Code Room
On-callMedium
Question
After a deploy, you discover the service is now logging (or returning) personal data it shouldn't — PII is in the logs / an API response. How do you respond?
What a strong answer looks like
Stop the bleeding first (mitigate), then form hypotheses from real signals. Separate root cause from symptom, communicate status as you go, and close with what prevents a repeat.
Learn the concepts
Loading whiteboard…
Run or narrate your approach, then ask the coach.