SiteShadow
Back to vulnerability library
Detected byPro-tier static analysisPro

INC01 Incident Readiness Missing

What this means

SiteShadow flagged missing or disabled incident readiness basics (alerting gaps, insufficient log retention, missing runbooks, or no way to revoke/contain compromised access).

Why it matters

Without alerts and retention, incidents can go undetected or uninvestigated.

Safer examples

1) Define "must-have" alerts

2) Keep enough logs to investigate

Set retention appropriate to your threat model and compliance needs.

3) Make containment fast

How SiteShadow detects it (high level)

References

---

← Back to Vulnerability Library

Catch this with SiteShadow Pro.

This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.