Create Incident Response plan


You should have a clear incident response plan in place before listing your GitHub app in the marketplace. You should have the capability to notify GitHub within 24 hours of a confirmed incident.
For an example of an incident response workflow, see the "Data Breach Response Policy" on the SANS Institute website. A short document with clear steps to take in the event of an incident is more valuable than a lengthy policy template.

Stack layer

Security domain

Security tool initiated by this item


Security incident

Manual input

Did this page help you?