Security Incident Response
Initial Source of Information
If you have any information about potential security events or incidents relating to the IP Fabric, please notify us in one of the following ways:
- IP Fabric Help Center
- to the office phone
+420 720 022 997
In line with industry best practice, we also monitor standard data sources including (but not limited to):
- Mitre CVE database for software vulnerabilities
- internal monitoring (doesn’t cover customers’ deployments)
We use industry standard CVSS scoring for classification of the reported / discovered vulnerabilities.
Timeline and escalation path is as follows
|0.1 – 3.9
|4.0 – 6.9
|Next two working days
|7.0 – 8.9
|Next working day
|CTO, VPE, SRE
|9.0 – 10.0
|4h during business hours
|CTO, VPE, SRE
Note that we don’t show Remediation Time in this table, instead showing Reaction Time as a metric. It is hard to predict upfront time complexity of a particular issue, or availability of the solution (particularly in a third-party component on which there may be a dependency). Reaction time refers to the time to reach a proposal for solution of the issue with time estimate.
Every security incident has a tracking ticket, which contains:
- CVSS score
- CVE number / link (when applicable)
- Affected customers (if specific)
Also, the IP Fabric internal security Slack channel will be notified, with a dedicated channel created for a specific incident as necessary.
We select one person to be responsible for coordinating internal communication and to serve as an interface to the teams communicating directly with customers. Typical candidates: DevOps TL, Head of Development, VPE, CTO.