1) Scope and incident types
This plan addresses database compromise, unauthorized access, malware or intrusion events, data leakage, loss of data integrity, and service disruption affecting Amazon Information in SellerUX by Nestos Shop systems.
2) Incident lifecycle
- Detect and triage: alerts from SIEM, IDS/IPS, endpoint, and application monitoring are triaged by severity.
- Containment: isolate affected hosts/accounts, disable exposed credentials, and block malicious traffic.
- Eradication: remove malicious artifacts, remediate root cause vulnerabilities, and harden controls.
- Recovery: restore services from trusted backups and validate integrity before resuming normal operations.
- Post-incident: perform root cause analysis, update controls and runbooks, and record corrective actions.
3) Amazon notification commitment
SellerUX by Nestos Shop will notify Amazon within 24 hours of detecting any Security Incident involving Amazon Information by contacting security@amazon.com. Notification includes incident summary, impact scope, containment status, and next remediation steps.
This notification path is part of the formal escalation runbook and is required for all confirmed incidents involving Amazon Information.
4) Escalation and governance
- Roles and responsibilities are defined across security, engineering, operations, and legal stakeholders.
- Incident records preserve timeline, evidence chain-of-custody, and communications.
- The incident response plan is reviewed at least every six months and after significant system changes.