empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update security-policies.md (#11616)

Browse Source 
Moving to earlier stage in the process per Zach's suggestion (as part of
triage, not later on which will likely be well after 24 hours)
This commit is contained in:
Zay Hanlon 2023-05-10 14:48:16 -04:00 committed by GitHub
parent ad394f365e
commit 2d5026d54b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
handbook/business-operations/security-policies.md
View File

@ -523,10 +523,19 @@ Incidents of a severity/impact rating higher than **MINOR** shall trigger the re
the [SANS Security Incident Forms templates](https://www.sans.org/score/incident-forms/),
as appropriate.
3. The Head of Security, Privacy Officer, or Fleet representative appointed
3. The CTO, Privacy Officer, or Fleet representative appointed
notifies any affected Customers and Partners. If no Customers and Partners
are affected, notification is at the discretion of the Security and Privacy
Officer.
Fleets incident response policy is to report significant cyber incidents within
24 hours.
- Reporting Timeline 24 hours after determining a cyber incident has occurred.
- Definitions Significant cyber incidents are defined as an incident or group
of incidents that are likely to result in demonstrable harm to Fleet or Fleets
customers.
- Reporting Mechanism Reports to be provided to customers via email
correspondence and Slack.
4. In the case of a threat identified, the Head of Security is to form a team to
investigate and involve necessary resources, both internal to Fleet and
@ -627,14 +636,7 @@ been corrected.
phase.
6. Apprise Senior Management of progress.
7. Continue to notify affected Customers and Partners with relevant updates
as needed. Fleets incident response policy is to report significant cyber
incidents within 24 hours.
- Reporting Timeline 24 hours after determining a cyber incident has occurred.
- Definitions Significant cyber incidents are defined as an incident or group
of incidents that are likely to result in demonstrable harm to Fleet or Fleets
customers.
- Reporting Mechanism Reports to be provided to customers via email
correspondence and Slack.
as needed.
8. Move to Phase V, Follow-up.
#### V - Post-Incident Analysis (Technical and Non-Technical)