Vincent presented a new possible model for incident response, moving part of the security logs from the site to the VO.

Action: Vincent to write down a more formal proposal

Open question: How to validate the model?