> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://docs.6mm.com/llms.txt.
> For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://docs.6mm.com/_mcp/server.

# Incident Response

6MM maintains a structured incident response framework to ensure system stability, partner confidence, and rapid recovery in the event of security or operational incidents.

As a professional trading infrastructure, 6MM prioritizes containment, transparency, and continuous improvement when handling incidents.

***

<h2 id="what-is-a-security-incident">
  What Is a Security Incident?
</h2>

An incident may include, but is not limited to:

* Unauthorized system access
* Abnormal trading behavior or system anomalies
* Infrastructure outages or service degradation
* Data integrity or configuration issues
* API or integration-related security events

Incidents are evaluated based on impact, scope, and urgency.

***

<h2 id="incident-detection">
  Incident Detection
</h2>

6MM employs multiple detection mechanisms:

* Real-time system monitoring and alerts
* Automated anomaly detection
* Access and activity logging
* Partner and internal reporting channels

Early detection is critical to limiting impact.

***

<h2 id="response-workflow">
  Response Workflow
</h2>

When an incident is identified, the following steps are taken:

1. Identification

   Confirm the nature and severity of the incident
2. Containment

   Isolate affected systems or components
3. Mitigation

   Apply temporary or permanent fixes
4. Recovery

   Restore normal system operations
5. Review

   Conduct post-incident analysis and improvements

***

<h2 id="communication-and-coordination">
  Communication & Coordination
</h2>

* Internal teams coordinate through predefined escalation paths
* Affected partners may be notified when relevant
* Communication prioritizes accuracy and timeliness

End-user communication is handled by partners within their own platforms.

***

<h2 id="post-incident-review">
  Post-Incident Review
</h2>

After resolution:

* Root cause analysis is conducted
* Security policies and controls are reviewed
* Preventive measures are implemented
* Documentation is updated

Lessons learned are incorporated into future security planning.

***

<h2 id="partner-responsibilities-during-incidents">
  Partner Responsibilities During Incidents
</h2>

Partners are expected to:

* Report suspected incidents promptly
* Cooperate during investigation and resolution
* Maintain their own user-facing incident procedures

Clear coordination reduces recovery time and systemic risk.