Guides
Long-form playbooks and reference material — built for the moments when you need an answer fast, not a marketing brochure.
AWS Incident Response in APAC: A Regulatory and Technical Playbook
How AWS incident response works across Australia, Singapore, India, and the wider ASEAN region — the reporting clocks, the detection toolchain, and the operational gotchas that change as you cross borders.
APRA CPS 234 on AWS: Notification, Material Weakness, and the CPS 230 Overlay
APRA-regulated entities have 72 hours to notify a material information security incident — and 24 hours under CPS 230 if customer-facing operations are affected. This is the practical playbook for AWS workloads in ap-southeast-2 and ap-southeast-4.
Meeting CERT-In's 6-Hour Incident Reporting Rule on AWS
India's CERT-In Cyber Security Directions give you six hours from noticing a cyber incident to filing an initial report. This is the practical playbook for AWS workloads in ap-south-1 and ap-south-2.
MAS TRM and AWS Incident Response: Hitting the 1-Hour Notification Window
Singapore's MAS requires regulated financial institutions to notify within one hour of a relevant IT incident. This is the practical playbook for AWS workloads in ap-southeast-1, with the runbook, the evidence stack, and the common failure modes.
OAIC Notifiable Data Breach Scheme on AWS: The Australian Playbook
Australia's NDB scheme gives you 30 days to assess and notify a suspected data breach. The clock is forgiving but the standard is not — this is the practical playbook for AWS workloads in ap-southeast-2 and ap-southeast-4.
Ready to strengthen your security posture?
Let's talk about what Opcode can do for your organisation. Get in touch for a no-obligation discussion about your security challenges.