Santa Secret Deal: 90% OFF for new customers only! gift-box

Schedule of Services

Legal
Terms of Service Agreement

Have Question?

+1-855-223-4887

MANAGED SERVICES

The Services to be performed for Client by Provider are set forth in the Order. Additional Services may be added only by entering into a new Order including those Services.

Provider, through its Third-Party Services Providers will make its best effort to ensure the security of Client’s information through third-party security software (“Security Software”). Client designates Provider as its agent to provide the Service to Client, and to enter into any third-party relationship to provide the Service to Client. Use of this Service is subject to the applicable Third-party Service Providers agreements regarding terms of use, which Client and Provider agree has been provided by Provider to Client. Client acknowledges that Third-Party Service Providers and their licensors own all intellectual property rights in and to the Security Software. Client will not engage in or authorize any activity that is inconsistent with such ownership. Client acknowledges and agrees to be bound by any applicable Third-Party Service Provider agreements regarding terms or use or end user licensing terms, and Client understands that any applicable agreement regarding terms of use or end user licensing is subject to change without notice.

Endpoint Detection and Response (EDR) Services

Provide next-generation anti-malware solutions with EDR capabilities

  • Deploy advanced anti-malware software with real-time EDR capabilities.
  • Enable proactive threat detection, prevention, and response at the endpoint level.
  • Combine signature-based and behavioral-based techniques for comprehensive protection.

Stop execution and spread of threats via unpatched vulnerabilities

  • Monitor vulnerabilities in installed software and applications.
  • Automatically block or contain malicious processes exploiting unpatched vulnerabilities.
  • Mitigate the risk of malware exploiting known weaknesses.

Signature and Behavioral based detection of malware

  • Rapidly isolate infected devices to minimize threats' impact and reduce potential breach.

Network isolate infected devices

  • Rapidly isolate infected devices to minimize threats' impact and reduce potential breach.

Protect Fileless, in-memory, and living-off-land attacks

  • Monitor and respond to attacks that avoid traditional file-based techniques.
  • Detect malicious activities in memory and PowerShell-based attacks.
  • Safeguard against tactics that abuse legitimate tools.

Determine the scope and impact of threats found in your environment

  • Conduct thorough investigations to understand the extent of a security incident.
  • Identify affected endpoints, user accounts, and data.
  • Evaluate potential data breaches and compromised assets.

Quarantine infected and malicious files

  • Automatically contain and isolate suspicious files.
  • Prevent the spread of malware by quarantining affected files.
  • Initiate analysis and investigation on quarantined items.

Run On-Demand scans

  • Define scanning schedules as per client request.
  • Ensure continuous monitoring for threats and vulnerabilities (if client requests for On-Demand scans).
  • Adapt scan frequencies based on risk profiles and operational needs (if client requests for On-Demand scans).

AL & ML learning capable of detection and response

  • Empower detection and response with AI and ML, adapting to emerging threats and bolstering defense.

Threat Hunting

  • Proactively search for indicators of compromise (IOCs) and potential threats.
  • Utilize advanced techniques to identify hidden or persistent threats.
  • Enhance incident response by identifying threats before they escalate.

Implementation Support (Guidelines and Tools)

  • Provide guidelines and best practices for EDR deployment.
  • Offer tools to streamline the implementation process.
  • Ensure smooth integration with existing security infrastructure.

Implementation Assistance

  • Provide expert assistance during EDR deployment and configuration.
  • Ensure proper setup of policies and detection rules.
  • Address any technical challenges or questions during implementation.

Policy Implementation

  • Custom-fit security policies to match your organization's unique needs and risk profile.

White/Blacklist Applications

  • Manage apps with precision by whitelisting approved ones and blacklisting risky ones.

Manage IOCs

  • Effectively manage Indicators of Compromise (IOCs) for comprehensive threat visibility.

Detection & Investigating Malware

  • Detect malware based on behavioral patterns and indicators.
  • Investigate the origin, entry point, and propagation of malware.
  • Gather forensic evidence for further analysis and response.

Threat Monitoring

  • Monitor endpoints for suspicious activities.
  • Prioritize alerts and incidents based on severity and impact.
  • Respond promptly to emerging threats to prevent escalation.

Anti-Malware Compliance Checks

  • Ensure anti-malware software is up to date and operational.
  • Verify compliance with security policies and industry standards.

Threat Remediation

  • Provide step-by-step guidance for threat containment and remediation.
  • Implement proactive measures to prevent future incidents.

Endpoint Protection

  • Offer comprehensive protection against a wide range of threats.
  • Safeguard endpoints from malware, ransomware, and zero-day attacks.
  • Continuously enhance security controls to adapt to evolving threats.

Security Information and Event Management (SIEM) Services

Collect logs from endpoints (Windows/MAC)

  • Implement log collection agents on endpoints. (Windows/MAC)
  • Configure log sources to send relevant event and activity logs to the SIEM platform.
  • Ensure proper parsing and normalization of logs for accurate analysis.

Examine security logs for potential malicious activity indications in monitored equipment

  • Utilize advanced correlation and behavior analysis to identify patterns of malicious behavior.
  • Employ machine learning and threat intelligence to detect anomalies.
  • Investigate unusual activities, such as repeated failed login attempts or data exfiltration.

Identify and report critical alerts categorized as P1 and P2 through email

  • Define severity levels for alerts (P1 for critical, P2 for high importance).
  • Configure real-time alerting based on predefined rules and thresholds.
  • Send immediate email notifications for high-priority incidents.

Provide Security Incident response – full guided remediation recommendations

  • Develop incident response playbooks for various types of security incidents.
  • Provide step-by-step remediation instructions to IT and security teams.
  • Assist in containing and mitigating the impact of security breaches.

To provide a monthly security report

  • Compile a comprehensive overview of security activities and incidents for the month.
  • Include trends, significant events, and improvements in security posture.
  • Offer insights into emerging threats and recommendations for enhancing security.

Maintain log archives for 100 days

  • Implement a secure and scalable storage solution for log data.
  • Ensure logs are indexed and searchable for historical analysis.
  • Adhere to data retention policies, storing logs for the required duration.
  • Log Archives beyond 100 days will be billed extra as per standard.

Provide threat intelligence

  • Gather and analyze external threat intelligence feeds.
  • Identify relevant threats and vulnerabilities applicable to the organization.
  • Share actionable threat intelligence to enhance proactive security measures.

Web Monitoring & Domain Name System (DNS) Filtering Services

Provide web content filtering service using advanced DNS service

  • Implement DNS filtering to control access to websites based on predefined policies.
  • Utilize threat intelligence databases to categorize websites by risk level.
  • Enforce web content policies that align with the organization's security and productivity goals.

Protect devices from Malware download and phishing links

  • Block access to websites known for distributing malware and hosting malicious content.
  • Identify and prevent access to phishing sites through real-time URL categorization.
  • Implement security categories that prevent access to potentially harmful content.

Provide web browsing reports

  • Generate on-demand reports detailing web browsing activities of users.
  • Include information on blocked sites, attempted access to restricted content, and violations of web usage policies.
  • Offer insights into user behavior and potential security risks.

Email Security Services

Advanced protection against malicious URLs and attachments

  • Defends against email-based threats by blocking harmful links and attachments.

Phishing and Spam protection

  • Shields against phishing attacks and filters out spam emails to reduce the risk of compromise.

Inbound and Outbound Email Filtering

  • Monitors incoming and outgoing emails for both threats and policy violations.

Custom block and allow domain list

  • Allowing control over email sources with customizable lists.

Spam filtering based on the spam score Port Mirroring

  • Utilizes spam scoring mechanisms to accurately identify and filter out unwanted emails.

Custom filtering rules

  • Creation of custom filtering rules to adapt the security solution to specific organizational needs.
  • Custom filtering rules
  • Guards against email impersonation attempts that could lead to fraud or unauthorized access.

Impersonation protection

  • Guards against email impersonation attempts that could lead to fraud or unauthorized access.

Daily Quarantine digest report

  • Delivery of daily quarantine digest reports to keep users informed about flagged emails.

24x7 emergency inbox

  • Availability of a 24x7 emergency inbox for prompt attention to critical email security issues.

Security Awareness Training

  • Awareness Training specializes in making sure your employees understand the mechanisms of spam, phishing, spear phishing, malware, ransomware and social engineering and can apply this knowledge in their day-to-day jobs.
Features Frequency
Phishing Security Tests Quarterly
Automated Security Awareness Program (ASAP) Quarterly
Automated Training Campaigns Quarterly
Assessments Quarterly
Advanced Reporting Post Assessment
Email Exposure Check Quarterly
Supplementary training Optional

DATA BACKUP AND DISASTER RECOVERY SERVICE

The Services to be performed for Client by Provider are set forth in the Order. Additional Services may be added only by entering into a separate Order including those Services.

Local Backups

Using customer provider hardware and software (backup software), backups will be performed on the basis specified in the Order. Client owns the hardware and software agents (backup software) used to perform the backups. If Client subscribes to periodic Server Maintenance, Provider will review the backups during Maintenance and notify Client of backup failures. Client will notify the Provider of any failures, and upon request, perform simple on-site tasks (e.g., powering down and rebooting hardware).

Remote Backups

Provider, through its Third-Party Service Providers will make its best effort to ensure the protection and recovery of Client’s information. Data files are backed up via a third-party client-side desktop/server software application (the “Application”), encrypted, and then sent to a storage server at third-party vendor’s data center facility. There is no local copy of the backed-up data. Data files can be restored from the cloud but the server itself cannot be recovered or “booted” in the cloud. Therefore, this service is not considered a disaster recovery solution. All data is backed up via a third-party client-side desktop/server software application (the “Application”). Provider will monitor the backups daily, notify Client of any failures, and work with third-party to resolve backup failures.

Cloud Backup

Provider, through its Third-Party Service Providers will make its best effort to ensure the protection and recovery of Client’s information. Data is backed up via a third-party client-side desktop/server application, encrypted, stored locally on a Provider-owned storage device (“Provider Owned Storage”), and then sent to a third-party owned storage server at the Third-Party Services Provider’s data center facility. Provider will monitor the status of all scheduled backup jobs, notify Client of Provider-owned storage failures and corrective actions. Provider will also provide remote administrative services of Data Backup Service as requested by Client. Offsite Backup copies will have one-year retention unless specified in Order. Upon termination of these Services, Provider will request return of the backup hardware and remove the Application from Client systems.

Disaster Recovery

Provider will work with Client to develop a comprehensive disaster-recovery plan that incorporates the Services to be delivered under this Service Attachment.

If Client experiences an event precipitating a major, multi-user loss of data, Client may notify Provider that a data loss event has occurred.

FILE BACKUP AND RECOVERY

Provider will create, monitor, and modify up to the number of file backup jobs listed in the Order. Provider will also notify Client by email of backup drive failures and corrective actions.

If Client experiences an event precipitating a major, multi-user loss of data, Client may notify Provider that a data loss event has occurred.

FILE BACKUP AND RECOVERY

Provider will create, monitor, and modify up to the number of file backup jobs listed in the Order. Provider will also notify Client by email of backup drive failures and corrective actions.

Upon request, Provider will remotely restore files, subject to the number of operations listed in the Order.

CLOUD AND HOSTING SERVICES

Public Cloud - Provider will move all Client’s data to a cloud computing platform, allow Client to have access to data via virtual desktop from Client’s own devices or device provided by Provider, and manage the cloud environment for Client.

Hybrid Cloud - Provider will move some of Client’s data to a cloud computing platform, and upon Client’s request, place a server on premises at Client’s location. Any Client data being moved shall be agreed to by the parties in writing prior to moving with specific instructions as to identify which data will be moved, managed or unmanaged by Provider. Any Client data being moved or managed shall be specifically identified as to the location of the data on a particular server. Any Client data not being moved, or that is not specifically identified by Client will be considered not managed. Provider shall not be responsible for the identification, classification, or location of the data. Client is solely responsible for its data up to the outermost point of Provider’s firewall with the public internet (the “Demarcation Point”). Once data has been identified, classified, its final location determined, and moved past the Demarcation Point, Provider shall then become responsible for Client data. Provider will also manage the cloud environment for client and provide hardware that will be owned by Provider and will be licensed using an appropriate license agreement.

Private Cloud or Software Subscriptions - Provider will maintain all Client’s data on premise at Client’s location, manage the cloud environment and software subscriptions for Client, provide unmanaged cloud environment and software subscriptions for Client, and provide hardware that will be owned by Provider and will be licensed using an appropriate license agreement.

Third-Party Cloud & SaaS Vendors - Provider will provide, install, and support the Third-Party Cloud or software-as-a-service vendors listed on the Order, including but not limited to Microsoft. Client designates Provider as its agent to provide the Service to Client, and to enter into any third-party relationship to provide the Service to Client. Use of this software is subject to the applicable third-party cloud or software-as-a-service vendor’s agreement regarding terms of use, which Client and Provider agree has been provided by Provider to Client. Client agrees to be bound by any applicable third-party cloud or software-as-a-service vendor’s agreements regarding terms or use or end user licensing, and Client understands that any applicable agreement regarding terms of user or end user licensing is subject to change by any Third-Party vendor or software-as-a-service provider without notice.

CYBER TRAINING SERVICES

Provider will implement and manage a managed cybersecurity awareness training platform ordered through a third party on Client’s behalf. The program features:

  • Enrolling all technology-facing workforce members in the program.
  • Access to a curriculum of industry-leading cybersecurity awareness education which can be customized to meet the unique needs and regulatory requirements of Client.
  • Management reporting and visibility into workforce participation and progress in the training.
  • Regular campaigns to test each workforce member’s ability to recognize and effectively respond to cyberattacks which typically target individuals.
  • Automated enrollment in remedial training for individual workforce members, when appropriate.
  • Management reporting and visibility into workforce performance on testing campaigns.
  • Management reporting and visibility into the improvement in workforce awareness and performance over time.
  • Lowered risk to (Client) from cyberattacks which target unaware and untrained individuals.

THESE DESCRIPTIONS ARE SUBJECT TO CHANGE ANY TIME WITHOUT NOTICE.