The purpose of this Security Incident Response Program (“IR Program”) is to define Synoptix’s structured approach for detecting, reporting, investigating, responding to, and learning from security incidents that could impact Synoptix’s systems, data, or customer environments. This document:
Ultimately, our goal is to:
This IR Program applies to:
Executive Sponsor
Incident Response Team (IRT)
Database & Infrastructure Engineers
Support Team Leads
Security Champions
All Employees & Contractors
Synoptix groups security incidents into three severity levels to determine response urgency and communication requirements:
Once an incident is verified:
Incident Response Team Lead
DevOps Manager
support@synoptixsoftware.com
IRT Escalation Channel
CEO
dandersenceo@synoptixsoftware.com
Security Support (Customer Inquiries)
Support Team Lead
support@synoptixsoftware.com
Database & Infrastructure Team
Infrastructure Team Mailbox
prodev@synoptixsoftware.com
Executive Sponsor
CTO / CEO
dandersen@synoptixsoftware.com
Information Security Champion (each department)
Varies by department
Discord Channels (designated security-hub)
Legal & Compliance
Legal Counsel
legal@synoptixsoftware.com
Subject: Synoptix Security Incident Notification – [Brief Title]
Hello [Customer Name],
On [Date], our monitoring systems detected [brief description of the suspicious activity]. Our Incident Response Team confirmed that [explain what happened: unauthorized access, malware, misconfiguration, etc.].
Immediate Actions Taken
• We contained the incident by [describe: isolating affected servers, revoking compromised credentials, etc.].
• Our teams are actively eradicating any malicious code and reviewing logs to confirm the scope of impact.
Potential Customer Impact
[Explain whether any customer data, services, or environments were affected, or if no customer environments were compromised.]
Next Steps for Synoptix
• We will provide a follow-up update by [Date within 48 hours] with additional details on remediation and our recommendations.
• Our support team is available at security@synoptix.com if you have specific questions or need assistance (e.g., password rotations, log reviews).
Recommendations for Customers
• Review your own user-access logs for any suspicious activity.
• Rotate admin and privileged user passwords.
• Ensure multi-factor authentication is enabled on all critical accounts.
We take the security of your data seriously and apologize for any inconvenience. We appreciate your patience as we work quickly to restore full security.
Sincerely,
The Synoptix Security Team
[iri-lead@synoptix.com] | [security@synoptix.com]
1.0
June 6, 2025
Initial creation based on Synoptix internal practices and industry benchmarks
Synoptix IRT Lead