Incident Response
How QNSP handles security incidents.
Incident Response
How QNSP handles security incidents.
Incident classification
| Severity | Description | Response time |
|---|---|---|
| Critical | Data breach, service compromise | 15 minutes |
| High | Security vulnerability exploited | 1 hour |
| Medium | Suspicious activity | 4 hours |
| Low | Policy violation | 24 hours |
Response process
1. Detection
- Automated monitoring
- Customer reports
- Security research
2. Triage
- Assess severity
- Identify scope
- Assign responders
3. Containment
- Isolate affected systems
- Preserve evidence
- Prevent spread
4. Eradication
- Remove threat
- Patch vulnerabilities
- Verify remediation
5. Recovery
- Restore services
- Verify integrity
- Monitor for recurrence
6. Post-incident
- Root cause analysis
- Lessons learned
- Process improvements
Customer notification
Timing
- Critical: Within 24 hours
- High: Within 72 hours
- As required by regulations
Content
- Nature of incident
- Data affected
- Actions taken
- Recommended actions
Reporting incidents
Report security concerns:
- Email: security@qnsp.io
- Portal: https://cloud.qnsp.cuilabs.io/security
Customer responsibilities
- Monitor audit logs
- Report suspicious activity
- Maintain contact information
- Follow security advisories