CDO Services Solution Terms
Last Updated Date:
May 1, 2024
These CDO Services – Solution Terms set forth the terms and conditions of the CDO Services (the “CDO Services”). The CDO Services, if purchased by Customer as evidenced by Customer’s election on an Order Form, will be provided in accordance with the terms set forth herein and the CDO Services Agreement located at https://arcticwolf.com/terms/ including any Exhibits attached thereto (the “Agreement”) made by and between Customer and Arctic Wolf Networks, Inc. (“Arctic Wolf”). Any capitalized terms not otherwise defined herein shall have the meaning set forth in the Agreement.
The CDO Services.
Customer may receive the following as part of the CDO Services:
The CDO Services.
Customer may receive the following as part of the CDO Services:
- 24x7x365 access to Arctic Wolf Cyber Defense Operations.
- Endpoint Monitoring and alerting with SentinelOne to include:
- Alert escalation, when necessary, to be provided by Arctic Wolf within one (1) hour of discovery by Arctic Wolf of the initial alert;
- Description of the alert and impacted systems;
- Recommendations of how to address the alert;
- Continuous refinement of allow list and block list items to limit false-positives and excess alerts;
- Availability via Slack and email to answer questions related to the alert and recommended remediation;
- Containment and remediation of incidents;
- Automated and manual threat hunting; and
- Reverse engineering and static and dynamic malware analysis.
- Identification of malicious and suspicious threats.
- Hands-on active defense for high and critical alerts.
- Full implementation with operational support and tuning for applicable tooling deployed by Arctic Wolf in the delivery of the CDO Services.
- Scheduled, recurring, weekly external vulnerability scanning with reporting on all internet-facing assets, to include information on identified vulnerabilities and recommended guidance on remediation (if available).
- If included with Customer’s CDO Services, dark web monitoring and alerting to include:
- Continuous searching for Customer’s business entity name and domains on the dark web using commercially available Darknet dataset;
- Real-time monitoring and triage by if Customer’s business entity name or domains are mentioned on the dark web;
- Alert escalation to Customer’s identified escalation contacts if true-positive threats are found;
- If Customer information is discovered on the dark web, Arctic Wolf will attempt to safely download and provide the downloaded information to Customer in accordance with the defined communication path;
- Access to the latest threat intelligence reports created by Arctic Wolf; and
- An initial report of Customer’s existing dark web exposure.
- Periodic reports on incidents and critically vulnerable applications to include the following:
- Quarterly reports providing overview of Customer’s alerts, associated remediation recommendations, and full list of potentially critical application vulnerabilities;and
- Upon request, presentation to Customer’s executive team to explain CDO Services findings described in these CDO Services Solutions Terms.
Customer shall have email access to the Arctic Wolf CDO Operations Engineering Team during standard support hours (6:00am to 8:00 pm CT), Monday through Friday (excluding holidays)).
Updates & Upgrades. Any automated maintenance and update cycles to the Services will be performed remotely by Arctic Wolf.
Arctic Wolf may perform statistical analysis of the CDO Services using Metrics Data. "Systems Metric Data” means any machine-generated data, such as metadata derived from tasks, file execution, commands, resources, network telemetry, executable binary files, macros, scripts, and processes, that: (i) Customer provides to Arctic Wolf, or (ii) is collected or discovered during the course of Arctic Wolf’s delivery of the CDO Services or Customer’s use thereof, excluding any such information or data that identifies Customer or to the extent that it includes personal information of Customer’s data subjects.
