Playbooks

Playbooks for security process and operations.

Logs, alerts and incidents.

Security Logs ingestion and review

Security Alerts

Incident Management

Vulnerabilities

Vulnerability Management Process

Bug Bounty / Hackerone

Vulnerability Reports & Disclosure

Pentesting

Internal

External

Projects

Task & Project Management

Code Analysis

Static Code Analysis

Security Training

Awareness & Training Plan

Server investigation

When contacted about a potentially rogue server, i.e. a server used for criminal purposes, we follow our internal Standard Operating Procedure here.

Law enforcement inquiries are subject to our law enforcement guidelines.

Reporting

On a monthly basis, the security team provides a metric sheet to management and presents in the all-hands meeting. The sheet can be found in GDrive. On a weekly basis, the security team reports the status of the current tasks and issues in the all-hands meeting as per an Clickup export and addition to the newsletter.