From 60e6ba07803ad8089a8592dfb276fcd18df75bd2 Mon Sep 17 00:00:00 2001 From: zenlyticgreg <207816712+zenlyticgreg@users.noreply.github.com> Date: Sun, 12 Apr 2026 03:05:49 +0000 Subject: [PATCH] chore: Update knowledge base (Notion + docs weekly sync) --- config/notion-index/index.json | 245 ++++++++++++++++---------- config/notion-index/search-index.json | 55 +++++- docs | 2 +- 3 files changed, 200 insertions(+), 102 deletions(-) diff --git a/config/notion-index/index.json b/config/notion-index/index.json index 8c4e963..7093d04 100644 --- a/config/notion-index/index.json +++ b/config/notion-index/index.json @@ -1,5 +1,5 @@ { - "exportedAt": "2025-12-23T17:34:57.697Z", + "exportedAt": "2026-04-12T03:05:48.901Z", "pages": [ { "id": "dc73011524e54feaa2a69d78d6e5164e", @@ -11,7 +11,7 @@ "employee", "retention" ], - "lastUpdated": "2025-12-23T17:33:18.277Z" + "lastUpdated": "2026-04-12T03:02:38.531Z" }, { "id": "526475ca-69d2-4b67-a4f7-ddf8d8964201", @@ -26,7 +26,7 @@ "employee", "policy" ], - "lastUpdated": "2025-12-23T17:33:18.873Z" + "lastUpdated": "2026-04-12T03:02:39.087Z" }, { "id": "b1cd2254-9c1a-4b0b-945f-13e646221bf0", @@ -47,7 +47,7 @@ "policy", "firewall" ], - "lastUpdated": "2025-12-23T17:33:19.518Z" + "lastUpdated": "2026-04-12T03:02:39.824Z" }, { "id": "5388c71d-8cee-4d62-8be8-972d606690fd", @@ -59,7 +59,7 @@ "employee", "policy" ], - "lastUpdated": "2025-12-23T17:33:20.127Z" + "lastUpdated": "2026-04-12T03:02:40.510Z" }, { "id": "db53fd75-b172-44f9-84eb-e356d718c4ac", @@ -83,7 +83,7 @@ "network", "logging" ], - "lastUpdated": "2025-12-23T17:33:24.567Z" + "lastUpdated": "2026-04-12T03:02:41.374Z" }, { "id": "53107304-c676-4dad-877f-e3dc62b7fe2f", @@ -105,7 +105,7 @@ "procedure", "vendor" ], - "lastUpdated": "2025-12-23T17:33:27.220Z" + "lastUpdated": "2026-04-12T03:02:43.249Z" }, { "id": "519cf166-e30d-44bf-b454-d388ed246e04", @@ -133,13 +133,13 @@ "monitoring", "vendor" ], - "lastUpdated": "2025-12-23T17:33:28.813Z" + "lastUpdated": "2026-04-12T03:02:48.520Z" }, { "id": "cdfb1ee2-0e75-4a98-b2ee-05e323f44433", "title": "CC2.3.3 Incident Management", "parent": "Employee Handbook", - "content": "Ex Quanta Inc (d.b.a Zenlytic)\n# Incident Management\nVersion: 0.0\nPolicy Owner: Paul Blankley\nStatus: Implemented\n# Incident Response Policy\nThe Incident Response Team shall respond to all potential or actual security or privacy incidents in accordance with the Incident Response Plan and Incident Response Playbooks.\nThe Incident Response Team shall respond to all incidents according to the Incident Response Playbooks for that category of incident. If no such playbook exists, the Incident Response Team shall follow the model response identified in the Incident Response Plan.\nThe Incident Response Lead shall ensure that all incidents are logged and archived in the Incident Response Log. Once the incident and the response are documented, the Incident Response Team shall mark the incident as closed. This will happen in Zenlytic’s Product Management Tool.\n# Incident Response Training and Testing Policy\nIn order to ensure that Zenlytic is prepared to respond to all potential and actual security and privacy incidents, the Incident Response Team shall be trained on Zenlytic's incident response policies and plan, and shall perform incident response exercises.\nThe Incident Response Team shall review the following as part of training:\n• the Incident Response Plan\n• the Incident Response Playbooks\n• the documentation logged from all incidents since the last training\n## Tabletop Exercises\nTabletop exercises are “discussion-based exercises where personnel meet in a classroom setting or in breakout groups to discuss their roles during an emergency and their responses to a particular emergency situation. A facilitator presents a scenario and asks the exercise participants questions related to the scenario, which initiates a discussion among the participants of roles, responsibilities, coordination, and decision-making. A tabletop exercise is discussion-based only and does not involve deploying equipment or other resources.”\nThe objective of a tabletop exercise is to determine if members of the Incident Response Team can realistically walk through their critical functions during a mock incident.\nTo perform a tabletop exercise, the Incident Response Team shall choose at least one incident that Zenlytic will likely face in the next twelve months.\nThe Incident Response Team shall create a playbook for the chosen incident. At a minimum, this shall include the following information for each chosen incident:\n• the date the playbook was created;\n• the individual or team responsible for the playbook (the Owner);\n• the internal and external resources needed to follow the playbook in a real incident;\n• Phase 1: How the Incident Response Team should identify occurrence of the incident; whom the Incident Response Team should notify of the incident; and how the Incident Response Team should assess the incident;\n• Phase 2: How the Incident Response Team should contain and eradicate the incident;\n• Phase 3: The post-incident activity that the Incident Response Team should take, including reporting the incident if necessary, and performing after-action reviews.\nThe Incident Response Team may revisit and update existing playbooks as part of tabletop testing.\nIn addition to scheduled tabletop exercises, at least annually, the Incident Response Lead will simulate the occurrence of an incident and ensure that the Incident Response Team follows the relevant playbooks. The test incident shall be logged in the Incident Response Log.\n# Concept of Operations for Incident Response\nZenlytic shall use a phased approach for the investigation and resolution of privacy and security incidents.\n## Incident Response Planning\nZenlytic shall plan its response to security and privacy incidents by developing this Incident Response Plan, developing the Incident Response Playbooks (as described in the Incident Response Training and Testing Policy), and applying security controls for critical information systems.\n### Business Impact Analysis\nThe Incident Response Team shall prioritize its responses to multiple incidents based on:\n• the criticality of the affected assets; and\n• the current or potential adverse effect.\n### Communications\nDuring the incident response process, the Incident Response Team shall communicate via the following methods/tools:\n• Slack\n• Video chat\n• Phone\n• Email (if necessary)\n## Incident Response Phases\n### Phase 1: Identification and Notification\nActivation Criteria\nThe identification phase is focused on detecting whether an actual security or privacy incident took place. In this phase, the responder shall attempt to gain an understanding of the nature of the incident and to make a determination whether the incident is not a false positive.\nNotification Procedures\nIf the event is not a false positive, or the responder is unable to make a determination, the responder shall notify other workforce members according to the playbook for that type of incident. If no individual is identified, the workforce member shall notify the Security Officer or the Incident Response Lead.\nAssessment\nIncidents and response efforts, shall be documented with:\n• A ticket in Linear (or other issue tracking tool).\n• (If applicable to the incident) A Postmortem (Root Cause Analysis) report\nThe Incident Response Team shall assess the scope and nature of the incident by reviewing the following:\n• Incident name\n• Incident type (e.g., availability, denial of service, unauthorized access, etc)\n• An executive summary of the incident\n• Severity level\n• Status of the incident\n• A full timeline of actions taken by all members of the Incident Response Team (this is updated through all phases of the incident)\n### Phase 2: Containment and Eradication\nThe Incident Response Team shall contain and eradicate the incident.\nPlaybooks should clearly identify the steps that should be taken to limit and mitigate the effects of the compromise.\n### Phase 3: Post-Incident Activity\nReporting\nAs applicable, the Security Officer shall report the incident to necessary parties to fulfill contractual, statutory, or other legal requirements and best practices.\nReview and Prevention\nAfter eradication and recovery of each incident, the Incident Response Team shall review the incident as well as Zenlytic’s handling of the incident. This should be fully documented in a Postmortem (Root Cause Analysis) report, along with any action items designed to mitigate or prevent such incidents in the future.", + "content": "Ex Quanta Inc (d.b.a Zenlytic)\n# Incident Management\nVersion: 0.0\nPolicy Owner: Anshu Aggarwal\nStatus: Implemented\n# Incident Response Policy\nThe Incident Response Team shall respond to all potential or actual security or privacy incidents in accordance with the Incident Response Plan and Incident Response Playbooks.\nThe Incident Response Team shall respond to all incidents according to the Incident Response Playbooks for that category of incident. If no such playbook exists, the Incident Response Team shall follow the model response identified in the Incident Response Plan.\nThe Incident Response Lead shall ensure that all incidents are logged and archived in the Incident Response Log. Once the incident and the response are documented, the Incident Response Team shall mark the incident as closed. This will happen in Zenlytic’s Product Management Tool.\n# Incident Response Training and Testing Policy\nIn order to ensure that Zenlytic is prepared to respond to all potential and actual security and privacy incidents, the Incident Response Team shall be trained on Zenlytic's incident response policies and plan, and shall perform incident response exercises.\nThe Incident Response Team shall review the following as part of training:\n• the Incident Response Plan\n• the Incident Response Playbooks\n• the documentation logged from all incidents since the last training\n## Tabletop Exercises\nTabletop exercises are “discussion-based exercises where personnel meet in a classroom setting or in breakout groups to discuss their roles during an emergency and their responses to a particular emergency situation. A facilitator presents a scenario and asks the exercise participants questions related to the scenario, which initiates a discussion among the participants of roles, responsibilities, coordination, and decision-making. A tabletop exercise is discussion-based only and does not involve deploying equipment or other resources.”\nThe objective of a tabletop exercise is to determine if members of the Incident Response Team can realistically walk through their critical functions during a mock incident.\nTo perform a tabletop exercise, the Incident Response Team shall choose at least one incident that Zenlytic will likely face in the next twelve months.\nThe Incident Response Team shall create a playbook for the chosen incident. At a minimum, this shall include the following information for each chosen incident:\n• the date the playbook was created;\n• the individual or team responsible for the playbook (the Owner);\n• the internal and external resources needed to follow the playbook in a real incident;\n• Phase 1: How the Incident Response Team should identify occurrence of the incident; whom the Incident Response Team should notify of the incident; and how the Incident Response Team should assess the incident;\n• Phase 2: How the Incident Response Team should contain and eradicate the incident;\n• Phase 3: The post-incident activity that the Incident Response Team should take, including reporting the incident if necessary, and performing after-action reviews.\nThe Incident Response Team may revisit and update existing playbooks as part of tabletop testing.\nIn addition to scheduled tabletop exercises, at least annually, the Incident Response Lead will simulate the occurrence of an incident and ensure that the Incident Response Team follows the relevant playbooks. The test incident shall be logged in the Incident Response Log.\n# Concept of Operations for Incident Response\nZenlytic shall use a phased approach for the investigation and resolution of privacy and security incidents.\n## Incident Response Planning\nZenlytic shall plan its response to security and privacy incidents by developing this Incident Response Plan, developing the Incident Response Playbooks (as described in the Incident Response Training and Testing Policy), and applying security controls for critical information systems.\n### Business Impact Analysis\nThe Incident Response Team shall prioritize its responses to multiple incidents based on:\n• the criticality of the affected assets; and\n• the current or potential adverse effect.\n### Communications\nDuring the incident response process, the Incident Response Team shall communicate via the following methods/tools:\n• Slack\n• Video chat\n• Phone\n• Email (if necessary)\n## Incident Response Phases\n### Phase 1: Identification and Notification\nActivation Criteria\nThe identification phase is focused on detecting whether an actual security or privacy incident took place. In this phase, the responder shall attempt to gain an understanding of the nature of the incident and to make a determination whether the incident is not a false positive.\nNotification Procedures\nIf the event is not a false positive, or the responder is unable to make a determination, the responder shall notify other workforce members according to the playbook for that type of incident. If no individual is identified, the workforce member shall notify the Security Officer or the Incident Response Lead.\nAssessment\nIncidents and response efforts, shall be documented with:\n• A ticket in Linear (or other issue tracking tool).\n• (If applicable to the incident) A Postmortem (Root Cause Analysis) report\nThe Incident Response Team shall assess the scope and nature of the incident by reviewing the following:\n• Incident name\n• Incident type (e.g., availability, denial of service, unauthorized access, etc)\n• An executive summary of the incident\n• Severity level\n• Status of the incident\n• A full timeline of actions taken by all members of the Incident Response Team (this is updated through all phases of the incident)\n### Phase 2: Containment and Eradication\nThe Incident Response Team shall contain and eradicate the incident.\nPlaybooks should clearly identify the steps that should be taken to limit and mitigate the effects of the compromise.\n### Phase 3: Post-Incident Activity\nReporting\nAs applicable, the Security Officer shall report the incident to necessary parties to fulfill contractual, statutory, or other legal requirements and best practices.\nReview and Prevention\nAfter eradication and recovery of each incident, the Incident Response Team shall review the incident as well as Zenlytic’s handling of the incident. This should be fully documented in a Postmortem (Root Cause Analysis) report, along with any action items designed to mitigate or prevent such incidents in the future.", "keywords": [ "CC2.3.3", "training", @@ -149,7 +149,7 @@ "policy", "procedure" ], - "lastUpdated": "2025-12-23T17:33:30.946Z" + "lastUpdated": "2026-04-12T03:03:49.428Z" }, { "id": "1b4a8dad-05ac-803b-a447-fc9262f97f83", @@ -167,7 +167,7 @@ "procedure", "integration" ], - "lastUpdated": "2025-12-23T17:33:31.614Z" + "lastUpdated": "2026-04-12T03:03:57.875Z" }, { "id": "b2654df8-028d-4902-a8cf-93319708fc73", @@ -192,7 +192,7 @@ "monitoring", "vendor" ], - "lastUpdated": "2025-12-23T17:33:33.288Z" + "lastUpdated": "2026-04-12T03:04:01.766Z" }, { "id": "808186e5-ec08-45e9-9539-c798f47ffb15", @@ -210,7 +210,7 @@ "procedure", "logging" ], - "lastUpdated": "2025-12-23T17:33:34.959Z" + "lastUpdated": "2026-04-12T03:04:04.386Z" }, { "id": "2527d98e-ee9c-484a-b665-af3fd881eb66", @@ -220,7 +220,7 @@ "keywords": [ "CC3.3.1" ], - "lastUpdated": "2025-12-23T17:33:35.576Z" + "lastUpdated": "2026-04-12T03:04:05.359Z" }, { "id": "2f94af3c-24d2-4fdb-aa54-c6b3515294c1", @@ -235,7 +235,7 @@ "background check", "procedure" ], - "lastUpdated": "2025-12-23T17:33:35.888Z" + "lastUpdated": "2026-04-12T03:04:06.183Z" }, { "id": "612e9f45-4c2c-4b02-b60c-d411f4623e30", @@ -250,7 +250,7 @@ "background check", "procedure" ], - "lastUpdated": "2025-12-23T17:33:36.629Z" + "lastUpdated": "2026-04-12T03:04:08.845Z" }, { "id": "2b2a8dad-05ac-8047-a985-f4f279ca38fa", @@ -267,7 +267,7 @@ "procedure", "infrastructure" ], - "lastUpdated": "2025-12-23T17:33:37.974Z" + "lastUpdated": "2026-04-12T03:04:11.222Z" }, { "id": "fc9d81e4-3f84-40c8-b798-d5018a890134", @@ -280,7 +280,7 @@ "policy", "procedure" ], - "lastUpdated": "2025-12-23T17:33:39.810Z" + "lastUpdated": "2026-04-12T03:04:12.764Z" }, { "id": "ab72611c-4387-40fe-8ab4-f7dcac850c91", @@ -303,7 +303,7 @@ "vendor", "subprocessor" ], - "lastUpdated": "2025-12-23T17:33:40.489Z" + "lastUpdated": "2026-04-12T03:04:13.566Z" }, { "id": "54d40b58-4835-48be-be4d-087df35eed07", @@ -323,7 +323,7 @@ "aws", "vendor" ], - "lastUpdated": "2025-12-23T17:33:42.706Z" + "lastUpdated": "2026-04-12T03:04:17.062Z" }, { "id": "25a4bff1-68be-46a4-a958-5eace6f86ac4", @@ -343,7 +343,7 @@ "aws", "monitoring" ], - "lastUpdated": "2025-12-23T17:33:43.508Z" + "lastUpdated": "2026-04-12T03:04:18.130Z" }, { "id": "df929f14-2b7d-4188-93dd-979ceeee50f8", @@ -360,7 +360,7 @@ "procedure", "retention" ], - "lastUpdated": "2025-12-23T17:33:44.274Z" + "lastUpdated": "2026-04-12T03:04:19.957Z" }, { "id": "21ea8dad-05ac-8094-a02d-e223590bc0b3", @@ -379,7 +379,7 @@ "retention", "vendor" ], - "lastUpdated": "2025-12-23T17:33:45.113Z" + "lastUpdated": "2026-04-12T03:04:20.723Z" }, { "id": "129a8dad-05ac-801c-b803-e69297ecf8c7", @@ -406,7 +406,7 @@ "monitoring", "vendor" ], - "lastUpdated": "2025-12-23T17:33:47.111Z" + "lastUpdated": "2026-04-12T03:04:21.755Z" }, { "id": "29ca8dad-05ac-80f3-9e55-cbb965b5b401", @@ -420,7 +420,7 @@ "rpo", "rto" ], - "lastUpdated": "2025-12-23T17:33:47.508Z" + "lastUpdated": "2026-04-12T03:04:22.303Z" }, { "id": "71ba3e15-d5b5-4e62-a6f2-f3cb07983910", @@ -430,7 +430,7 @@ "keywords": [ "CC1.4.1" ], - "lastUpdated": "2025-12-23T17:33:48.240Z" + "lastUpdated": "2026-04-12T03:04:24.227Z" }, { "id": "e62f4f20-ea21-458b-a00f-b23295e468f6", @@ -440,7 +440,7 @@ "keywords": [ "onboarding" ], - "lastUpdated": "2025-12-23T17:33:51.512Z" + "lastUpdated": "2026-04-12T03:04:24.731Z" }, { "id": "257a8dad-05ac-807d-a16d-c40911e9b0a7", @@ -451,7 +451,7 @@ "onboarding", "api" ], - "lastUpdated": "2025-12-23T17:33:52.094Z" + "lastUpdated": "2026-04-12T03:04:26.291Z" }, { "id": "e5dfcc09-a3ea-4180-99c6-136a6325f3aa", @@ -459,7 +459,7 @@ "parent": "CC1.4.1 Job Descriptions", "content": "## Job Overview\nZenlytic is an Intelligent Analytics company: we're building the human-first analytics experience.\nOur platform features a strong cognitive layer and a powerful chat agent, Zoë — our helpful assistant powered by large language models (LLMs). Zoë integrates deeply with our semantic layer to provide data insights with unparalleled accuracy to people of all backgrounds, from data analysts to company executives.\nWe’ve built out v1 of Zenlytic’s analytics platform — now we need someone to make it delightful, streamlined, and ridiculously good-looking for two very different types of users. Business leaders want simple, clear answers to big questions. Data analysts want powerful tools that let them dive deep into SQL and modeling. As our UI/UX Designer, you’ll take on the challenge of designing experiences that make both groups feel at home — crafting simplicity where it matters, and surfacing depth where it counts.\nYou’ll own the user experience end-to-end: from wireframes to polished visuals to building a design system that keeps everything cohesive. You’ll work side-by-side with our front-end team (they ship fast!) and help shape features that balance ease-of-use for executives with power and flexibility for analysts.\nIf you love the idea of turning complex workflows into intuitive, elegant experiences — and you get excited about designing for very different user needs in the same product — this is your spot.\n## What You’ll Do\n• Design experiences that work for two audiences: execs who want quick insights and analysts who need depth.\n• Collaborate with product + engineering to layer simplicity on top of powerful features.\n• Create flows, wireframes, prototypes, and polished visuals — including AI-driven chat interfaces for advanced analysis.\n• Build and maintain our design system in Figma for consistency across the product.\n• Run user research and testing with both personas, refining designs based on feedback.\n• Balance usability with flexibility — knowing when to streamline and when to expose advanced tools.\n• Stay sharp on UX best practices, accessibility, and design trends for data-heavy apps.\n## What You’ll Bring\n• A portfolio showing you can design for different users — simple for some, powerful for others.\n• Experience designing SaaS products (bonus if data-heavy or complex).\n• Proficiency in Figma.\n• Strong grasp of information hierarchy, usability, and user-centered design.\n• Comfort with research, design systems, and shipping fast in iterative environments.\n• Detail-oriented problem solver who thrives on ownership.\nBonus Points\n• Familiarity with front-end tech (HTML/CSS/JS).\n• Experience with analytics or BI tools.\n• Knowledge of accessibility and inclusive design.\n• +1 if you love data and analytics.\n• +10 if you’re awesome and fun to work with.\n## Additional Information\nZenlytic is a remote-first company. Team members are free to work from anywhere in the United States. For those who prefer an office environment, we maintain an office in Midtown Manhattan that is available for use.\nVisa Sponsorship: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. Please note that this position is not eligible for visa sponsorship.\nZenlytic is an equal opportunity employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.", "keywords": [], - "lastUpdated": "2025-12-23T17:33:52.786Z" + "lastUpdated": "2026-04-12T03:04:27.030Z" }, { "id": "1e04744c-8d19-4654-b475-0d61ccd115db", @@ -472,7 +472,7 @@ "aws", "api" ], - "lastUpdated": "2025-12-23T17:33:53.401Z" + "lastUpdated": "2026-04-12T03:04:27.926Z" }, { "id": "6e1afd79-40ea-424e-a505-0a02de0c2fbd", @@ -487,7 +487,7 @@ "monitoring", "api" ], - "lastUpdated": "2025-12-23T17:33:54.269Z" + "lastUpdated": "2026-04-12T03:04:28.705Z" }, { "id": "643242aa-ba5f-485a-a9ac-93632f14fcb1", @@ -500,7 +500,7 @@ "monitoring", "api" ], - "lastUpdated": "2025-12-23T17:33:54.975Z" + "lastUpdated": "2026-04-12T03:04:29.463Z" }, { "id": "0eb67d56-4e2d-4f6b-813a-4211173efc76", @@ -512,7 +512,7 @@ "infrastructure", "api" ], - "lastUpdated": "2025-12-23T17:33:55.595Z" + "lastUpdated": "2026-04-12T03:04:30.342Z" }, { "id": "1d1a8dad-05ac-8062-b9b7-d58d407e3574", @@ -525,7 +525,7 @@ "infrastructure", "monitoring" ], - "lastUpdated": "2025-12-23T17:33:56.233Z" + "lastUpdated": "2026-04-12T03:04:32.519Z" }, { "id": "25da8dad-05ac-8001-bfe8-ff19bb0aa0bc", @@ -533,7 +533,7 @@ "parent": "CC1.4.1 Job Descriptions", "content": "## Job Overview\nZenlytic is an Intelligent Analytics company: we're building the human-first analytics experience.\nOur platform features a strong cognitive layer and a powerful chat agent, Zoë — our helpful assistant powered by large language models (LLMs). Zoë integrates deeply with our semantic layer to provide data insights with unparalleled accuracy to people of all backgrounds, from data analysts to company executives.\nWe’re looking for a Software Engineering Intern to develop benchmarks on the performance of LLMs. You will take ownership of the design, implementation, and testing of a system that evaluates how well LLMs convert user input into SQL. You will publish your findings and integrate the code into our existing software repository for general usage.\nThe LLM space is one of the fastest-moving and most exciting frontiers in tech today—and we’re building at that pace. This role is ideal for someone who thrives in high-ownership environments, enjoys both strategic thinking and hands-on coding, and wants to deliver cutting-edge product experiences at the intersection of AI and analytics.\n## What You’ll Do\n• Design and implement an LLM evaluation test suite\n• Measure the performance of several LLMs against the test suite\n## What You’ll Bring\n• Familiarity with LLMs, NLP, and ML concepts (e.g., retrieval-augmented generation, embedding search, agent frameworks).\n• Deep experience with Git, pull requests, and modern collaboration workflows.\n• A self-driven mindset, with the ability to own multiple initiatives simultaneously.\n## Additional Information\nZenlytic is a remote-first company. Team members are free to work from anywhere in the United States. For those who prefer an office environment, we maintain an office in Midtown Manhattan that is available for use.\nVisa Sponsorship: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. Please note that this position is not eligible for visa sponsorship.\nZenlytic is an equal opportunity employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.", "keywords": [], - "lastUpdated": "2025-12-23T17:33:56.790Z" + "lastUpdated": "2026-04-12T03:04:33.593Z" }, { "id": "5fbb2322-5e1e-4511-bc93-4df61c309cdf", @@ -541,7 +541,7 @@ "parent": "CC1.4.1 Job Descriptions", "content": "", "keywords": [], - "lastUpdated": "2025-12-23T17:33:57.339Z" + "lastUpdated": "2026-04-12T03:04:34.171Z" }, { "id": "c4dcf450-e0e8-44b9-a40f-f0c13f33f4be", @@ -551,7 +551,7 @@ "keywords": [ "api" ], - "lastUpdated": "2025-12-23T17:33:58.978Z" + "lastUpdated": "2026-04-12T03:04:35.132Z" }, { "id": "4cd88e19-4ea2-4549-bab4-974bb12ccd96", @@ -559,7 +559,7 @@ "parent": "Growth Lead", "content": "• Product-first, bottom-up sales motions: \n• Strong community-based marketing:\n• Content-marketing leaders\n• Leading Shopify technology providers:", "keywords": [], - "lastUpdated": "2025-12-23T17:33:59.565Z" + "lastUpdated": "2026-04-12T03:04:37.007Z" }, { "id": "df6e0b27-3198-42d9-8664-af317ec8bd79", @@ -567,7 +567,7 @@ "parent": "Growth Lead", "content": "---\n• 10/14/20\n• Jonathan Beaton\n---\n## GTM \n• What are you planning for our GTM? What directions would you take us?\n• Most of his experience was with organic motion ", "keywords": [], - "lastUpdated": "2025-12-23T17:34:00.076Z" + "lastUpdated": "2026-04-12T03:04:37.612Z" }, { "id": "5cfbb722-dd2b-4552-a259-ea50453cbd69", @@ -575,7 +575,7 @@ "parent": "Growth Lead", "content": "---\n## Meeting with Viral (8/5/2020)\n• He's the CFO, co-founder\n• He does ops and systems + low code tools \n• They're in growth stage and starting to focus on data\n• historically bringing data into gsheets and now on tableau\n• sync all data in tableau and report there \n---\n## Meeting with Alex (9/25/20)\n• No one person will fit all our needs \n• She'll send us a deck with their model and setup\n• We send them requirements and they'll match us \n• Hourly is $90-170 / hr except for CMO which is higher \n• Part time is locked in 20 hours a week, FT is 40% \n• 20% discount off rate for Part time and Full time ", "keywords": [], - "lastUpdated": "2025-12-23T17:34:03.158Z" + "lastUpdated": "2026-04-12T03:04:38.513Z" }, { "id": "09030d3d-835d-42bc-9724-86d0a968e7de", @@ -583,7 +583,7 @@ "parent": "Growth Lead", "content": "- What would you do to launch Zenlytic?\nuse U-link to reach out\n- What do you think of the PLG model?\n- What's a marketing-driven company you respect? How would you explain their marketing strategy?\n- How do you keep up with the industry? What's your favorite email newsletter?\n- What are the most important components of an inbound strategy?\n- How have you used data before in your job? What tools have you used?\n- What do you do for fun outside of work?\n- What brands or influencers do you follow on social media and why?", "keywords": [], - "lastUpdated": "2025-12-23T17:34:05.463Z" + "lastUpdated": "2026-04-12T03:04:41.421Z" }, { "id": "c2fec5dc-b6b6-4ec1-b9b5-c3c312b32439", @@ -591,7 +591,7 @@ "parent": "Growth Lead", "content": "- What would you do to launch Zenlytic?\n- What do you think of the PLG model?\n- What's a marketing-driven company you respect? How would you explain their marketing strategy?\n- How do you keep up with the industry? What's your favorite email newsletter?\n- What are the most important components of an inbound strategy?\n- How have you used data before in your job? What tools have you used?\n- What do you do for fun outside of work?\n- What brands or influencers do you follow on social media and why?", "keywords": [], - "lastUpdated": "2025-12-23T17:34:08.114Z" + "lastUpdated": "2026-04-12T03:04:42.032Z" }, { "id": "ef147748-77aa-4049-92ec-d8d5978bc0d1", @@ -604,7 +604,7 @@ "aws", "api" ], - "lastUpdated": "2025-12-23T17:34:08.865Z" + "lastUpdated": "2026-04-12T03:04:43.417Z" }, { "id": "1b4a8dad-05ac-8032-b5ce-c63f100dcabe", @@ -614,7 +614,7 @@ "keywords": [ "infrastructure" ], - "lastUpdated": "2025-12-23T17:34:09.530Z" + "lastUpdated": "2026-04-12T03:04:44.355Z" }, { "id": "add41806-bd72-4418-835a-d7a337fc0b36", @@ -624,7 +624,7 @@ "keywords": [ "retention" ], - "lastUpdated": "2025-12-23T17:34:10.378Z" + "lastUpdated": "2026-04-12T03:04:46.611Z" }, { "id": "1195ed70-a8b2-47cf-a34d-5894f200e66e", @@ -635,7 +635,7 @@ "rpo", "network" ], - "lastUpdated": "2025-12-23T17:34:10.965Z" + "lastUpdated": "2026-04-12T03:04:48.296Z" }, { "id": "92da9569-6340-4865-be2a-7677164c5d1c", @@ -646,7 +646,7 @@ "onboarding", "api" ], - "lastUpdated": "2025-12-23T17:34:11.648Z" + "lastUpdated": "2026-04-12T03:04:49.022Z" }, { "id": "1eaa8dad-05ac-80d0-9b92-c2ba45a52272", @@ -660,7 +660,7 @@ "vendor", "api" ], - "lastUpdated": "2025-12-23T17:34:13.381Z" + "lastUpdated": "2026-04-12T03:04:49.806Z" }, { "id": "25ba8dad-05ac-801b-9928-e40a3d182470", @@ -668,7 +668,7 @@ "parent": "CC1.4.1 Job Descriptions", "content": "- What product or feature have you built from scratch that you're most proud of? \n- What product or feature have you worked on with the most demanding performance, scalability, latency, or memory requirements? Please describe these requirements.\n- What is the most complex application you've ever worked on? What specific factors made it complex?\n- Describe a technically challenging problem you solved that surprised you. Was it unexpectedly difficult or simple? Did you develop an elegant solution? Or did you build a very convoluted solution and later realized that there was a much simpler solution.", "keywords": [], - "lastUpdated": "2025-12-23T17:34:17.085Z" + "lastUpdated": "2026-04-12T03:04:50.650Z" }, { "id": "1d0a8dad-05ac-80af-89e7-e100d0956aae", @@ -678,7 +678,7 @@ "keywords": [ "api" ], - "lastUpdated": "2025-12-23T17:34:17.519Z" + "lastUpdated": "2026-04-12T03:04:51.434Z" }, { "id": "1d1a8dad-05ac-807a-b46f-f343f6f4c20f", @@ -688,7 +688,7 @@ "keywords": [ "infrastructure" ], - "lastUpdated": "2025-12-23T17:34:18.047Z" + "lastUpdated": "2026-04-12T03:04:52.855Z" }, { "id": "1d1a8dad-05ac-80a8-8389-c938d2709bb8", @@ -696,7 +696,7 @@ "parent": "CC1.4.1 Job Descriptions", "content": "- Please describe the product or major feature that you are most proud of being the driving force behind.\n- What SaaS product out there do you think offers the most incredible user experience? What about it inspires you?\n- What do you think is the biggest thing that ChatGPT’s interface gets wrong?", "keywords": [], - "lastUpdated": "2025-12-23T17:34:18.566Z" + "lastUpdated": "2026-04-12T03:04:53.696Z" }, { "id": "2aef0fb0-71ef-4ba9-806b-881051c8c20a", @@ -707,7 +707,7 @@ "employee", "policy" ], - "lastUpdated": "2025-12-23T17:34:19.238Z" + "lastUpdated": "2026-04-12T03:04:54.599Z" }, { "id": "c63ab33c-0bc4-4aa9-98f3-fa81d7100850", @@ -719,13 +719,13 @@ "sso", "aws" ], - "lastUpdated": "2025-12-23T17:34:19.616Z" + "lastUpdated": "2026-04-12T03:04:56.248Z" }, { "id": "a35e336a-5a92-4fba-9ac4-8a75d7872412", "title": "Employee Onboarding Process", "parent": "Employee Handbook", - "content": "All employees who will touch customer data need to receive the email about reading and acknowledging our security and governance policies. ⚠️Please send it once the user has their Zenlytic email and has access to Notion.\n---\n# All Employees\n- Resume: (we need to have a PDF of the employee’s resume)\n- Rippling Onboarding: Initiate the Rippling onboarding process, include a background check, and leave the PIIA, Offer Letter, and NDA included in selected documents.\n\n- Security Training: If Rippling does not automatically enroll the user in cybersecurity training, send them this document and ask them to respond by email once they’ve gone through it.\n\n- SaaS Product Access:\n- Meetings: Add the user to the appropriate meetings (e.g. Zenlytics All Hands, etc.)\n- Google Workspace: Add the user to the appropriate Google Group (once we’re beyond the Starter Package with Google Workspace)\n- Access request: Send an email from Paul or Ryan to the other stating which systems the person has access to and requesting approval for that access. Note: this is only relevant for systems that access customer data (lettersi-m above).\n\n- Verizon Specialized Training: Will they touch Verizon data in any way? If so, you must send them the Verizon CPNI training found in this document (send it in email and cc Paul, so we have a record, if audited) Verizon CPNI training \n- Document Acknowledgements:\n- Supplemental Documents for Contractors:\n- Reading:\n- SOC 2 Logging:\n---\n# Department-Specific Employee Onboarding Steps\n### Engineering\n- Grant access to engineering-specific SaaS products\n- Email lists\n### Sales\n- Grant access to Fireflies\n---\n# Employee Offboarding Steps\n• Deactivate email on Google\n• Release from ABM, remove device management from Kandji portal (MDM)\n• Deactivate their various accounts (Notion, Slack, Gong, Logrocket, Langfuse, Figma, Linear, Zoom, ChatGPT, Hubspot, Intercom, Sentry, Github, Zenlytic, Claude, AWS) freeing up licenses\n• If they had AWS admin:\n• If they had prod DB access, rotate prod DB creds\n• Get laptop shipped back to Paul\n• Remove them from recurring meetings (not critical since email is deactivated, but it’s cleaner)\n• Update the SOC 2 Events Log with screenshots of essential steps taken", + "content": "All employees who will touch customer data need to receive the email about reading and acknowledging our security and governance policies. ⚠️Please send it once the user has their Zenlytic email and has access to Notion.\n---\n# All Employees\n- Resume: (we need to have a PDF of the employee’s resume)\n- Rippling Onboarding: Initiate the Rippling onboarding process, include a background check, and leave the PIIA, Offer Letter, and NDA included in selected documents.\n\n- Security Training: If Rippling does not automatically enroll the user in cybersecurity training, send them this document and ask them to respond by email once they’ve gone through it. If they’re a contractor, send them this training instead\n\n- SaaS Product Access:\n- Meetings: Add the user to the appropriate meetings (e.g. Zenlytics All Hands, etc.)\n- Google Workspace: Add the user to the appropriate Google Group (once we’re beyond the Starter Package with Google Workspace)\n- Access request: Send an email from Paul or Ryan to the other stating which systems the person has access to and requesting approval for that access. Note: this is only relevant for systems that access customer data (lettersi-m above).\n\n- Verizon Specialized Training: Will they touch Verizon data in any way? If so, you must send them the Verizon CPNI training found in this document (send it in email and cc Paul, so we have a record, if audited) Verizon CPNI training \n- Document Acknowledgements:\n- Supplemental Documents for Contractors:\n- Reading:\n- SOC 2 Logging:\n---\n# Department-Specific Employee Onboarding Steps\n### Engineering\n- Grant access to engineering-specific SaaS products\n- Email lists\n### Sales\n- Grant access to Fireflies\n---\n# Employee Offboarding Steps\n• Deactivate email on Google\n• Release from ABM, remove device management from Kandji portal (MDM)\n• Deactivate their various accounts (Notion, Slack, Gong, Logrocket, Langfuse, Figma, Linear, Zoom, ChatGPT, Hubspot, Intercom, Sentry, Github, Zenlytic, Claude, AWS) freeing up licenses\n• If they had AWS admin:\n• If they had prod DB access, rotate prod DB creds\n• Get laptop shipped back to Paul\n• Remove them from recurring meetings (not critical since email is deactivated, but it’s cleaner)\n• Update the SOC 2 Events Log with screenshots of essential steps taken", "keywords": [ "soc 2", "training", @@ -738,7 +738,7 @@ "aws", "logging" ], - "lastUpdated": "2025-12-23T17:34:20.436Z" + "lastUpdated": "2026-04-12T03:04:57.315Z" }, { "id": "1325e189-2105-452d-b6f3-68f3b197ccf1", @@ -751,7 +751,7 @@ "onboarding", "aws" ], - "lastUpdated": "2025-12-23T17:34:20.834Z" + "lastUpdated": "2026-04-12T03:04:58.820Z" }, { "id": "ac94c667-0af3-4bad-a023-ba0ce979ebff", @@ -767,7 +767,7 @@ "aws", "third party" ], - "lastUpdated": "2025-12-23T17:34:22.390Z" + "lastUpdated": "2026-04-12T03:04:59.692Z" }, { "id": "1595fdb6-a46a-482e-9dcc-65fd98831020", @@ -779,7 +779,7 @@ "compliance", "audit" ], - "lastUpdated": "2025-12-23T17:34:22.881Z" + "lastUpdated": "2026-04-12T03:05:00.325Z" }, { "id": "8230df19-ee1e-4f6f-b0c1-00518e41d5bb", @@ -812,7 +812,7 @@ "monitoring", "vendor" ], - "lastUpdated": "2025-12-23T17:34:23.553Z" + "lastUpdated": "2026-04-12T03:05:01.531Z" }, { "id": "25ca8dad-05ac-80d9-a716-c2461db6a795", @@ -825,25 +825,28 @@ "incident", "onboarding" ], - "lastUpdated": "2025-12-23T17:34:24.238Z" + "lastUpdated": "2026-04-12T03:05:02.555Z" }, { "id": "25ca8dad-05ac-805b-85a7-f7269be86e66", "title": "SOC 2 Events Log", "parent": "SOC2 Event Types", - "content": "---\n• June 16, 2025: Employee Onboarding: Djordje Ivanovic\n---\n• July 16, 2025: Employee Departure: Rich Taylor\n---\n• July 28, 2025: Employee Onboarding: Jose Luiz Hernandez Hoyos\n---\n• August 29, 2025: Employee Termination: Aaron Cornejo\n• August 29, 2025: Employee Termination: Tyler Crimmins\n---\n• August 29, 2025: Employee Offboarding: Djordje Ivanovic\n• September 26, 2024: Employee Offboarding: Cole French\n---\n• October 2, 2025: Employee Onboarding: Sebastian Castro", + "content": "---\n• June 16, 2025: Employee Onboarding: Djordje Ivanovic\n---\n• July 16, 2025: Employee Departure: Rich Taylor\n---\n• July 28, 2025: Employee Onboarding: Jose Luiz Hernandez Hoyos\n---\n• August 29, 2025: Employee Termination: Aaron Cornejo\n• August 29, 2025: Employee Termination: Tyler Crimmins\n---\n• August 29, 2025: Employee Offboarding: Djordje Ivanovic\n• September 26, 2024: Employee Offboarding: Cole French\n---\n• October 2, 2025: Employee Onboarding: Sebastian Castro\n---\n• November 24, 2025: Downgrade privileged access for John when it is no longer needed (linear ticket)\n---\n• January 6, 2026: Employee Departure: Zach Wright\n---\n• March 25, 2026: AWS Security Training Completed for Jose Hernandez and Sebastian Castro\n---\n• April 1, 2026: Employee Departure: Mark Stephen\n• <>\n---\n• <>\n---\n• <>\n---\n• <>", "keywords": [ "soc 2", + "training", + "security", "employee", - "onboarding" + "onboarding", + "aws" ], - "lastUpdated": "2025-12-23T17:34:24.528Z" + "lastUpdated": "2026-04-12T03:05:06.499Z" }, { "id": "6b8833be227a437a8f846f9cd5c896e4", "title": "Security Homepage", "parent": "root", - "content": "These are the key docs for our security policies \n## Data Retention\n## Legal\n## Security External Documents\n• Security and Compliance \n• SOC2 \n• Penetration Testing \n# Legal for Website\n## Architecture Diagrams\n• Clarity Engine Diagram\n• Network Diagram\n• Agent Flow Diagram (Figma link)\n# Completed Security Docs (for future reference)\n## FAQ", + "content": "These are the key docs for our security policies \n## Data Retention\n## Insurance\n## Legal\n## Security External Documents\n• Security and Compliance \n• SOC2 \n• Penetration Testing \n# Legal for Website\n## Architecture Diagrams\n• Clarity Engine Diagram\n• Network Diagram\n• Agent Flow Diagram (Figma link)\nExploratory mode diagram \n# Completed Security Docs (for future reference)\n## FAQ", "keywords": [ "soc2", "security", @@ -852,7 +855,7 @@ "retention", "network" ], - "lastUpdated": "2025-12-23T17:34:25.384Z" + "lastUpdated": "2026-04-12T03:05:07.532Z" }, { "id": "3eb14fe0-7e8d-400f-8082-a5af44c29a0a", @@ -869,7 +872,7 @@ "logging", "monitoring" ], - "lastUpdated": "2025-12-23T17:34:27.757Z" + "lastUpdated": "2026-04-12T03:05:08.034Z" }, { "id": "fd9bdf97-ab8c-4543-8810-2a70c312458c", @@ -880,7 +883,7 @@ "privacy", "policy" ], - "lastUpdated": "2025-12-23T17:34:31.916Z" + "lastUpdated": "2026-04-12T03:05:08.662Z" }, { "id": "482e1430-de5b-4c9f-8788-f3dce778af63", @@ -888,7 +891,7 @@ "parent": "Security Homepage", "content": "This is the link to our EULA / ToS ", "keywords": [], - "lastUpdated": "2025-12-23T17:34:33.078Z" + "lastUpdated": "2026-04-12T03:05:09.481Z" }, { "id": "028b3458-f905-4410-91db-39db87ff955f", @@ -899,7 +902,7 @@ "sso", "subprocessor" ], - "lastUpdated": "2025-12-23T17:34:33.605Z" + "lastUpdated": "2026-04-12T03:05:10.795Z" }, { "id": "216a8dad-05ac-8053-86f9-f85f9cdf8363", @@ -907,7 +910,7 @@ "parent": "Security Homepage", "content": "", "keywords": [], - "lastUpdated": "2025-12-23T17:34:34.826Z" + "lastUpdated": "2026-04-12T03:05:11.446Z" }, { "id": "180a8dad-05ac-80a1-bccf-da1558df31ed", @@ -915,7 +918,7 @@ "parent": "Security Homepage", "content": "Zoë operates with an Agentic architecture. This means that at each step of the question-answering process, the LLM chooses between calling a tool in its set of tools or responding directly to the user. \nIf the LLM chooses to call a tool, Zenlytic will run the tool and show the results to the LLM. The LLM will then make a decision on whether it wants to call another tool or respond directly to the user. This process continues until the LLM responds directly to the user.\nA high-level diagram of this workflow looks like this:\n## Question Answering Process\nTo be more specific on the set of tools that Zoë uses and when she uses them, let’s look at a more complicated question flow that involves a wider range of tools used. \n- User asks a question “Can you show me gross revenue by product YTD and tell me which product had the highest growth from last YTD to this YTD?”\n- Zoë passes that question to the LLM which determines it wants to use the search fields tool. It queries the search fields tool with the search terms “gross revenue”, “ytd”, “product”.\n- Zoë executes the tool itself, and returns matching fields like order_lines.total_gross_revenue, order_lines.order_date, and products.product_title, along with their additional metadata and SQL definitions.\n- Zoë structures the SQL she wants to use from the metadata into a tool call to the LLM, and the LLM determines that it wants to use the run a query tool. It calls the run a query tool with SQL referencing the field definitions that it saw in the search fields tool response.\n- Zoë compiles the arguments the LLM passes into SQL using the Clarity Engine, and executes that SQL query on the customer’s warehouse.\n- Zoë passes the result of the tool call (the data from the query run on the warehouse) to the LLM and the LLM determines that it wants to use the code interpreter tool to calculate the percentage change from last YTD to this YTD. The LLM writes the code it wants to execute on top of the query results it sees.\n- Zoë executes the code it received as part of the tool call for code interpreter in an isolated sandbox environment. \n- Zoë passes the result of the code interpreter execution to the LLM, and the LLM determines it wants to respond to the user directly and end the iteration process. The LLM responds with text summarizing the results of the conversation thus far.\n- Zoë passes that summarization to the user (including the previously used tool calls and results), answering their question. \nAnother helpful visual, which doesn’t contain all LLM calls made in the process outlined above, but shows all the unique services used, and how they fit together:", "keywords": [], - "lastUpdated": "2025-12-23T17:34:35.345Z" + "lastUpdated": "2026-04-12T03:05:12.570Z" }, { "id": "a64dc864-7a02-468c-85f4-6c91bb6fc122", @@ -923,7 +926,7 @@ "parent": "Security Homepage", "content": "# Without Clarity (link)\n# With Clarity (link)\n# With Clarity - Deep questions (link)", "keywords": [], - "lastUpdated": "2025-12-23T17:34:35.941Z" + "lastUpdated": "2026-04-12T03:05:14.630Z" }, { "id": "b1172bf4-7337-4ac6-8996-593a99253586", @@ -939,7 +942,17 @@ "policy", "aws" ], - "lastUpdated": "2025-12-23T17:34:36.597Z" + "lastUpdated": "2026-04-12T03:05:15.709Z" + }, + { + "id": "326a8dad-05ac-80e9-b828-c696be3d3e85", + "title": "Zenlytic RFI + Security Memory", + "parent": "Security Homepage", + "content": "# Zenlytic RFI + Security Memory\nCorrections and gap-fills from live RFI/security questionnaire sessions. Newest entries at top. Treat this as a high-priority source alongside pre-approved Q&A pairs in the skill.\n---", + "keywords": [ + "security" + ], + "lastUpdated": "2026-04-12T03:05:16.482Z" }, { "id": "3f72c85f50d947ec97543db5242260f9", @@ -950,7 +963,7 @@ "security", "retention" ], - "lastUpdated": "2025-12-23T17:34:37.312Z" + "lastUpdated": "2026-04-12T03:05:17.249Z" }, { "id": "c61320a6-760b-4a63-9f69-170b7a64b471", @@ -958,7 +971,7 @@ "parent": "Engineering Wiki", "content": "## Cloud Architecture\n---\n## Chat (Zoë) Architecture\n---\n## Component Architecture\nOriginal (Excalidraw)", "keywords": [], - "lastUpdated": "2025-12-23T17:34:37.676Z" + "lastUpdated": "2026-04-12T03:05:17.987Z" }, { "id": "1bca8dad-05ac-808c-8170-ebe970188c55", @@ -966,7 +979,7 @@ "parent": "Architecture Diagram", "content": "- SEARCH_FIELDS_TOOL\n- QUERY_DATA_TOOL (referred to as DataQuestion in the code)\n- CHART_CONFIG_TOOL\n- SEARCH_DASHBOARDS_TOOL\n- CREATE_NEW_DASHBOARD_TOOL\n- ADD_QUESTIONS_TO_DASHBOARD_TOOL\n- SHOW_VIEWS_TOOL\n- CODE_INTERPRETER_TOOL\n- CREATE_FIELD_TOOL\n- USER_INTERACTION_MEMORY_TOOL\n- REASONING_TOOL\n- CAUSAL_IMPACT_ANALYZER_TOOL", "keywords": [], - "lastUpdated": "2025-12-23T17:34:38.094Z" + "lastUpdated": "2026-04-12T03:05:18.856Z" }, { "id": "209a8dad-05ac-80e0-bd3d-c1504eed9633", @@ -982,7 +995,7 @@ "api", "integration" ], - "lastUpdated": "2025-12-23T17:34:39.061Z" + "lastUpdated": "2026-04-12T03:05:19.975Z" }, { "id": "209a8dad-05ac-80e7-a300-dd017988985c", @@ -995,7 +1008,7 @@ "infrastructure", "network" ], - "lastUpdated": "2025-12-23T17:34:39.899Z" + "lastUpdated": "2026-04-12T03:05:20.987Z" }, { "id": "207a8dad-05ac-803f-88b7-f07f1f7dcc79", @@ -1008,7 +1021,7 @@ "infrastructure", "api" ], - "lastUpdated": "2025-12-23T17:34:40.804Z" + "lastUpdated": "2026-04-12T03:05:22.321Z" }, { "id": "b5eb4f7a-c7eb-4a45-bc35-0bcd9931dc4b", @@ -1018,7 +1031,7 @@ "keywords": [ "integration" ], - "lastUpdated": "2025-12-23T17:34:41.955Z" + "lastUpdated": "2026-04-12T03:05:24.074Z" }, { "id": "22675636-cd8c-4e73-a45f-d065f158db5e", @@ -1030,7 +1043,7 @@ "sso", "api" ], - "lastUpdated": "2025-12-23T17:34:42.739Z" + "lastUpdated": "2026-04-12T03:05:25.094Z" }, { "id": "d828bc4b-c1f3-4c61-8b4a-5a82b0887983", @@ -1038,7 +1051,7 @@ "parent": "Engineering Wiki", "content": "In this document, we’ll cover how to use the extra prompt context feature when setting up Zoë, Zenlytic’s AI analyst.\n---\n# What instructions does Zoë already have?\nWhen adding new context for Zoë, you should try not to repeat or contradict instructions she is given in the Zenlytic-set system prompt. \nThese are the high-level instructions we give Zoë by default when you interact with her:\n• You are Zenlytic's self-serve Business Intelligence (BI) assistant deployed in a chat interface.\n• You operate on the company's semantic layer.\n• You are assisting the company: and the current date is \n• Clarify ambiguous questions with follow-up questions.\nDon't change these instructions when adding additional context for Zoë because doing so will confuse Zoë and hurt her performance.\n# How should I add instructions?\nWhen structuring additional instructions for Zoë, make sure they are clearly written and contain a straightforward action Zoë should follow. \nA good heuristic is: \n> If a human was skimming this, would they still get the point and do what I’m asking?\nGenerally, it’s helpful to emphasize certain points to make sure Zoë follows them. For example, if you’re trying to get Zoë to ask a follow up question for a time period on a large table saying:\n```\nAsk for a time period if not given one.\n```\nWill not work as well as:\n```\nWhen asked a question that does not contain a time period filter, you must ALWAYS ask the user for the time period they want to use to view the data.\n```\nUsing bullet points or wrapping additional logic under a “Guidelines” header is also helpful. A good example is:\n```\nAdditional Guidelines:\n- The acronym FFDC refers to the marketing function at our company. When users ask for that, interpret it as the word marketing.\n- When the user asks a question in a non-English language, you must ALWAYS respond in the same language in which you were asked the question.\n- When the user asks a question without a time period specified, you must ALWAYS ask a follow-up question to make them pick a time period.\n```", "keywords": [], - "lastUpdated": "2025-12-23T17:34:43.420Z" + "lastUpdated": "2026-04-12T03:05:25.949Z" }, { "id": "1baa8dad-05ac-80ac-a8c5-e7fd0cb47f54", @@ -1046,7 +1059,7 @@ "parent": "Engineering Wiki", "content": "---\nAt Zenlytic, we believe the best insights come from matching the right tool to the right task. That’s why we’ve expanded Zoë, our conversational AI data agent, to support multiple AI models, letting users choose based on their specific needs.\nNot all AI models are the same. Some provide quick, straightforward answers, ideal for immediate insights on questions like, “What’s our top-selling product this month?” Others excel in structured problem-solving and are best for complex queries, such as analyzing deep customer trends or forecasting how new tariffs will affect production needs.\nBy empowering users to select the AI model suited to their query, Zoë ensures accuracy, speed, and relevance. Whether you need instant clarity or advanced analytical insights, Zoë provides the right tool every time you “Just Ask.”\nAvailable AI Models:\n• GPT-4o: Balanced model — great for answering straightforward questions like, “What’s our top-selling product this month?”\n• GPT-o1: Advanced reasoning model — ideal for complex, detailed analyses such as, “What factors are driving customer churn over the past quarter?”\n• Claude 3.5 Sonnet: Balanced model — suitable for quick insights and mid-level analytical tasks, like identifying sales trends.\n• Claude 3.7 Sonnet: Advanced exploratory model — best for deep dives, exploratory analysis, and nuanced insights. Highly intelligent but tends to be more verbose, making it excellent for comprehensive understanding.", "keywords": [], - "lastUpdated": "2025-12-23T17:34:44.056Z" + "lastUpdated": "2026-04-12T03:05:27.413Z" }, { "id": "1d1a8dad-05ac-808e-84b0-ff824335fc9a", @@ -1056,7 +1069,7 @@ "keywords": [ "sso" ], - "lastUpdated": "2025-12-23T17:34:44.783Z" + "lastUpdated": "2026-04-12T03:05:28.120Z" }, { "id": "281a8dad-05ac-8064-b33d-dbab315a8baf", @@ -1066,7 +1079,7 @@ "keywords": [ "integration" ], - "lastUpdated": "2025-12-23T17:34:47.149Z" + "lastUpdated": "2026-04-12T03:05:29.017Z" }, { "id": "50eba629-62a7-44ff-8052-4577a5b79ce0", @@ -1076,7 +1089,7 @@ "keywords": [ "aws" ], - "lastUpdated": "2025-12-23T17:34:50.736Z" + "lastUpdated": "2026-04-12T03:05:29.849Z" }, { "id": "1cea8dad-05ac-801c-8359-c678d80a9d81", @@ -1086,7 +1099,7 @@ "keywords": [ "aws" ], - "lastUpdated": "2025-12-23T17:34:51.861Z" + "lastUpdated": "2026-04-12T03:05:30.518Z" }, { "id": "1cea8dad-05ac-8006-a808-c75cb3c4a862", @@ -1110,7 +1123,7 @@ "network", "monitoring" ], - "lastUpdated": "2025-12-23T17:34:52.543Z" + "lastUpdated": "2026-04-12T03:05:31.611Z" }, { "id": "18aa8dad-05ac-80e9-92c8-ea352eb3c635", @@ -1120,7 +1133,7 @@ "keywords": [ "integration" ], - "lastUpdated": "2025-12-23T17:34:53.378Z" + "lastUpdated": "2026-04-12T03:05:32.395Z" }, { "id": "65edf3cb-a5d6-4e7b-a920-3cfbe8a53cfa", @@ -1128,7 +1141,7 @@ "parent": "Engineering Wiki", "content": "# Frontend\n☐ Update AG Grid License on prod once stage looks good\n# Backend\n☐ Broadly speaking to be prod ready, there should be no errors on any of the dashboards\n☐ Bottom rows still showing up as empty\n☐ Row Totals aren’t working\n☐ SQL Question is not working\n☐ Question specific errors aren’t working. This is suppose to tell the user that they need to select steps in the funnel. Check the dashboard as its seem to be all question types\n☐ Download dashboard as PDF is failing\n☐ Personal fields don’t seem to be working\n☐ Offset table calc not working in pivoted table\n☐ Percent Total on Pivots not working as expected. See ticket", "keywords": [], - "lastUpdated": "2025-12-23T17:34:54.121Z" + "lastUpdated": "2026-04-12T03:05:34.123Z" }, { "id": "1a8a8dad-05ac-80fb-b57d-fd269b13bfb1", @@ -1136,7 +1149,7 @@ "parent": "Engineering Wiki", "content": "", "keywords": [], - "lastUpdated": "2025-12-23T17:34:54.742Z" + "lastUpdated": "2026-04-12T03:05:34.734Z" }, { "id": "28fa8dad-05ac-803b-b68c-fa93c32a44dc", @@ -1146,7 +1159,7 @@ "keywords": [ "api" ], - "lastUpdated": "2025-12-23T17:34:55.269Z" + "lastUpdated": "2026-04-12T03:05:36.243Z" }, { "id": "28fa8dad-05ac-805a-9b7f-efcef3ef5612", @@ -1156,7 +1169,7 @@ "keywords": [ "api" ], - "lastUpdated": "2025-12-23T17:34:55.565Z" + "lastUpdated": "2026-04-12T03:05:36.799Z" }, { "id": "28fa8dad-05ac-80b6-a92a-f804712ff563", @@ -1166,7 +1179,45 @@ "keywords": [ "api" ], - "lastUpdated": "2025-12-23T17:34:56.155Z" + "lastUpdated": "2026-04-12T03:05:37.551Z" + }, + { + "id": "2e2a8dad-05ac-80e5-85c0-e6a399502072", + "title": "List of requests", + "parent": "External API Architecture", + "content": "From Verizon\n• After the insight gets generated, a user can publish and distribute it to a team of people. Will your api support this? link\n• Will your Chat API include the dashboard distribution and configuration? link", + "keywords": [ + "api" + ], + "lastUpdated": "2026-04-12T03:05:38.137Z" + }, + { + "id": "323a8dad-05ac-8109-946b-f3cb71713079", + "title": "How to Set Up Azure Proxy with PrivateLink", + "parent": "Engineering Wiki", + "content": "TL;DR: We proxy AWS app traffic to customers' Azure Databricks workspaces via Private Link. Each customer gets a hostname like -dbx.zenlytic.com that routes through an Azure Application Gateway to a Private Endpoint connected to their Databricks workspace. Traffic flows over a site-to-site VPN between AWS and Azure.\n---\n# Adding a New Customer\n## Step 0: Get info from the customer\nSend the customer this message:\n> Hi [Customer],\n\nTo establish a private connection to your Databricks workspace, we need two things from you:\n\n1. Your Databricks Workspace Resource ID — You can find this in the Azure portal under your Databricks workspace properties, or by running:\naz databricks workspace show --resource-group --name --query id -o tsv\nIt looks like: /subscriptions//resourceGroups//providers/Microsoft.Databricks/workspaces/\n\n2. Your Databricks workspace URL — e.g., adb-1234567890.12.azuredatabricks.net\n\nOnce we receive these, we'll create a Private Endpoint connection to your workspace. You'll see a pending connection request in your Databricks workspace (under Settings → Networking → Private Endpoint Connections) that needs to be approved by your team.\n\nThat's it — no additional infrastructure needed on your side.\n## Step 1: Set variables\nLook at the customer registry below and pick the next available priority (increments of 100, starting at 300).\n```\nCUSTOMER_NAME=\"\"\nDATABRICKS_RESOURCE_ID=\"\"\nDATABRICKS_HOST=\"\" # the part before .azuredatabricks.net\nCUSTOMER_HOSTNAME=\"${CUSTOMER_NAME}-dbx.zenlytic.com\"\nCUSTOMER_PRIORITY=\n\nRESOURCE_GROUP=rg-zenlytic-aws-proxy-prod\nVNET_NAME=vnet-zenlytic-hub\nLOCATION=eastus\n```\n## Step 2: Create Private Endpoint\n```\naz network private-endpoint create \\\n --resource-group $RESOURCE_GROUP \\\n --name pe-databricks-$CUSTOMER_NAME \\\n --vnet-name $VNET_NAME \\\n --subnet snet-private-endpoints \\\n --private-connection-resource-id $DATABRICKS_RESOURCE_ID \\\n --group-id databricks_ui_api \\\n --connection-name conn-$CUSTOMER_NAME \\\n --location $LOCATION \\\n --manual-request true \\\n --request-message \"Zenlytic requesting private access to Databricks workspace\"\n```\nTell the customer to approve the pending connection request in Azure Portal → Databricks workspace → Settings → Networking → Private Endpoint Connections. Wait for approval before continuing.\n## Step 3: Get PE IP (after customer approves)\n```\nPE_IP=$(az network private-endpoint show \\\n --resource-group $RESOURCE_GROUP \\\n --name pe-databricks-$CUSTOMER_NAME \\\n --query 'customDnsConfigs[0].ipAddresses[0]' -o tsv)\n\necho \"PE IP: $PE_IP\"\n```\n## Step 4: Configure Application Gateway\n```\n# Backend pool\naz network application-gateway address-pool create \\\n --resource-group $RESOURCE_GROUP \\\n --gateway-name appgw-azure-proxy \\\n --name pool-$CUSTOMER_NAME \\\n --servers $PE_IP\n\n# HTTP settings (rewrites Host header to real Databricks URL)\naz network application-gateway http-settings create \\\n --resource-group $RESOURCE_GROUP \\\n --gateway-name appgw-azure-proxy \\\n --name settings-$CUSTOMER_NAME \\\n --port 443 \\\n --protocol Https \\\n --host-name \"${DATABRICKS_HOST}.azuredatabricks.net\" \\\n --timeout 60\n\n# Health probe\naz network application-gateway probe create \\\n --resource-group $RESOURCE_GROUP \\\n --gateway-name appgw-azure-proxy \\\n --name probe-$CUSTOMER_NAME \\\n --protocol Https \\\n --host \"${DATABRICKS_HOST}.azuredatabricks.net\" \\\n --path \"/\" \\\n --interval 30 \\\n --timeout 30 \\\n --threshold 3\n\n# Attach probe to HTTP settings\naz network application-gateway http-settings update \\\n --resource-group $RESOURCE_GROUP \\\n --gateway-name appgw-azure-proxy \\\n --name settings-$CUSTOMER_NAME \\\n --probe probe-$CUSTOMER_NAME\n\n# Multi-site listener\naz network application-gateway http-listener create \\\n --resource-group $RESOURCE_GROUP \\\n --gateway-name appgw-azure-proxy \\\n --name listener-$CUSTOMER_NAME \\\n --frontend-ip frontend-private \\\n --frontend-port port-https \\\n --ssl-cert cert-proxy \\\n --host-name $CUSTOMER_HOSTNAME\n\n# Routing rule\naz network application-gateway rule create \\\n --resource-group $RESOURCE_GROUP \\\n --gateway-name appgw-azure-proxy \\\n --name rule-$CUSTOMER_NAME \\\n --http-listener listener-$CUSTOMER_NAME \\\n --address-pool pool-$CUSTOMER_NAME \\\n --http-settings settings-$CUSTOMER_NAME \\\n --priority $CUSTOMER_PRIORITY\n```\n## Step 5: DNS records\n```\n# Azure private DNS\naz network private-dns record-set a create \\\n --resource-group $RESOURCE_GROUP \\\n --zone-name \"privatelink.azuredatabricks.net\" \\\n --name $DATABRICKS_HOST\n\naz network private-dns record-set a add-record \\\n --resource-group $RESOURCE_GROUP \\\n --zone-name \"privatelink.azuredatabricks.net\" \\\n --record-set-name $DATABRICKS_HOST \\\n --ipv4-address $PE_IP\n```\nThen in AWS Route 53, create an A record in the private hosted zone for zenlytic.com:\n• $CUSTOMER_HOSTNAME → 10.1.4.10\n## Step 6: Configure Zenlytic\nSet the database connection host:\n```\ncredentials.host = \"-dbx.zenlytic.com\"\n```\nStandard port 443, no special connect_args needed.\n## Step 7: Verify\n```\ncurl -vk https://$CUSTOMER_HOSTNAME\n# Expected: 303 redirect to /login.html with header \"server: databricks\"\n```\n## Step 8: Update the customer registry\nAdd a row to the registry table below with the customer's details and set status to Complete.\n---\n# Existing Customers\nAll customers share port-https (443) on the private frontend (frontend-private at 10.1.4.10). Routing is host-based via multi-site listeners. Priorities increment by 100 starting at 300 (100 and 200 are used by default/test rules).\n## Important notes\n• Host-based routing, not port-based. We use multi-site listeners with unique hostnames per customer, not unique ports. Port-based routing doesn't work with the Databricks SQL connector because it does TLS hostname verification — connecting to an IP:port fails since the cert (*.zenlytic.com) doesn't match the IP.\n• --group-id databricks_ui_api is required when creating the PE. This is the Databricks sub-resource type that grants access to both the UI and the SQL/API endpoints.\n• Cross-region works. Private endpoints support cross-region connections. Our VNet is in eastus but customers' Databricks workspaces can be in any Azure region.\n• The PE creation IS the approval request. Running az network private-endpoint create with --manual-request true automatically sends a pending connection request. There is no separate step to \"send\" a request.\n---\n# Architecture\n```\nAWS VPC (172.18.0.0/16)\n └─ Zenlytic app connects to: -dbx.zenlytic.com:443\n │\n │ (Route 53 private hosted zone resolves to 10.1.4.10)\n │ (Site-to-Site VPN)\n │\nAzure VNet (10.1.0.0/16)\n ├─ Application Gateway (10.1.4.10) on snet-appgw (10.1.4.0/24)\n │ └─ Multi-site listener routes by Host header to correct backend\n │ └─ Rewrites Host header to real Databricks URL for backend\n ├─ Private Endpoints on snet-private-endpoints (10.1.3.0/24)\n │ └─ pe-databricks- → customer's Databricks workspace\n └─ Private DNS Zone: privatelink.azuredatabricks.net\n └─ A records mapping Databricks hosts to PE IPs\n```\nHow routing works: Each customer gets a unique hostname (e.g., dominos-dbx.zenlytic.com). The App Gateway uses multi-site listeners on a shared HTTPS port (443) to route based on the Host header. The *.zenlytic.com wildcard SSL cert covers all customer hostnames. The App Gateway HTTP settings rewrite the Host header to the real Databricks URL before forwarding to the PE.\n---\n## One-time infrastructure setup\n## Dominos onboarding log", + "keywords": [ + "tls", + "onboarding", + "aws", + "infrastructure", + "network", + "api" + ], + "lastUpdated": "2026-04-12T03:05:39.017Z" + }, + { + "id": "32da8dad-05ac-81cb-8044-f961ab1d6706", + "title": "Incident Post-Mortem Template", + "parent": "Engineering Wiki", + "content": "Incident Title: [e.g., \"API latency spike — 2026-03-24\"]\nSeverity: P0 / P1 / P2 / P3\nDate: YYYY-MM-DD\nDuration: Start → End (total minutes/hours)\nLead: [Name]\n---\n## Summary\n1–2 sentences. What happened, who was affected, how bad was it.\n---\n## Timeline\nChronological list of key events: detection, escalation, mitigation, resolution.\n---\n## Root Cause\nWhat actually broke and why.\n---\n## Impact\nUsers affected, revenue impact, SLA breach, etc.\n---\n## Action Items\n---\n## Lessons Learned\nWhat went well, what didn't, what was lucky.", + "keywords": [ + "incident", + "breach", + "sso", + "api" + ], + "lastUpdated": "2026-04-12T03:05:39.772Z" }, { "id": "129a8dad05ac801cb803e69297ecf8c7", @@ -1193,7 +1244,7 @@ "monitoring", "vendor" ], - "lastUpdated": "2025-12-23T17:34:56.982Z" + "lastUpdated": "2026-04-12T03:05:41.824Z" }, { "id": "29ca8dad-05ac-80f3-9e55-cbb965b5b401", @@ -1207,7 +1258,7 @@ "rpo", "rto" ], - "lastUpdated": "2025-12-23T17:34:57.366Z" + "lastUpdated": "2026-04-12T03:05:48.528Z" } ] } \ No newline at end of file diff --git a/config/notion-index/search-index.json b/config/notion-index/search-index.json index 48318c2..3e0caf0 100644 --- a/config/notion-index/search-index.json +++ b/config/notion-index/search-index.json @@ -139,7 +139,7 @@ "policy", "procedure" ], - "snippet": "Ex Quanta Inc (d.b.a Zenlytic)\n# Incident Management\nVersion: 0.0\nPolicy Owner: Paul Blankley\nStatus: Implemented\n# Incident Response Policy\nThe Incident Response Team shall respond to all potential or actual security or privacy incidents in accordance with the Incident Response Plan and Incident Response Playbooks.\nThe Incident Response Team shall respond to all incidents according to the Incident Response Playbooks for that category of incident. If no such playbook exists, the Incident Respons" + "snippet": "Ex Quanta Inc (d.b.a Zenlytic)\n# Incident Management\nVersion: 0.0\nPolicy Owner: Anshu Aggarwal\nStatus: Implemented\n# Incident Response Policy\nThe Incident Response Team shall respond to all potential or actual security or privacy incidents in accordance with the Incident Response Plan and Incident Response Playbooks.\nThe Incident Response Team shall respond to all incidents according to the Incident Response Playbooks for that category of incident. If no such playbook exists, the Incident Respon" }, { "id": "1b4a8dad-05ac-803b-a447-fc9262f97f83", @@ -773,10 +773,13 @@ "parent": "SOC2 Event Types", "keywords": [ "soc 2", + "training", + "security", "employee", - "onboarding" + "onboarding", + "aws" ], - "snippet": "---\n• June 16, 2025: Employee Onboarding: Djordje Ivanovic\n---\n• July 16, 2025: Employee Departure: Rich Taylor\n---\n• July 28, 2025: Employee Onboarding: Jose Luiz Hernandez Hoyos\n---\n• August 29, 2025: Employee Termination: Aaron Cornejo\n• August 29, 2025: Employee Termination: Tyler Crimmins\n---\n• August 29, 2025: Employee Offboarding: Djordje Ivanovic\n• September 26, 2024: Employee Offboarding: Cole French\n---\n• October 2, 2025: Employee Onboarding: Sebastian Castro" + "snippet": "---\n• June 16, 2025: Employee Onboarding: Djordje Ivanovic\n---\n• July 16, 2025: Employee Departure: Rich Taylor\n---\n• July 28, 2025: Employee Onboarding: Jose Luiz Hernandez Hoyos\n---\n• August 29, 2025: Employee Termination: Aaron Cornejo\n• August 29, 2025: Employee Termination: Tyler Crimmins\n---\n• August 29, 2025: Employee Offboarding: Djordje Ivanovic\n• September 26, 2024: Employee Offboarding: Cole French\n---\n• October 2, 2025: Employee Onboarding: Sebastian Castro\n---\n• November 24, 2025: D" }, { "id": "6b8833be227a437a8f846f9cd5c896e4", @@ -790,7 +793,7 @@ "retention", "network" ], - "snippet": "These are the key docs for our security policies \n## Data Retention\n## Legal\n## Security External Documents\n• Security and Compliance \n• SOC2 \n• Penetration Testing \n# Legal for Website\n## Architecture Diagrams\n• Clarity Engine Diagram\n• Network Diagram\n• Agent Flow Diagram (Figma link)\n# Completed Security Docs (for future reference)\n## FAQ" + "snippet": "These are the key docs for our security policies \n## Data Retention\n## Insurance\n## Legal\n## Security External Documents\n• Security and Compliance \n• SOC2 \n• Penetration Testing \n# Legal for Website\n## Architecture Diagrams\n• Clarity Engine Diagram\n• Network Diagram\n• Agent Flow Diagram (Figma link)\nExploratory mode diagram \n# Completed Security Docs (for future reference)\n## FAQ" }, { "id": "3eb14fe0-7e8d-400f-8082-a5af44c29a0a", @@ -871,6 +874,15 @@ ], "snippet": "### How do you connect to the data warehouse?\n• Zenlytic uses database credentials to connect to and run SQL queries on your data warehouse. Zenlytic does NOT index any whole tables or copy data from your system to ours. We create a SQL query on the fly based on metadata stored in git and connected to Zenlytic and run that query on your data warehouse.\n### Do you cache my data?\n• We do. We use Redis to cache query results, but never the underlying tables in the warehouse. For example, if you ask" }, + { + "id": "326a8dad-05ac-80e9-b828-c696be3d3e85", + "title": "Zenlytic RFI + Security Memory", + "parent": "Security Homepage", + "keywords": [ + "security" + ], + "snippet": "# Zenlytic RFI + Security Memory\nCorrections and gap-fills from live RFI/security questionnaire sessions. Newest entries at top. Treat this as a high-priority source alongside pre-approved Q&A pairs in the skill.\n---" + }, { "id": "3f72c85f50d947ec97543db5242260f9", "title": "Engineering Wiki", @@ -1077,6 +1089,41 @@ ], "snippet": "# Introduction\n# State Machine Diagram\n# Endpoints" }, + { + "id": "2e2a8dad-05ac-80e5-85c0-e6a399502072", + "title": "List of requests", + "parent": "External API Architecture", + "keywords": [ + "api" + ], + "snippet": "From Verizon\n• After the insight gets generated, a user can publish and distribute it to a team of people. Will your api support this? link\n• Will your Chat API include the dashboard distribution and configuration? link" + }, + { + "id": "323a8dad-05ac-8109-946b-f3cb71713079", + "title": "How to Set Up Azure Proxy with PrivateLink", + "parent": "Engineering Wiki", + "keywords": [ + "tls", + "onboarding", + "aws", + "infrastructure", + "network", + "api" + ], + "snippet": "TL;DR: We proxy AWS app traffic to customers' Azure Databricks workspaces via Private Link. Each customer gets a hostname like -dbx.zenlytic.com that routes through an Azure Application Gateway to a Private Endpoint connected to their Databricks workspace. Traffic flows over a site-to-site VPN between AWS and Azure.\n---\n# Adding a New Customer\n## Step 0: Get info from the customer\nSend the customer this message:\n> Hi [Customer],\n\nTo establish a private connection to your Databricks wor" + }, + { + "id": "32da8dad-05ac-81cb-8044-f961ab1d6706", + "title": "Incident Post-Mortem Template", + "parent": "Engineering Wiki", + "keywords": [ + "incident", + "breach", + "sso", + "api" + ], + "snippet": "Incident Title: [e.g., \"API latency spike — 2026-03-24\"]\nSeverity: P0 / P1 / P2 / P3\nDate: YYYY-MM-DD\nDuration: Start → End (total minutes/hours)\nLead: [Name]\n---\n## Summary\n1–2 sentences. What happened, who was affected, how bad was it.\n---\n## Timeline\nChronological list of key events: detection, escalation, mitigation, resolution.\n---\n## Root Cause\nWhat actually broke and why.\n---\n## Impact\nUsers affected, revenue impact, SLA breach, etc.\n---\n## Action Items\n---\n## Lessons Learned\nWhat went we" + }, { "id": "129a8dad05ac801cb803e69297ecf8c7", "title": "Business Continuity Plan", diff --git a/docs b/docs index ebb89fa..f8b97dd 160000 --- a/docs +++ b/docs @@ -1 +1 @@ -Subproject commit ebb89fa8056eb9cc058f8e29c820fbd7b5504a20 +Subproject commit f8b97ddafcc3f95ad28667d80390b79dcce0d0e2