On-Call Rotation
How to set up on-call shifts and scheduled rotation so there is always someone responsible for triaging vulnerability reports.
Why It Matters
When a critical vulnerability report lands at 2 AM, someone needs to be clearly responsible. On-call rotation ensures there is always one person accountable for triage, and that the burden rotates fairly across your security team.
Getting Started
Navigate to VDP > On-Call in the sidebar. The page shows who is currently on-call and lets you configure how shifts are managed.
Modes
| Mode | Best for |
|---|---|
| Manual | Small teams. Start and end shifts by hand. |
| Scheduled Rotation | Teams with 2+ members. Shifts advance automatically. |
Manual Mode
Any admin can start or end a shift from the On-Call page or the dashboard. Shifts run until someone explicitly ends them.
If a shift runs too long, the dashboard shows a warning:
- 24+ hours — amber warning
- 48+ hours — red warning prompting a handoff
Scheduled Rotation
Set an interval (daily or weekly), a handoff day and time, and add your team members in the order they should rotate. When you save, the first person in the list goes on-call immediately.
At each handoff time, the current person’s shift ends and the next person’s begins automatically. After the last person, the rotation wraps back to the first.
Manual Override
You can always switch the on-call person by hand during a rotation. An “override” badge appears so the team knows it was a manual change. The rotation resumes normally at the next scheduled handoff.
Auto-Assignment
Enable Auto-assign new reports to the on-call person to route incoming reports directly to whoever is on-call. If no one is on-call, reports go to the default assignee (configured in Program Settings > Triage).
Notifications
The on-call person receives alerts for:
| Event | Slack DM | |
|---|---|---|
| New report submitted | ✓ | ✓ |
| SLA at risk | — | ✓ |
| SLA breached | — | ✓ |
| Critical severity escalation | ✓ | ✓ |
| Appeal received | ✓ | ✓ |
| Shift started | ✓ | ✓ |
| Shift ended | ✓ | ✓ |
Shift notifications fire on every transition — scheduled rotation, manual start/end, PagerDuty sync, even when a member leaves the team mid-shift.
Slack alerts arrive as personal direct messages to whoever is on call. They require a connected workspace under Integrations > Slack (with the Personal notifications feature toggle enabled), a Kit email that matches a workspace member, and a connection at the Collaboration or Full permission level.
Unlike hiring DMs, on-call DMs can’t be paused — they follow the schedule. To stop receiving them, hand off your shift or enable Holiday Mode, which advances the rotation automatically. Each DM includes Hand off and Enable holiday mode links for exactly that.
Shift Summary and Handoff Brief
Going off call includes a recap of your shift in the DM and email: new reports (with severity breakdown), status changes, researcher messages, bounties awarded, SLA breaches during your shift, and what you’re handing off (open reports and how many still await triage).
Going on call includes a handoff brief of the queue you’re inheriting: open reports, reports awaiting triage, and reports whose acknowledgment SLA is at risk right now.
Quick Checklist
- Choose Manual or Scheduled Rotation
- If rotation: add at least 2 team members and set the handoff schedule
- Optionally enable auto-assign for incoming reports
- Connect Slack for direct message notifications