Cerynix
GOVERNANCE
REPORTING
PLATFORM
AC
Acme Corporation
Enterprise plan
Governance/Incident Timeline/INC-2026-014
Suspected data exfiltration — vendor APISignificant
Open playbook Export report AC
Art. 23 · Early warningSubmitted
24hdeadline met · sent 11h
Art. 23 · Incident notificationDue in 39h
72h33h elapsed
Art. 23 · Final reportNot started
1 modue 2 Aug 2026
Incident Timeline
Detection — anomalous API egress
SIEM alert on vendor integration; 2.3GB outbound to unknown host.
1 Jul 2026 · 08:12 · auto-detected
Triage & containment
API key revoked, vendor integration isolated. Severity set to Significant.
1 Jul 2026 · 09:40 · SOC Team
Early warning submitted
Art. 23 early warning filed with CSIRT within 11 hours.
1 Jul 2026 · 19:05 · CISO · 2 evidence attached
Forensic investigation in progress
Scope confirmed to a single vendor token; no customer PII confirmed yet.
2 Jul 2026 · 14:20 · Forensics
Incident notification (72h) — pending
Draft prepared by AURA · awaiting CISO sign-off
Impacted Assets
Vendor Integration APICritical
Customer DB (read replica)High
Auth serviceContained
Linked Evidence
LOGSIEM alert exportVerified
PDFEarly warning filingVerified
?Forensic reportPending
AURA drafted the 72h notification from timeline & evidence.
Review →
Demo data — Example tenant. Cerynix supports incident readiness and reporting preparation under NIS2 Art. 23; it does not provide legal advice or a guarantee of regulatory compliance. Confirm reporting obligations with qualified professionals.