Skip to content

Security Incident Report Guide

This guide explains how customers should report security incidents for applications deployed via Game Warden. Prompt, accurate reporting helps Second Front (2F) assess, contain, and remediate risks quickly while meeting DoD security requirements.

When to report

Incidents such as suspected unauthorized access, attempted breach, exposure of sensitive data, malware, or other malicious activity.

Common incident types:

Incident Type            Description                                                                 
Data Spillage            Confidential data is released into an untrusted environment.                
Data Breach              Unauthorized access, disclosure, or theft of sensitive data.                
Malware Infection        Installation and execution of malicious software.                           
Denial of Service (DoS) Intentional disruption of services.                                         
Unauthorized Access      Accessing systems or data without authorization.                            
Insider Threat           Threats originating from employees or trusted individuals.                  
Phishing                 Attempts to gain sensitive information via deceptive communication that results in actual compromise.
Ransomware               Malware that encrypts data for extortion.                                   

Important

  • If your event falls under one of these categories, you must immediately report the incident via email to the Second Front security team.
  • If you’re not sure which category applies, report the event anyway. Our team will triage and route appropriately.

How to report

Notify 2F

Send an email to security@secondfront.com.

Provide the following information

In your email, include the following information:

  • Company name
  • Brief description of the incident (Do not include CUI, PII, or classified information)
  • Type of incident (Refer to the list above)
  • Affected application or service
  • Current impact (I.e., downtime, data exposure, degraded service)
  • Was sensitive data exposed? (Yes/No)
  • Contact information so the Security Team can follow up with you quickly

What happens next

Once your email is received, the 2F Security will:

  1. Review the information provided.
  2. Assess the incident and initiate incident response (IR) protocols.
  3. Execute required containment, recovery, and/or mitigation steps.
  4. Provide status updates and next steps via Slack or email.

Responsibility model

  • Platform-level response (Game Warden infrastructure): Managed by 2F.
  • Application-level response (your deployed apps): Managed by your team.
  • Some IR controls are partially inheritable, but primary responsibility for application-level security and recovery rests with the customer.