Home / Legal / Security Incident Response Policy
Security Incident Response Policy
This document outlines APPHOX’s structured approach to detecting, triaging, containing, and remediating cybersecurity incidents.
1. Purpose
Provide a standardized framework to ensure incidents are detected early, contained quickly, and resolved effectively.
2. Incident Classification
- Critical: Data breach, system outage
- High: Privilege misuse, malware detection
- Medium: Suspicious activity, abnormal requests
- Low: Non-critical investigations
3. Incident Handling Lifecycle
- Detection & Alerting
- Triage & Classification
- Containment
- Eradication
- Recovery
- Post-Incident Analysis
4. Reporting & Notification
For GDPR/DPDP-reportable events, APPHOX notifies customers without undue delay including initial details and remediation plans.