Ambassify maintains a structured incident response program to detect, respond to, and recover from security events. Our goal is to minimize impact, restore normal operations quickly, and communicate transparently throughout the process.

Incident Classification

Every security event is assessed and classified by severity to ensure the right level of response.

  • Critical (S1) - Active data breach, system compromise, or widespread service disruption requiring immediate executive involvement
  • High (S2) - Confirmed security event with potential data exposure or significant service impact requiring urgent response
  • Medium (S3) - Contained security event with limited impact, managed within standard response timelines
  • Low (S4) - Minor security event or policy violation with no data exposure, addressed through normal operations

Reporting

We provide multiple ways to report security concerns and encourage responsible disclosure.

  • External Reporting - Security researchers and customers can report vulnerabilities through our responsible disclosure program at security.txt
  • Bug Bounty Program - We welcome responsible disclosure of security vulnerabilities and recognize valid contributions
  • Non-retaliation Policy - Anyone reporting a security concern in good faith is protected from retaliation
  • Multiple Channels - Several reporting channels are available to ensure concerns can be raised quickly and easily

Response Process

Our response follows a proven, structured approach with clearly defined roles and phases.

  • Incident Response Team - A dedicated team with defined roles including Incident Manager, engineering support, legal counsel, and executive oversight
  • Identification - Rapid triage and classification of the event to determine scope and severity
  • Containment - Immediate actions to limit the spread and impact of the incident
  • Eradication - Removal of the root cause and any remaining threat from affected systems
  • Recovery - Restoration of services to normal operation with enhanced monitoring
  • Lessons Learned - Root cause analysis performed for critical incidents to strengthen future defenses

Breach Notification

Ambassify is committed to transparent and timely communication when a data breach occurs.

  • Customer Notification - Affected customers are notified within 24 hours of a confirmed breach
  • Supervisory Authority - Relevant data protection authorities are notified within 72 hours as required by GDPR
  • Transparent Communication - Notifications include clear information about the scope, impact, and remediation steps taken
  • Ongoing Updates - Customers receive follow-up communication as the investigation progresses and additional details become available

Testing and Improvement

We regularly test and refine our incident response capabilities.

  • Annual Testing - The incident response plan is tested at least once per year through simulated exercises
  • Lessons Integrated - Findings from real incidents and tests are incorporated into updated procedures
  • Management Review - Response effectiveness is evaluated during regular management review cycles to drive continuous improvement