Monitoring, logging and incidents
We monitor infrastructure, security events, and application logs 24/7. On-call engineers respond to alerts within minutes, and incident runbooks guide containment and recovery.
What we monitor
Real-time infrastructure monitoring
AWS CloudWatch dashboards track CPU, memory, disk I/O, API latency, and error rates across every service. Alarms trigger when thresholds are breached.
Security event detection
AWS GuardDuty flags unusual API calls, compromised credentials, and unauthorised access attempts. Custom rules detect failed login spikes and bulk data exports.
Application and access logging
Every API request, database query, file upload, and user login is logged. Logs are immutable, retained for 2 years, and indexed for fast search.
Incident response
On-call engineers and escalation paths
DevOps and security engineers rotate on-call duties. PagerDuty alerts route to the on-call engineer within 2 minutes. Critical incidents escalate to the CTO and Data Protection Officer immediately.
Incident runbooks and playbooks
Pre-written runbooks cover data breaches, DDoS attacks, ransomware, and unauthorised access. Playbooks define containment, investigation, remediation, and communication steps.
Post-incident reviews and public updates
After resolution, we conduct blameless post-mortems, document root cause, and update runbooks. For incidents affecting clients or data subjects, we publish summaries with remediation timelines.
How to report a security issue
If you discover a vulnerability or suspect a security issue, email security@cleared.id. We triage credible reports within 4 hours, confirm the issue within 48 hours, and share a remediation timeline. We will keep you updated and credit you publicly (if you want) once the issue is fixed.