OperationsEffective: February 21, 2026

Incident Response Policy

Intent applies a severity-based process for security and availability incidents, with defined ownership, containment procedures, and customer communication expectations.

Severity Model

SEV-1

Active compromise, confirmed breach, or critical outage affecting core security or availability.

Initial response target: within 30 minutes.

SEV-2

High-impact degradation with meaningful customer effect, but partial service remains available.

Initial response target: within 2 hours.

SEV-3

Limited impact issue with workaround available or constrained blast radius.

Initial response target: within 1 business day.

Response Lifecycle

1. Detect + Triage: On-call owner validates signal and assigns severity.

2. Contain: Access restrictions, rollback, or isolation reduces impact.

3. Recover: Root cause remediated and service integrity validated.

4. Review: Post-incident analysis defines preventive controls.

Communication Commitments

For confirmed incidents involving customer data, affected customers are notified without undue delay.

Updates include known scope, mitigation status, and planned next communication window.

Material incidents receive a written post-incident summary after investigation.

Contacts and References

Report incidents: security@tryintent.dev

Security Overview Privacy Policy Data Processing Addendum Terms of Service

Response targets are operational objectives and do not modify contractual SLAs unless explicitly agreed.