Back to documentation hub
guide
Incident response checklist
How NexusCore handles security incidents and how your team stays in the loop.
7 min•security•
security
compliance
1. Detection
- Continuous monitoring via metrics, logs, and anomaly detection alerts.
- On-call rotation receives PagerDuty notification for Sev 1/2 alerts.
- Automated triage gathers affected services, customers, and regions.
2. Containment
- Scope the incident within 15 minutes.
- Freeze related Mesh automations if customer-generated load contributed.
- Rotate impacted secrets (API keys, OAuth credentials) immediately.
3. Communication
- Post initial update to the status page within 30 minutes.
- Email design partners and affected customers.
- Share an internal Slack briefing with stakeholders (support, success, leadership).
4. Eradication & recovery
- Patch or disable vulnerable components.
- Restore affected services using blue/green deployment workflows.
- Confirm logs and backups remain intact.
5. Post-incident review
- Complete RCA within 72 hours.
- Document customer impact, mitigation timeline, and follow-up actions.
- Schedule remediation tickets with owners and due dates.
Customer responsibilities
- Provide a primary and backup security contact.
- Share any relevant logs when requested—prefer secure uploads.
- Update us on compliance requirements so we include mandatory disclosures.
Reach security@nexuscore.cloud to request recorded tabletop exercises or historical RCAs.
Need deeper implementation help?
Share your requirements and we’ll assemble a tailored rollout or security packet.