Incident Response & Penetration Testing
This page describes how Sally AI responds to security incidents and how often we test our own defences. Customers are notified of any qualifying incident within 24 hours, and our infrastructure is independently tested every year by an external security firm. Use it for vendor assessments, breach-notification SLAs in your DPA, or to confirm our pentesting cadence and scope.
Incident Response Process
Automated detection via Microsoft Sentinel and Azure Security Center continuously monitors for anomalies and security events.
Immediate response actions are taken to limit impact and stabilise affected systems.
Root-cause analysis is conducted, the issue is fixed, and affected services and data are recovered.
Customers are notified without undue delay, no later than 24 hours after we become aware of the incident, as required by the DPA.
A full incident report is produced including a complete impact assessment and lessons-learned documentation.
Notifying supervisory authorities (GDPR Art. 33, 72-hour deadline) is the responsibility of the data controller (customer). We support assessment and documentation throughout the process.
Penetration Testing
- ✓Annual external penetration tests conducted by independent security firms
- ✓Scope covers: application layer, infrastructure, and access controls
- ✓Full reports available to customers on request
- 📧Contact: privacy@sally.io