Vincent presented a new possible model for incident response, moving part of the security logs from the site to the VO.
Action: Vincent to write down a more formal proposal
Open question: How to validate the model?