulnerabilities disclosed by a security researcher
- intrusion detections
- elevated errors, operational performance, and suspicious operations
- data breach discovery