Incident Response
This chapter describes Vouch’s incident severity classification, response procedures, and communication channels for security events.
Severity Levels
| Level | Description | Response Time |
|---|---|---|
| Critical | Active exploitation, credential theft | 1 hour |
| High | Exploitable vulnerability, no active exploitation | 24 hours |
| Medium | Vulnerability requiring unlikely conditions | 7 days |
| Low | Minor issues, defense in depth | 30 days |
Response Procedure
- Triage — Assess severity and scope
- Contain — Revoke affected credentials, disable vulnerable features
- Investigate — Root cause analysis
- Remediate — Deploy fix
- Communicate — Notify affected users
- Review — Post-incident analysis
Communication Channels
- Security advisories: https://vouch.sh/security
- CVE assignments: Via GitHub Security Advisories
- Status page: https://status.vouch.sh