Experiencing a Breach?

SentinelOne Vigilance Service Addendum

This Vigilance Service Addendum (“Addendum”) describes the Vigilance Service (as defined below) provided by Sentinel Labs Inc. (“SentinelOne”) to the SentinelOne customer (“Customer”) who subscribed to the SentinelOne Solutions (“Solutions”) under the SentinelOne Terms of Service (“Terms,” available on the SentinelOne website https://sentinelone.com/terms-of-service/, or another version of the Terms agreed to in writing among the Customer and SentinelOne and during the timeframe for such Vigilance Service subscription stated in a Quote or a valid Purchase Order (“Vigilance Subscription Term”). Capitalized terms used but not defined in this Addendum shall have the meaning assigned to such terms in the Terms, and in case of a conflict among terms defined in the Addendum and terms defined in the Terms, the terms in the Terms shall prevail.

The Vigilance service provides a turnkey managed threat detection and response services to augment Customer’s use of the Solutions and enhance the Solutions operations. SentinelOne offers two tiers of the Vigilance Services: Vigilance Respond which includes 24x7x365 monitoring of Customer’s Solutions management console, triage analysis, as well as detection, prioritization and response services (“Vigilance Respond”) and Vigilance Respond Pro which offers Vigilance Respond services with full digital forensics analysis, better response SLAs, deep analysis and incident response hours (“Vigilance Response Pro”) as more fully described in the Vigilance Service Documentation (“Vigilance Documentation,” found here: https://www.sentinelone.com/services/) (collectively, “Vigilance Service”).

The Vigilance Service is provided by highly trained SentinelOne analysts highly experienced in operating the Solutions, who optimize the Solutions capabilities to maximize threat detection, prioritization and response. Vigilance Respond includes various threat response activities (such as remediation and rollback), post incident intel driven hunting (such as active review and assessment of threats), forensics and remediation. Incident response services are provided only to Vigilance Pro customers that execute a separate incident response agreement with SentinelOne and are subject to such incident response agreement terms.

The Vigilance Service is provided by dedicated SentinelOne analysts utilizing SentinelOne’s management console and responding in real time to identified threats. The analysts respond to all identified threats on an ongoing basis based on severity classification by the Solutions and make a commercially reasonable effort to handle all threats rapidly and effectively. All analysts’ activities are recorded within the management console and can be reviewed by Customer.

Customer authorizes SentinelOne to perform any remote analysis of Your Data (as defined in the Terms) and use the File Fetch feature (as defined in the Documentation), which downloads full files (that may contain Customer Confidential information or Personal Information) from the Customer Endpoint to the SentinelOne management console as necessary for providing the Vigilance Services. Customer acknowledges and agrees that SentinelOne may be required to connect its computers and other necessary equipment directly to Customer’s computer network and consents to such activity in connection with providing the Vigilance Service.

SentinelOne warrants the provision of professional, timely and ongoing Vigilance Service in accordance with this Addendum and the Vigilance Documentation, however SentinelOne does not warrant or guarantee identification of every existing threat, immediate or any resolution of every identified threat, error-free threat classification, correct incident prioritization, or satisfactory threat response or threat hunting. In subscribing to the Vigilance Service, Customer acknowledges that the foregoing disclaimers with respect to SentinelOne’s provision of the Vigilance Service. Without limiting the foregoing, SentinelOne provides the Vigilance Service as an “as is” service without any warranties, express or implied, including, without limitation, warranties of merchantability, fitness for a particular purpose, accuracy, non-infringement, or those arising by law, statute, usage of trade, or course of dealing, and SentinelOne’s liability and liability limitations in connection with the Vigilance Service shall be in accordance with its obligations under the Terms.

Priority Levels and Response Times

The SLA refers only to the Response Time by a Vigilance Service analyst to an event and is dependent on the tier of Vigilance Service.

Response Time” means the elapsed time between the reported detection time by the SentinelOne agent and the time a Vigilance Service analyst annotated the event.

Event Type
(as defined in management console)
RESPONSE TIME Respond
(within 90%)
RESPONSE TIME
Respond Pro (within 90%)
Active/Suspicious 2 hours 1 hour
Mitigated/Blocked* 4 hours 2 hours

* Including Active/Suspicious events in full disc scans detections.