Incident & Breach Response

Our incident response process, notification timelines, and post-incident procedures.

Incident Response Process

Future AGI maintains a structured incident response process to detect, contain, and resolve security incidents with minimal impact to customers.

Detection

We employ continuous monitoring across all infrastructure and application layers, including:

  • Automated anomaly detection on authentication, access patterns, and data flows
  • Real-time alerting from AWS GuardDuty, CloudTrail, and application-level security logs
  • Vulnerability scanning of dependencies and container images

Triage

When a potential incident is detected, the on-call security engineer performs an initial assessment to determine scope, severity, and affected systems. Incidents are classified using the severity levels below.

Containment

Immediate actions are taken to prevent further impact, including isolating affected systems, revoking compromised credentials, and blocking malicious traffic. Containment measures are documented in real-time.

Remediation

The root cause is identified and a fix is developed, tested, and deployed. This may include patching vulnerabilities, rotating secrets, updating access controls, or modifying infrastructure configurations.

Recovery

Affected services are restored to normal operation. Data integrity is verified and monitoring is enhanced for the affected area to detect any recurrence.

Severity Levels

SeverityDefinitionResponse Time
P1 — CriticalActive data breach, complete service outage, or exploitation of a critical vulnerabilityImmediate (within 1 hour)
P2 — HighPartial service degradation, attempted unauthorized access, or high-severity vulnerability discoveredWithin 4 hours
P3 — MediumMinor security issue with no evidence of exploitation, non-critical vulnerabilityWithin 24 hours
P4 — LowInformational findings, policy improvements, hardening recommendationsWithin 1 week

Notification Timeline

  • Affected customers are notified within 72 hours of confirming a security incident that impacts their data, in accordance with GDPR and industry best practices.
  • Regulatory bodies are notified as required by applicable law and the nature of the incident.
  • Notifications include a description of the incident, the data affected, actions taken, and recommended steps for customers.

Post-Incident Review

Every P1 and P2 incident triggers a formal root cause analysis (RCA) within 5 business days. The RCA documents:

  • Timeline of events
  • Root cause identification
  • Remediation actions taken
  • Preventive measures to avoid recurrence

RCA summaries are shared with affected Enterprise customers upon request.

Status Page

Real-time service status and incident updates are published at our public status page. Subscribe to receive automatic notifications for service disruptions and maintenance windows.

Contact

To report a security concern or request information about a past incident, contact security@futureagi.com.

Questions?

Reach out to our security team.

security@futureagi.com

Request documents

SOC 2 report, DPA, pen test summary.

Request documents →