The Incident Response Services described herein are subject to the License and Services Agreement located at https://www.cybereason.com/online-agreement/lsa, unless the customer receiving the services (“Customer”) has executed a different license and services agreement, in which case the executed version shall supersede, (the “Agreement”). In the event of any conflict between the terms hereof and the Agreement, the terms hereof shall control.
The TakeFlight Incident Response Retainer is a proactive engagement in which the Cybereason Incident Response Team (“CRIRT”) will provide priority access to incident response services billable at a preferable hourly rate (as set out in the quotation and as described in Section 3 below, but without any minimum purchase commitment in advance) along with a one-time comprehensive assessment from a choice of (one of): (a) Incident Response Plan (IRP) analysis and review, (b) Platform Security Assurance Audit, or (c) Risk Exposure Analysis, as described in Section 2 below.
This retainer ensures that customers receive dedicated support and swift incident response, as well as a proactive assessment to enhance their security posture.
Note: No incident response hours are allocated as part of this retainer. Incident response hours will be billed separately as they are incurred at the rates set out in the quotation.
Customers can choose one of the following assessments as part of the TakeFlight service:
Incident Response Plan Analysis and Review:
• Conduct interviews to understand the current incident response plan.
• Review and provide suggestions based on best practices.
• Develop an actionable incident response plan tailored to the customer's organization.
Platform Security Assurance Audit:
• Audit the configuration of the Cybereason platform.
• Develop a plan to enhance coverage and protections to withstand cyber events.
Risk Exposure Analysis:
• Assess the customer environment using Cybereason telemetry.
• Identify risks, such as outdated systems, misconfigured applications, and bad security practices.
• Document findings and provide recommendations for mitigation.
The retainer service is a contractual agreement that guarantees a preferential hourly rate for incident response services prior to any incidents occurring, with the actual charge based on the actual amount of hours provided. This arrangement allows for immediate IR activities to commence without delay, with charges incurred only after engaging Cybereason CRIRT in response to an incident.
The retainer services are described in Section 2 of the Incident Response Services Engagement (Retainer) set out at: https://www.cybereason.com/services/incident-response-services-engagement-retainer
4.1 Assessment Deliverables (customer choice of 1):
Incident Response Plan Analysis and Review:
• Comprehensive review of the current incident response plan.
• Detailed recommendations for improvements and best practices.
• Tailored incident response plan aligned with customer’s organization.
Platform Security Assurance Audit:
• Audit report detailing the configuration of the Cybereason platform.
• Strategic improvement plan to enhance cybersecurity coverage and protections.
Risk Exposure Analysis:
• Detailed risk assessment report identifying outdated systems, misconfigured applications, and bad security practices.
• Recommendations for risk mitigation and security improvements.
4.2 SLA for Emergency Requests:
Guaranteed response times by remote CRIRT during an incident within 4 business hours of notification or escalation.
• Appoint a representative that will participate and be the Customer point of contact for ensuring all the above.
• Complete pre engagement questionnaire
• Obtaining consents necessary for performing the services.
Fees as set out in quotation, payment terms as set out in Agreement unless otherwise set out in quotation (in event of conflict the latter shall prevail).
Other Terms. In the event that the Customer is unable or unwilling to provide accurate and current information and/or cooperation, Cybereason will not be held liable for any delays in establishing communication and/or performing its obligations. All services will be performed in a professional and workmanlike manner. Cybereason does not guarantee that it will identify, remediate or prevent all threats or Incidents. Cybereason shall not be liable for any actions taken at the direction of Customer.