Isolations. Unless Customer opts-out, Critical Start will isolate potentially compromised machines. Critical Start will manually isolate the machine using the endpoint solution and notify Customer of the isolation via the alert write-up procedure for escalation. The machines will remain in isolation until the threat has been remediated or Customer has specifically indicated that they accept the risk and request Critical Start remove the isolation. Should Customer opt to have Critical Start remove isolation from an affected machine: (i) associated SLAs shall be suspended until the discovered threat has been remedied, and (ii) Customer shall waive all associated liability regarding the affected machine’s removal from isolation. Customer hereby commits to identifying production impacting servers and assets that are not to be isolated unless Customer has given written authorization. Critical Start commits to isolating machines that are not on the authorized list only to prevent the spread of malicious code and lateral movement by suspected attackers. Critical Start will escalate all alerts that require isolation to Customer for their visibility and active feedback on the alert. Customers using endpoint detection and response and/or endpoint protection solutions are advised that the MDR Services have the ability to isolate machines on Customer’s network and can use that functionality to protect Customer’s network. Isolated machines will lose all connectivity to all other devices on Customer’s network.
Appears in 10 contracts
Samples: Terms of Service Agreement, Terms of Service Agreement, Terms of Service Agreement
