90% of reattacks, comments and incidents will have a median first response time of less than 16 office hours.
All of the following aspects are necessary conditions for the application of the service-level agreements:
- The group has a SQUAD plan,
- Both the environment and the source code are accessible,
- Remote access with no human intervention (no captcha, OTP, etc.),
- There are over 500 reattacks, comments or incidents.
Besides the general measurement aspects, this SLA is measured taking into account the following:
- Percentages are determined using percentiles,
- Office hours correspond to twelve-hour business days, like this: 7AM-7PM (GMT-5),
- The reattacks to be considered will be those that had its vulnerability closed.