You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: incident-response-plan.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -38,7 +38,7 @@ Incidents that are not in scope:
38
38
| Category | Examples | Primary Response Role |
39
39
|----------|----------|-----------------------|
40
40
|**Vulnerability Report**| Code exploit, CVE disputes, escalations... | Redirect to the project or delegate to the CNA Team |
41
-
|**Platform Change Risk**|GitHub UI update causing accidental info exposure | Triage → Escalate to platform contacts → Provide mitigations |
41
+
|**Platform changes or provider outages with security implications**|compromised authentication systems, unexpected data exposure, service disruptions affecting security controls...| Triage → Escalate to platform contacts → Provide mitigations |
42
42
|**Account Access Issue**| npm account lockout, GitHub MFA issues | Triage → Help restore access via platform → Provide temporary mitigation |
43
43
|**Supply Chain Attack**| Malicious dependency version | Coordinate with affected projects → Security advisories |
44
44
|**External Incident Impact**| Cloud provider compromise, service outage | Facilitate communication between impacted maintainers and providers |
0 commit comments