- Escalation procedures
- Incident severity identification and classification
- Roles, responsibilities, and communication strategies in the event of a compromise
- Containment and remediation strategies
- Communication protocols, both internally and externally
- A retrospective analysis to determine the root cause and implement improvements to incident response procedures

NEXT has continuous monitoring, logging, and alerting in place that will automatically escalate any issues. Depending on severity, these incidents may trigger an incident to dedicated on-call engineering 24 hours a day, 7 days a week, 365 days a year. Potential catalysts that may trigger an incident include:

<a href="https://help.nextapp.co/en/articles/6785870-vulnerability-management">severe vulnerabilities</a>

<a href="https://help.nextapp.co/en/articles/6785773-vulnerability-disclosure">vulnerabilities disclosed by a security researcher</a>

<a href="https://help.nextapp.co/en/articles/6786324-intrusion-detection-and-prevention">intrusion detections</a>

<a href="https://help.nextapp.co/en/articles/6786333-logging-and-monitoring">elevated errors, operational performance, and suspicious operations</a>

<a href="https://help.nextapp.co/en/articles/6782367-data-breach-disclosure">data breach disclosure</a>

- <a href="https://help.nextapp.co/en/articles/6785870-vulnerability-management">severe vulnerabilities</a>
- <a href="https://help.nextapp.co/en/articles/6785773-vulnerability-disclosure">vulnerabilities disclosed by a security researcher</a>
- <a href="https://help.nextapp.co/en/articles/6786324-intrusion-detection-and-prevention">intrusion detections</a>
- <a href="https://help.nextapp.co/en/articles/6786333-logging-and-monitoring">elevated errors, operational performance, and suspicious operations</a>
- <a href="https://help.nextapp.co/en/articles/6782367-data-breach-disclosure">data breach disclosure</a>

Incident response plan

Monitoring and alerting