Skip to main content

Incident response

Moodi Mahmoudi avatar
Written by Moodi Mahmoudi
Updated over 2 weeks ago

At a glance

NEXT AI maintains a documented, tested incident response plan with 24×7×365 on-call engineering. Security signals (e.g., GuardDuty findings, WAF detections, brute-force indicators) are triaged and escalated by severity, with clear roles, containment/remediation, and post-incident reviews.

What does the incident response plan cover

  • Escalation procedures and notification paths

  • Incident severity identification and classification

  • Roles, responsibilities, and communication strategies (internal & external)

  • Containment and remediation steps

  • Post-incident retrospective for root-cause analysis and improvements

Lifecycle (aligned to standards)

Our process follows recognized guidance: Detect → Respond → Recover, supported by broader Govern/Identify/Protect activities (per NIST SP 800-61 Rev.3).

Monitoring & 24×7 escalation

Continuous logging and alerting auto-escalate issues; on-call engineering 24×7×365 engages based on severity. Typical triggers include severe vulnerabilities, researcher disclosures, intrusion detections, elevated errors/operational anomalies, and breach disclosures.

Timelines (SLA) — how fast we respond

For customers with Premium Support, NEXT AI commits to the following initial response and status-update targets (business hours: Mon 05:00–Sat 05:00 UTC). Security incidents will still engage 24×7 on-call per this plan; the table below reflects formal support SLAs.

Priority

Description (summary)

Initial response

Status updates

Urgent

Service inoperative / complete failure (platform downtime)

2 hours

Hourly

High

Core functionality inoperative, no workaround

4 Business Hours

Every 24 Business Hours

Medium

Functionality impaired, workaround available

24 Business Hours

N/A

Low

Low-impact issues / questions

48 Business Hours

N/A

System uptime and availability

NEXT targets 99.5% monthly uptime with service credits if not met; see the Service Level Agreement and public Status page for availability communications.

Communications (customers & regulators)

Customer communications follow the plan’s severity thresholds. Where GDPR applies, NEXT AI will notify the supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of a personal-data breach (Article 33). NEXT AI supports controllers’ assessments and notifications as provided by contract and law

FAQ

Q: Do you have a formal incident response plan?

Yes—documented, tested, and covering escalation, severity classification, roles/communications, containment/remediation, and post-incident review.

Q: Is coverage truly 24×7?

Yes. On-call engineering is available 24×7×365; alerts from monitoring trigger escalation based on severity.

Q: How fast will you respond to a critical issue?

For Premium Support, Urgent incidents receive an initial response within 2 hours and hourly updates; High priority within 4 Business Hours with updates every 24 Business Hours.

Q: What are “Business Hours” for support SLAs?

Mon 05:00 – Sat 05:00 UTC, excluding NEXT AI holidays.

Q: How does this differ from uptime/availability commitments?

Response-time SLAs cover support. Availability is governed by the Service Level Agreement (target 99.5% monthly, with service credits if not met) and public Status notifications.

Q: What about GDPR’s 72-hour rule?

Under GDPR, controllers notify authorities without undue delay and, where feasible, within 72 hours of becoming aware of a personal-data breach; NEXT AI supports the controller per contract and law.

Did this answer your question?