Common use of Network Credentials Clause in Contracts

Network Credentials. Client will provide documentation of network credentials ▇▇▇▇▇’s Project Manager prior to the start of the Managed IT Services implementation. Network credentials include the following: o Domain Administrator / Domain Server o Virtual Server—Vmware/VSphere o Azure/Azure AD o Firewall o Antivirus Managed Console Services required for the implementation beyond those described in this Threat Hunting Agreement, including any on-site work, ▇▇▇▇▇ Support Desk assistance, or other work is billed at ▇▇▇▇▇’s prevailing rates unless the Parties have entered into a separate agreement for such work or assistance. Effective/version: March 12, 2021 (To Be Delivered) ▇▇▇▇▇’s Threat Hunting Assessment is designed to assist Client in identifying certain information security risks to Client’s information technology environment through use of the Threat Hunting Tools described below. ▇▇▇▇▇ will use the CrowdStrike Falcon Software and Perch Software and Equipment stated in the SOP (“Threat Hunting Tools") to attempt to find evidence of the tactics, techniques, and procedures (TTP) commonly used by attackers to compromise information technology systems (“Threat Hunting” or “Services”). Following deployment of the Threat Hunting Tools as described below, ▇▇▇▇▇ will notify Client of its findings and make recommendations about those findings. This Assessment is not designed or intended to replace a forensics investigation but may assist you in providing information to assist in such an investigation . The CrowdStrike Falcon Software and Perch Software and Sensor are referred to herein as “Threat Hunting Tools.” Threat Hunting Tools will be deployed remotely through automated methods. Perch sensor deployment may require onsite access for installation. Threat Hunting Tools remain in place for the period of the Subscription stated in the SOP. For Clients without an active Marco Managed IT Agreement, ▇▇▇▇▇ will monitor the deployed Threat Hunting Tools for up to sixty (60) days and will notify Client of Marco findings during that period. See the Subscription terms for any additional services provided by CrowdStrike and/or Perch during the Subscription Term. If Client has an active Managed IT Agreement with ▇▇▇▇▇, ▇▇▇▇▇ alerts will follow ▇▇▇▇▇’s standard Service Level Targets and Priority Standards. ▇▇▇▇▇’s monitoring and notification Services will be performed during ▇▇▇▇▇’s regular business hours. Subscription Terms Client understands and agrees that its Subscription is governed by and it is required to comply with the then current version of: the CrowdStrike End User Agreement for Crowd Strike Falcon Software and services and the Perch Service Terms and Conditions for the Perch Security Information and Event Management Software, Sensor, and services which are located at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/legal/subscription-license-product-agreements/threat-hunting-license-terms (“Subscription Terms”). Client is responsible for its users’ compliance with Subscription Terms. By its electronic signature to any SOP for such Products, Client accepts and agrees to be bound by the Subscription Terms. Vendor charges for such Subscriptions are subject to change. ▇▇▇▇▇ reserves the right to adjust Client’s Price in consideration of such changes. CrowdStrike uses certain third-party software in the Products, including what is commonly referred to as open source software. Under some of these third-party licenses, CrowdStrike is required to provide notice of the license terms and attribution to the third party. See the licensing terms and attributions for such third-party software that CrowdStrike uses at: ▇▇▇▇▇://▇▇▇▇▇▇.▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/opensource. If Client has existing licensing from another CrowdStrike or Perch reseller, the Client is obligated to cancel those subscriptions with that reseller to avoid double billing. Client requests that ▇▇▇▇▇ provide the Threat Hunting and consents to the deployment of Threat Hunting Tools, the installation of the Perch sensor, and ▇▇▇▇▇’s access to Client’s information technology, equipment, sites, and personnel, including Client Information and Access for the purpose of carrying out this Threat Hunting Agreement. Client represents that is has obtained any consents from its personnel and third parties necessary for the performance of this Assessment. Client shall be solely and exclusively responsible for the following: a) designating its internal contact who will review the results of and recommendations concerning ▇▇▇▇▇ Threat Hunting; b) providing ▇▇▇▇▇ with the information it needs to carry out this Assessment; c) notifying ▇▇▇▇▇ of any changes to: the information in a, b, its Contacts, Asset Summary, and servers, computers, software and operating systems on/for which Threat Hunting Tools are deployed, and the Client Information and Access; d) establishing and maintaining the security and confidentiality of Client’s and its personnel’s data including user accounts, ids, passwords, encryption keys, and any other personal identifiers;

Network Credentials. Client will provide documentation of network credentials ▇▇▇▇▇Marco’s Project Manager prior to the start of the Managed IT Services implementation. Network credentials include the following: o Domain Administrator / Domain Server o Virtual Server—Vmware/VSphere o Azure/Azure AD o Firewall o Antivirus Managed Console Services required for the implementation beyond those described in this Threat Hunting Agreement, including any on-on- site work, ▇▇▇▇▇ Marco Support Desk assistance, or other work is billed at ▇▇▇▇▇Marco’s prevailing rates unless the Parties have entered into a separate agreement for such work or assistance. Effective/version: March 12, 2021 (To Be Delivered) ▇▇▇▇▇ ▇▇, ▇▇▇▇ (▇▇ ▇▇ Delivered) Marco’s Threat Hunting Assessment is designed to assist Client in identifying certain information security risks to Client’s information technology environment through use of the Threat Hunting Tools described below. ▇▇▇▇▇ Marco will use the CrowdStrike Falcon Software and Perch Software and Equipment stated in the SOP (“Threat Hunting Tools"”) to attempt to find evidence of the tactics, techniques, and procedures (TTP) commonly used by attackers to compromise information technology systems (“Threat Hunting” or “Services”). Following deployment of the Threat Hunting Tools as described below, ▇▇▇▇▇ Marco will notify Client of its findings and make recommendations about those findings. This Assessment is not designed or intended to replace a forensics investigation but may assist you in providing information to assist in such an investigation investigation. The CrowdStrike Falcon Software and Perch Software and Sensor are referred to herein as “Threat Hunting Tools.” Threat Hunting Tools will be deployed remotely through automated methods. Perch sensor deployment may require onsite access for installation. Threat Hunting Tools remain in place for the period of the Subscription stated in the SOP. For Clients without an active Marco Managed IT Agreement, ▇▇▇▇▇ Marco will monitor the deployed Threat Hunting Tools for up to sixty (60) days and will notify Client of Marco findings during that period. See the Subscription terms for any additional services provided by CrowdStrike and/or Perch during the Subscription Term. If Client has an active Managed IT Agreement with ▇▇▇▇▇Marco, ▇▇▇▇▇ Marco alerts will follow ▇▇▇▇▇Marco’s standard Service Level Targets and Priority Standards. ▇▇▇▇▇Marco’s monitoring and notification Services will be performed during ▇▇▇▇▇Marco’s regular business hours. Subscription Terms Client understands and agrees that its Subscription is governed by and it is required to comply with the then current version of: the CrowdStrike End User Agreement for Crowd Strike Falcon Software and services and the Perch Service Terms and Conditions for the Perch Security Information and Event Management Software, Sensor, and services which are located at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/legal/subscription-license-product-agreements/threat-hunting-license-terms (“Subscription Terms”). Client is responsible for its users’ compliance with Subscription Terms. By its electronic signature to any SOP for such Products, Client accepts and agrees to be bound by the Subscription Terms. Vendor charges for such Subscriptions are subject to change. ▇▇▇▇▇ Marco reserves the right to adjust Client’s Price in consideration of such changes. CrowdStrike uses certain third-party software in the Products, including what is commonly referred to as open source software. Under some of these third-party licenses, CrowdStrike is required to provide notice of the license terms and attribution to the third party. See the licensing terms and attributions for such third-party software that CrowdStrike uses at: ▇▇▇▇▇://▇▇▇▇▇▇.▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/opensource. If Client has existing licensing from another CrowdStrike or Perch reseller, the Client is obligated to cancel those subscriptions with that reseller to avoid double billing. Client requests that ▇▇▇▇▇ Marco provide the Threat Hunting and consents to the deployment of Threat Hunting Tools, the installation of the Perch sensor, and ▇▇▇▇▇Marco’s access to Client’s information technology, equipment, sites, and personnel, including Client Information and Access for the purpose of carrying out this Threat Hunting Agreement. Client represents that is has obtained any consents from its personnel and third parties necessary for the performance of this Assessment. Client shall be solely and exclusively responsible for the following: a) designating its internal contact who will review the results of and recommendations concerning ▇▇▇▇▇ Marco Threat Hunting; b) providing ▇▇▇▇▇ Marco with the information it needs to carry out this Assessment; c) notifying ▇▇▇▇▇ Marco of any changes to: the information in a, b, its Contacts, Asset Summary, and servers, computers, software and operating systems on/for which Threat Hunting Tools are deployed, and the Client Information and Access; d) establishing and maintaining the security and confidentiality of Client’s and its personnel’s data including user accounts, ids, passwords, encryption keys, and any other personal identifiers;