Stableridge|Systems
Login
Trust Centre

Incident Response Summary

An overview of Stableridge Systems' approach to security incident detection, containment, notification, and review.

Last updated: 24 February 2026

This document provides a general overview of Stableridge Systems' governance and security posture and does not constitute legal advice.

1. Overview

Stableridge maintains incident response procedures designed to detect, contain, and resolve security incidents that may affect the platform, customer data, or operational integrity. These procedures are informed by Australian governance frameworks and are reviewed periodically.

This summary provides a high-level overview of incident response phases. Detailed internal playbooks and escalation procedures are maintained separately and are not published externally.

2. Detection

Stableridge employs monitoring and alerting mechanisms to detect potential security incidents:

  • Automated monitoring of platform infrastructure, application behaviour, and access patterns.
  • Audit log analysis for anomalous authentication attempts, access control violations, and unusual data access patterns.
  • Dependency vulnerability monitoring for alerts on newly disclosed vulnerabilities in third-party components.
  • Reports from customers, users, or external parties submitted through the contact page or vulnerability disclosure process.

3. Containment

When a potential incident is identified, Stableridge takes containment actions proportionate to the nature and severity of the event:

  • Isolation of affected systems, accounts, or network segments to prevent further impact.
  • Revocation of compromised credentials, tokens, or share links.
  • Preservation of relevant logs and forensic data for investigation.
  • Assessment of scope to determine which tenants, users, or data may be affected.

4. Notification

Stableridge is committed to timely notification of affected customers when a confirmed security incident impacts their data or service availability:

  • Affected customers will be notified via the contact details associated with their account.
  • Notifications will include a description of the incident, known impact, containment actions taken, and recommended customer actions where applicable.
  • Where required by applicable law or regulation, Stableridge will notify relevant authorities within mandated timeframes.

Notification timing depends on the complexity of the incident and the need for accurate information. Stableridge prioritises accuracy over speed in initial communications to avoid providing misleading information during ongoing investigation.

5. Post-Incident Review

Following resolution of a security incident, Stableridge conducts a post-incident review to:

  • Determine root cause and contributing factors.
  • Identify improvements to detection, containment, or response procedures.
  • Implement corrective actions to reduce the likelihood of recurrence.
  • Update documentation and operational procedures as needed.

Summaries of post-incident findings may be shared with affected enterprise customers under appropriate confidentiality arrangements.

6. Reporting a Security Concern

If you identify or suspect a security incident involving the Stableridge platform or your account, report it promptly via the contact page. For vulnerability reports, refer to the Vulnerability Disclosure Policy.

Disclaimer

This summary describes Stableridge's general approach to incident response. Specific response timelines and commitments may be documented in enterprise service level agreements. This document does not constitute a guarantee of specific response outcomes.