This SentinelOne Breach Response Warranty (“Warranty Agreement”) describes the terms and conditions for the provision of a Breach Response Warranty (“Warranty”) granted from SentinelOne, Inc. (“SentinelOne”) to either the SentinelOne customer pursuant to the MSA or to the managed security service provider pursuant to the MSSP Agreement (each a “Company”) who subscribes to its Complete, WatchTower and Vigilance SKUs of SentinelOne’s Singularity Platform (“Singularity Platform”, respectfully) under the SentinelOne Master Subscription Agreement, including the MSA Solutions Addendum: Singularity Platform Terms (collectively, “MSA”) or the SentinelOne Managed Security Service Provider Agreement (“MSSP Agreement”) or as a Managed Security Service Provider with a subscription purchased and claimed through an authorized Distributor. This Warranty Agreement governs the Warranty, provided that such Warranty is stated in a Quote or Purchase Order among SentinelOne and the Company, or an approved SentinelOne Partner and the Company, in each case, where approved by SentinelOne (collectively, “PO”). This Warranty shall be effective as of the date the PO is executed (“Effective Date”) and shall remain in effect for the term of the Warranty stated in such PO and so long as the Company subscribes to the Complete, WatchTower and Vigilance SKUs in accordance with the Master Agreement and uses the Singularity Platform in compliance with the terms of this Warranty Agreement (including, without limitation, the Singularity Platform configuration (“Warranty Term”). As the Company’s authorized representative, you represent that you are authorized by the Company to accept the Warranty under this Warranty Agreement as part of the Company’s subscription to the Singularity Platform. Capitalized terms shall have the meaning assigned to such terms where defined in this Warranty Agreement, and capital terms used but not defined in this Warranty Agreement shall have the meaning assigned to such terms in the Master Agreement.

Subject to the terms and conditions described herein and the Master Agreement, the Parties to agree as follows:


1. Definitions. The capitalized terms below shall have the following meaning:

1.2. “Covered Expenses” means the reasonable and necessary fees and expenses incurred by the Company as a result of Breach and is limited to the reasonable cost of forensic and legal consultation related to data loss analysis and identification, data privacy compliance and other system recovery activities which have been prior approved by SentinelOne after a Ransomware has been reported by Company to SentinelOne.

1.3. “Breach” means the unauthorized access by a third-party to at least one Covered Endpoint which has caused material harm to the Company, whereby “material harm” must include at least one of the following: (i) the unauthorized acquisition of unencrypted digital data that compromises the security, confidentiality, or integrity of Personal Data or Confidential Information maintained by the Company; (ii) public disclosure of personal information or confidential information maintained by the Company; or (iii) the compromise of at least one Company Endpoint resulting the blocking of access to such Endpoint that results in malicious exfiltration, destruction and/or irreversible encryption of Company’s data that has a value in excess of $5,000.

1.4. “Master Agreement” shall mean either the MSA or the MSSP Agreement as applicable to the Company.

1.5. “Ransomware” means a malware software program that infects Company's systems from external sources (i.e., in the wild), which installs, persists and irreversibly encrypts a large portion of files at the operating system level, and continuing to demand payment (the "Ransom") in order to decrypt the encrypted files and data that has a value in excess of $5,000. For clarification, Ransomware does not include any malware introduced by the Company or any third party to Company's internal systems, whether intentionally (i.e., malware testing) or through a breach in the system's security.

1.6. “Covered Endpoints” means physical or virtual computing devices means with SentinelOne’s Agent installed, running on a supported operating system versions that is supported by operating system provider and meets the pre-requisites and configuration requirements listed in the Documentation.

2. Warranty. During the Warranty Term if Company experiences a Breach then Company’s sole and exclusive remedy under this warranty for Ransomware or Breach shall be reimbursements of Covered Expenses up to the lesser of actual costs or the Cap on Warranty, in aggregate per Warranty, as listed in the table below. The Cap on Warranty shall be determined by the unit-count of Covered Endpoints the Company is subscribed to at the time of the Breach event.

Company Subscription Quantity for Singularity Complete and Vigilance Pro (counted discreetly) “Cap on Warranty”
Up to 4,999 $100,000
5,000 – 10,000 $500,000
10,001 and above $1,000,000

3. Conditions to Warranty Payment. SentinelOne shall only provide the remedy for the Breach of the Warranty as described above if (i) the Breach on Covered Endpoints has occurred and is discovered by the Company and reported to SentinelOne’s provider during the Warranty Term and within 48 hours of discovery; (ii) Company promptly responds to request made by SentinelOne and its insurers for more information related to the incident (SentinelOne reserves the right to close an incident within 15 days if insufficient data is provided to verify an incident has occurred or Company fails to respond); (iii) sufficient evidence is provided showing that Covered Endpoints and the Singularity Platform were configured in accordance with the best practices as listed in the Documentation (article titled Policy Settings); (iv) sufficient evidence is provided showing necessary preventative measures were taken which include Covered Endpoints having supported system versions installed when the attack occurred, Company provided documented security awareness training for its employees and contractors, and deployed sufficient offline backup for critical business data; (v) information is provided related to the incident that identifies the malware strain such as logs viewable in SANS Critical Log Review or equivalent screenshots; (iv) the Company demands in writing to recover Covered Expenses caused by the Breach within 90 days of discovering the attack; (v) sufficient evidence is provided by the Company supporting the demand amount for each infection covered by this Warranty such as invoices for services performed to remediate the incident (services rates shall not be reimbursed if over $250/hr); (vi) sufficient evidence and assurances are provided by the Company that no Warranty payment would be used by the Company to make a payment to any person or entity subject to economic sanctions administered or enforced by the U.S. Treasury Department Office of Foreign Assets Control (OFAC), including any such person or entity listed on OFAC’s the Specially Designated Nationals and Blocked Persons (SDN) list or otherwise prohibited under relevant U.S. law; (vii) sufficient evidence to substantiate Covered Expenses that were actually incurred by Company was provided to SentinelOne; (vii) the Ransomware attack was not related to a Breach that occurred prior to the Warranty Period, a Company endpoint that was not a Covered Endpoint, Company or its personnel negligent, willful or fraudulent misconduct, third-party software or Force Majeure; and (viii) no other claims have been made within the last year of Participant’s warranty period and claim is covered by SentinelOne’s warranty provider. For Companies that are regulated under HIPAA/PCI/SEC, SentinelOne shall only provide remedy for the Breach Warranty as described above if all the conditions above are met and (i) Company has completed an annual risk assessment and documented risks; (ii) PHI inventory has been fully completed and accounted for prior to the Breach and claim; (iii) subject to Company’s historical practices, Company’s employees have completed HIPPA training within the last 12 months prior to the Breach and claim; and (iv) Company has adopted best efforts to comply to all privacy and security policies related to state and/or other federal regulatory requirements which participant is subject to prior to the Breach.

4. Claims notification: All claims made against this warranty shall be sent to [email protected].

5. Sole and Exclusive Remedy. The aforementioned remedy for the Breach shall be the Company’s sole and exclusive remedy and the entire liability of SentinelOne for any breach of the Warranty.

6. Other Terms and Conditions. Any other terms and conditions of the Master Agreement shall be unaffected by this Warranty Agreement, except as expressly stated in the Master Agreement. Information you provide during purchase and in an incident may be shared with a third-party provider in order to carry out the terms of this warranty. In case of any conflict between the terms of this Warranty Agreement and the terms and conditions within the Master Agreement relating to the Warranty, the terms and conditions within this Warranty Agreement shall prevail.

7. Miscellaneous. This Warranty Agreement represents the complete agreement between the Parties concerning the Warranty granted hereunder and supersedes any and all prior agreements or representations between the Parties. SentinelOne may revise the terms of this Warranty Agreement from time to time in its reasonable discretion, provided that such revisions shall not reduce or eliminate the monetary remedy described in Section 2 herein. To the extent that SentinelOne pays to the Company under the Warranty, Company agrees that SentinelOne shall acquire a subrogation right to assert a claim against the hacker who delivered the Ransomware to Company and caused damages for which SentinelOne incurred Warranty costs, and Company further agrees to assist SentinelOne should it decide to assert a claim against such hacker. If any provision of this Warranty Agreement is held to be unenforceable for any reason, such provision shall be reformed only to the extent necessary to make it enforceable. This Warranty Agreement is governed by and construed in accordance with the substantive laws of the State of California, irrespective of its choice of law principles, and the competent courts in the State of California shall have sole and exclusive jurisdiction over every dispute arising from, or in connection with this Warranty Agreement.