AI agent detected — this site exposes structured tools. View tools tools.json
TR EN
🛒 Get a Quote

Security Incident Response Plan

Last updated:

This document defines our incident response steps and the data-breach notification process under Turkish data-protection law (KVKK). Goal: contain quickly, preserve evidence, and meet legal duties on time.

1. Detection & triage

  • Identify the source (application log, error tracking, user report).
  • Classify impact/urgency: Low / Medium / High / Critical.
  • Collect related records via the correlation id (request-id).

2. Containment

  • Invalidate affected sessions (bump session version); freeze accounts if needed.
  • Temporarily disable the exploited endpoint; enable maintenance mode if required.
  • Rotate any potentially leaked secrets (keys/passwords).

3. Root cause & remediation

  • Identify the vulnerability, apply the fix, run regression tests.
  • If restoring from backup, verify integrity.

4. Breach notification (72 hours)

  • If personal data is affected, prepare notification to the Authority as soon as possible and within 72 hours.
  • Inform affected data subjects by an appropriate channel.
  • Record the incident, affected data categories, measures taken and timeline.

5. Post-incident

  • Retrospective: what happened, why, which control was missing.
  • Preserve audit logs and evidence for the statutory retention period.

To report a vulnerability, use security.txt or our contact page.

Before you go…

Have a question? Get a free, no-obligation consultation.

Talk to us