951-263-7336

Endpoint Detection & Response Service Endorsement

Last updated 7-21-2025

BY ACCEPTING THIS ENDORSEMENT, EITHER BY INDICATING YOUR ACCEPTANCE, BY EXECUTING A SALES ORDER THAT REFERENCES THIS ENDORSEMENT, OR BY RECEIVING OR UTILIZING THE SOFTWARE OR SERVICES (AS DEFINED BELOW), YOU AGREE TO ALL THE TERMS OF THIS ENDORSEMENT, SUBJECT TO THE TERMS OF THE MASTER AGREEMENT, EITHER SERVICE OR MANAGED SERVICE, REFERENCED ON THE SALES ORDER.

1. Scope

The terms and conditions set forth below are intended to supplement an existing Managed Service Agreement between the Client and Service Provider and rely upon its entire structure.  The definitions, subheadings etcetera of the applicable Managed Service Agreement shall supersede any similar items within this agreement.

2. Definitions

For purposes of this Endorsement, the following definitions shall apply:

“Endpoint Detection and Response (EDR)” shall refer to a security solution that continuously monitors, detects, investigates, and responds to potential cyber threats on network-connected endpoint devices. EDR Software typically includes, but is not limited to, the following capabilities:

  1. Real-Time Monitoring – Continuous surveillance of endpoint activities to identify suspicious behavior or security threats.
    2. Threat Detection – Identification of known and emerging threats, including malware, ransomware, unauthorized access, and other security incidents.
    3. Incident Investigation – Collection and analysis of endpoint data to determine the scope, origin, and impact of a detected threat.
    4. Automated and Manual Response – Execution of predefined or manual actions to contain, mitigate, or remediate identified security threats.
    5. Data Collection and Logging – Secure storage and logging of endpoint activity data for forensic analysis, compliance, and auditing purposes.
    6. Integration Capabilities – Compatibility with other security tools, such as Security Information and Event Management (SIEM) systems, to enhance overall cybersecurity operations.

    The EDR Software must comply with applicable security and regulatory standards as specified in this contract and be configured to align with the organization’s cybersecurity policies.

“EDR Provider” shall mean the entity who developed and maintains the endpoint detection and response.

“Software” shall mean the program developed by the EDR Provider for the use of blocking, detecting and removing malicious programs.

“Service” shall mean the installation and monitoring by Service Provider of the Software provided by the EDR Provider.

“EULA” shall mean the End User License Agreement provided by EDR Provider in connection with the Service.

3. Best Efforts Policy

3.1 No Guarantee of Virus or Malware Protection

As a condition of your use of the Service, you agree that you will not use the Services for any unlawful purpose. Without limiting the foregoing, you agree that you will not use the Services: (i) to infringe the intellectual property rights or proprietary rights, or rights of publicity or privacy, of any third party; (ii) to violate any applicable law, statute, ordinance or regulation; (iii) to disseminate any content in any form or format that is harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, or otherwise objectionable under applicable laws or community standards; or (iv) to disseminate any software viruses or any other computer code, files or programs that may interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment. You are solely responsible for all Data (as defined above) that you upload, post, email, transmit, or otherwise disseminate using, or in connection with, the Service, and you will be solely responsible for any damage to any party resulting there from.

3.2 Importance of Backup and Disaster Recovery

Client also understands that without a backup solution and disaster recovery plan, significant downtime and damage to their business may occur in the event that a device covered by the Managed Service Agreement is infected by a virus, malware or ransomware.

4. Client Conduct

As a condition of your use of the Service, you agree that you will not use the Service for any unlawful purpose. Without limiting the foregoing, you agree that you will not use the Service : (i) to violate any applicable law, statute, ordinance or regulation

5. Privacy and Data Protection

5.1 Access Control and Authentication Measures

Service Provider implements controlled access policies and two factor authentication in a best effort to prevent unauthorized access to Client Computer Systems governed by this endorsement.  However, the EULA provided by the EDR Provider shall act as the authority.  For more information, please refer to the EDR Provider EULA.

5.2 Authorized Access to User Accounts and Data

You agree that Service Provider may access user accounts, including Data, to respond to service or technical problems or at your request.

6. Termination

6.1 Service Provider Termination Rights

Without limiting other remedies, Service Provider may limit, suspend, or terminate its legal agreement with you, terminate your use of Software, prohibit access to the Service  and delete your user account, effective immediately, if (i) Service Provider believes that you are in breach of the Terms, creating problems, possible legal liabilities, infringing someone else’s intellectual property rights, engaging in fraudulent, immoral or illegal activities, or for other similar reasons, (ii) if Service Provider is required to do so by law (for example, where the provision of the Service  to you is, or becomes, unlawful), (iii) if Service Provider is transitioning to no longer providing the Service offered or (iv) the provision of Service  to you is no longer, in Service Provider’s opinion, commercially viable. Service Provider shall effect such termination by providing notice to you to the email address you have provided, and/or by preventing your access to your user account.

6.2 Client Termination for Cause

You may terminate the Service prior to the expiration of the then current subscription term only for cause, i.e. a material breach by us of the Managed Service Agreement or this endorsement, provided that you provide Service Provider notice of such breach and that we have not cured the breach within 30 days of you notifying us of the breach.

7. Indemnity

7.1 No Liability for EDR Provider Operations

Service Provider is not involved in the data center or business operations of the EDR Provider.  Therefore, they cannot be held responsible for the loss of data or business income as a result of the errors, omissions or illegal activities of the EDR Provider or it’s representatives.

7.2 No Liability for Data Loss or Business Interruption Due to Infection

Client agrees that Service Provider shall have no liability for lost or stolen information or loss of business income as a result of an infection.

7.3 Indemnification and Use of Service

Furthermore, Client agrees that Service Provider shall have no liability whatsoever for any use you make of the Service. You agree to indemnify, defend and hold Service Provider harmless from and against any and all claims, damages, liabilities, and costs and fees (including reasonable attorneys’ fees), in connection with or arising out of your (a) violation or breach of any term of this endorsement or the applicable Managed Service Agreement, whether or not referenced herein, or (b) violation of any rights of any third party, (c) use or misuse of the Service.

7.4 Scope of EDR Coverage

Furthermore, only the devices included on the sales order shall be considered part of this agreement.  Client understands that any device NOT included on the sales order SHALL NOT HAVE EDR INSTALLED OR MANAGED by Service Provider.  Client agrees that Service Provider shall have no liability or obligation in relation to any device not covered by the Managed Service Agreement.

8. Software License

Software is licensed, not sold to you, and is licensed only for your personal use pursuant to the EULA provided by the EDR Provider. You may not sell, assign, rent, lease, distribute, export, act as an intermediary or provider, or otherwise grant rights to third parties with regard to all or any part of the Software. You may not modify, reverse-engineer, decompile, disassemble, or attempt to discover the source code, structure or sequence, or otherwise hack, the Software, and have no rights to create derivative works from the Software.

9. EDR Provider

SentinelOne is the product being used as part of this agreement.  You can learn more about them by visiting their website: https://www.sentinelone.com/

10. EDR Provider Changes 

Service Provider reserves the right to change EDR Providers as they see fit.  They will provide notice to you at least 30 days in advance.

A new EULA agreement with the new EDR Provider may be required before the change can take place.  If Client rejects the new EULA their account will be terminated after 30 days starting from the date they were notified of the EDR Provider change.

11. Amendment

This Agreement may be modified or amended in writing, only if said writing is signed by all parties to the agreement.