Overview
Codexium operates a structured incident management process designed to protect client data, restore normal operations quickly, and maintain clear communication throughout security events.
Incident Definition & Severity
An incident is any event that compromises, or could compromise, confidentiality, integrity, or availability of systems or data. Events are classified by severity based on impact and urgency, which dictates response SLAs and escalation paths.
Detection & Triage
- Alerts from monitoring, logging, and third-party tools feed into centralized channels.
- Team members can raise suspected incidents via internal reporting processes.
- Initial triage assesses scope, likely root cause, and immediate containment needs.
Response & Containment
- Isolating affected systems, services, or accounts.
- Rotating secrets and credentials.
- Blocking malicious IPs or patterns at the perimeter.
- Applying configuration or code fixes to close gaps.
Communication & Notification
- Prompt notification to designated client contacts when their environments or data are impacted.
- Regular updates as investigations progress, including known impact and remediation actions.
- Support for regulatory or contractual notification obligations where Codexium acts as processor or service provider.
Post-Incident Review & Improvement
After closure, Codexium conducts a post-incident review to capture root cause, what worked well, and what must be improved. Follow-up actions can include control enhancements, additional monitoring, or targeted training.
Shared Responsibilities
Client
- Provide current incident contacts and escalation paths.
- Participate in joint investigations where shared environments are affected.
- Communicate with their own customers or regulators where required.
Codexium
- Detect, contain, and remediate incidents within our scope.
- Communicate transparently and promptly with clients.
- Continuously improve controls based on lessons learned.
Cloud Provider
- Notify Codexium of platform-level incidents.
- Provide logs and forensic data to support investigations where feasible.