Incident Response

Monitoring

CaseProof monitors infrastructure health and anomalous activity via Vercel alerting and Supabase monitoring. Automated alerts are triggered for unusual access patterns, error rate spikes, and infrastructure degradation.

Triage Timeline

• Detection to triage: Within 24 hours of detection, a security incident is assessed for severity, scope, and impact.
• Customer notification: Affected customers are notified within 72 hours of a confirmed data breach, consistent with GDPR Article 33 and CCPA requirements.
• Notification channel: Email to the account owner on file.

Post-Incident

Following any confirmed security incident, CaseProof conducts a root cause analysis and publishes a post-incident summary to this Trust Center within 30 days. The summary will describe what happened, what data was affected, what was done to contain it, and what controls were updated.

Reporting a Vulnerability

To report a security vulnerability in CaseProof, email security@case-proof.com. Please include a description of the vulnerability and steps to reproduce. We acknowledge all reports within 24 hours and will keep you informed of our progress.

We ask that you do not publicly disclose the vulnerability until we have had a reasonable opportunity to investigate and remediate.