HuskyVoice.AI LogoHuskyVoice.AI

Incident Response

0Incident Response Summary

HuskyVoiceAI (a product from AppEQ) maintains an incident response program designed to detect, contain, investigate, and remediate security incidents and service disruptions in a timely and structured manner. This summary provides an overview of our incident response approach for customers and procurement teams.

1Scope

This incident response program applies to:

  • Security incidents affecting the confidentiality, integrity, or availability of systems or data
  • Suspected unauthorized access to customer data (e.g., recordings, transcripts, metadata)
  • Service disruptions impacting platform availability (including incidents relevant to Enterprise SLA)
  • Third-party provider incidents where they may affect HuskyVoiceAI services (e.g., telecom carriers, AI inference providers)

2What We Classify as an "Incident"

Examples include:

  • Unauthorized access, credential compromise, or suspicious authentication activity
  • Exposure of Customer Data due to misconfiguration or vulnerability
  • Malware, ransomware, or exploitation attempts
  • Denial-of-service attacks affecting platform availability
  • Significant service outages or severe performance degradation
  • Confirmed third-party breach impacting our services or customer data

3How We Detect Incidents

We use a combination of:

  • System monitoring and alerting
  • Centralized logging and audit trails
  • Anomaly detection on access and usage patterns
  • Vendor/provider alerts (telecom, cloud, AI providers)
  • Reports from customers or external researchers

4Incident Response Phases

4.1 Triage & Classification

When an alert or report is received, we validate the signal and determine severity, identify potentially impacted services, tenants, or data, and assign an incident owner to initiate the response workflow.

4.2 Containment

We take steps to limit impact, which may include revoking or rotating credentials and tokens, isolating affected systems or services, blocking malicious traffic patterns, and temporarily disabling affected features or integrations.

4.3 Investigation & Root Cause Analysis

We review logs and relevant telemetry, identify attack vectors or failure points, determine scope of impact (systems, data types, time window), and work with sub-processors and providers where relevant.

4.4 Remediation & Recovery

We patch vulnerabilities or fix configuration issues, restore services safely, validate that remediation is effective, and monitor for recurrence.

4.5 Post-Incident Review

After resolution, we document root cause and timeline, implement preventive measures, update internal playbooks and controls, and conduct follow-up reviews where needed.

5Severity Levels & Response Targets

We classify incidents based on impact and urgency:

Severity 1 (Critical)

Confirmed breach or major outage affecting many customers

Severity 2 (High)

Significant degradation or limited-scope security incident

Severity 3 (Medium/Low)

Minor issue, suspicious activity with limited impact

Response actions are prioritized based on severity. Support response targets for Enterprise customers may be further described in the SLA and/or Order Form.

6Customer Notification

6.1 Security Incidents / Data Breach Notification

If we determine a confirmed security incident has resulted in unauthorized access to Customer Data, we will notify affected customers without undue delay and where feasible within 72 hours of confirmation, consistent with our contractual commitments.

Notifications typically include:

  • Summary of what happened (high-level)
  • Categories of data potentially impacted
  • Known or estimated time window
  • Steps taken to contain and remediate
  • Recommended customer actions (if any)
  • Point of contact for follow-up

6.2 Service Incidents (Availability / SLA)

For service incidents impacting availability, we provide incident updates through email notifications (where configured) and support communications. If a public status page is available, we may also post updates there.

7Customer Responsibilities During an Incident

Customers help reduce risk and speed resolution by:

  • Keeping account contacts current
  • Using strong authentication and protecting credentials
  • Promptly reporting suspected issues to security@huskyvoice.ai
  • Preserving relevant logs and screenshots when reporting an issue
  • Following remediation guidance provided by HuskyVoiceAI (e.g., rotating API keys)

8Third-Party Providers & Dependencies

HuskyVoiceAI relies on third-party providers for certain capabilities (telecom routing, cloud infrastructure, AI inference). Where an incident originates in a third-party provider:

  • We work with the provider to assess scope and impact
  • We take reasonable steps to mitigate service impact
  • We communicate material customer impact consistent with this policy

Our Sub-Processor List is published separately for transparency.

9Secure Reporting (Vulnerability Disclosure)

If you believe you have identified a security vulnerability, please report it to:

security@huskyvoice.ai

Please include:

  • Steps to reproduce (if applicable)
  • Impact assessment
  • Screenshots and logs (if available)

Do not publicly disclose vulnerabilities until we have had a reasonable opportunity to investigate and remediate.

10Updates to This Summary

We may update this Incident Response Summary from time to time to reflect improvements to our processes, tools, and compliance obligations.

Last Updated: January 2026

11Contact

Security

security@huskyvoice.ai

Support

support@huskyvoice.ai

Legal/DPA

dpa@huskyvoice.ai

12Related Documents

Questions About Our Policies?

Our legal and compliance team is here to help clarify any terms or conditions.

Contact Support