CONCORDANCE LABS · INCIDENT INDEX · v0.1

Every major software outage shipped a post-mortem.
The same handful of practices failed every time.

A public, CC BY 4.0 licensed index of major publicly-documented software incidents. Each one mapped to the Concordance engineering protocols that the company's own published root-cause analysis cites as having failed.

Methodology →·JSON API·CC BY 4.0·Run a free scan →

Pattern across 2 incidents

Filtered view

The same 5 engineering practices failed in the majority of these incidents. Click any to see every incident where it failed.

1.3Ticket Description Quality
1 of 2
2.6Dependency ManagementSENTINEL
1 of 2
4.2CI Gating
1 of 2
4.3Test Coverage
1 of 2
4.6Security AnalysisSENTINEL
1 of 2
2 of 2 incidents in this view failed at least one Sentinel-10 protocol — Concordance's set of engineering practices most degraded under AI-accelerated development. Velocity Governance thesis →
FilterCivilizational onlyEnterprise onlyAI-related only20242023202120202014× clear filters
Apache Software Foundation (Log4j)Dec 2021Civilizational
CVE-2021-44228 — JNDI injection in Log4j enables remote code execution

A JNDI lookup feature in the widely-used Apache Log4j Java logging library allowed attackers to trigger arbitrary remote code execution by crafting log messages containing JNDI lookup strings.

1.3 Ticket Description Quality4.6 Security Analysis2.6 Dependency Management
FastlyJun 2021Civilizational
Single customer config change triggers global Fastly CDN outage
1h downtime

A valid customer configuration change exposed a latent software bug in Fastly's edge servers, causing 85% of the network to return errors. Took down major sites including Amazon, Reddit, Twitch, NYT, UK gov.uk, and Stack Overflow simultaneously.

4.3 Test Coverage5.8 Feature Flagging5.7 Rollback Capability4.2 CI Gating
Concordance Incident Index v0.1 · CC BY 4.0 · Roadmap: 250 entries at v1.0, scaling to 5,000 with NSF SBIR Phase I.
Errata: hello@concordancelabs.com