Terms of Service

1. Overview

Direct Sale from EventTracker: If you have purchased SIEMphonic services directly from EventTracker, this document is incorporated into your Master Services Agreement / Statement of Work / License Agreement with EventTracker. Sale via an authorized EventTracker partner: If you have purchased these services through an authorized EventTracker partner, this document is for description purposes only; and the contract, if any, governing the provision of the services will be between you and your authorized partner. Your authorized partner should provide this document to you. SIEMphonic services are designed to augment your existing staff resources for IT security and regulatory compliance matters. By co-sourcing your SIEM and log management responsibilities with SIEMphonic, you can leverage the expertise and experience of skilled EventTracker security professionals without having to increase the investment in IT staff or incurring additional capital expenses. SIEMphonic services are delivered along with EventTracker software solutions. SIEMphonic services are delivered by EventTracker Control Center (ECC) staff through secure access provided to your server(s) running EventTracker software.

2. Functionality - Service Offerings

The SIEMphonic EventTracker Services available are:
  • RUN: Check EventTracker Diagnostics, Confirm Threat Intelligence Feeds Security and Compliance Content Updates, Configuration and Health Check, Check for non-reporting systems
  • WATCH: Threat and Alert Monitoring, Incident Analysis and Investigation, Report Review, Behavior and Anomaly Analysis. Summary of Observations prepared and shared
  • COMPLY: Reports annotation to demonstrate regulatory Compliance
  • TUNE : Expert Services such as Advanced Tuning/Rules for Behavior Analysis, Correlation, EventVault Explorer (DataMart) and Incident Investigation/Forensics
  • EventTracker Vulnerability Assessment System (ET-VAS)
  • EventTracker Intrusion Detection System (ET-IDS)

2.1. RUN

These are post-implementation services for the administrative maintenance of EventTracker software including licensing updates, service pack installation, and basic configuration of user profiles, standard reports, alerts and dashboards.

ECC staff will access and review your EventTracker server(s) from the EventTracker Control Center and will run diagnostics and validate that processes and services are functioning properly, forecast capacity expansion, confirm proper reporting to EventTracker consoles by all licensed systems and notify you of any non-reporting systems. ECC Staff will perform analysis for EventTracker server resources to verify that CPU/RAM and DISK I/O are within acceptable ranges. ECC Staff will review EventTracker log volume analysis reports and confirmation of Threat Intelligence updates.

EventTracker configuration auditing will be performed routinely to ensure that all licensed systems in your network are reporting to EventTracker console(s) in accordance with recommended procedures. ECC Staff will ensure that any new infrastructure devices / applications that have been added to the network are reporting accurately to EventTracker.

Deliverable: EventTracker System Status Report

2.2 WATCH

ECC staff will review incidents, reports, dashboards and behavior analysis. Incidents and Reports that merit escalation to your IT staff will be shared through a Critical Observations Summary. Report and Incident flagging will be provided for issues requiring immediate attention. Automated 24×7 processes will notify ECC and your staff of prioritized EventTracker Incidents. Your staff is provided guidance for potential security, regulatory and compliance issues including summary and relevant detailed analysis of:

  • Threats
  • Privileged User Monitoring
  • Changes to Identity and Access Policies
  • Identity/Role Context in User Activity Monitoring Reports
  • Change Management Reports to Identify Resource Access Exceptions
  • Data Access
  • Application Activity
  • Behavior Analysis and (optional Threat Intelligence) for SIEM
  • System Resources

Deliverable: Critical Observations Management Summary Report

2.3. COMPLY

ECC works with your staff and/or your auditor/regulator to identify the standard reports and top level summaries to be scheduled and reviewed based on relevant regulatory standards (PCI, HIPAA, ISO, FFIEC, etc.) and/or internal policy. ECC staff review the generated reports, annotate them to indicate that reviews were completed. Summary reports of these compliance activities are available for audit preparation.

Deliverable: Compliance report annotations

2.4. TUNE

ECC will provide custom configurations for Behavior Analysis, Correlation Rules, Threat Intelligence Feeds Categories and Alerts. This is the ongoing optimization and configuration of new correlation rules, reports, searches, behavior dashlets and dashboards within EventTracker.

2.5. Expert Services

ECC can assist in the review of logs and other security information in EventTracker to help determine what activities have occurred. ECC Staff will conduct forensic analysis of patterns to identify indications of compromise. This may result in recommendation (s) for remediation. Incident Investigation services are billable T&M or under annual subscription service and may be authorized on an emergency basis via e-mail from your appropriate point of contact.

ECC can provide support if you are preparing for or engaged in an IT audit. ECC Staff will assist as EventTracker experts to explain and demonstrate how proper use of EventTracker helps demonstrate compliance. ECC Staff will provide a Plan of Action and Milestones (POAM) response for deficiencies and follow through as required. Audit Assistance services are billable T&M.

2.6. EventTracker Vulnerability Assessment Service (ETVAS)

ECC staff will work with your staff to identify and group assets in your environment, schedule scanning and attempt to detect vulnerabilities in the target assets monthly or quarterly.

Detailed results, including remediation recommendations are integrated into the EventTracker Reports Dashboard and are scored by risk. Trend reports showing new, remediated or unchanged vulnerabilities are provided. For dynamic assets, a network discovery phase can precede each scan. Both authenticated and unauthenticated scans are supported. The service includes the maintenance of the scanner system for signature, engine and platform updates.

To provide this service, a software appliance is installed on your premises with VPN access provided to ECC staff. EventTracker is also required; the reports and risk scores from ETVAS are integrated and available within EventTracker Reports console.

2.7. EventTracker Intrusion Detection System (ETIDS)

ECC staff will install Snort (Community Edition), configure, tune and maintain available rules to monitor your network. VPN Access will need to be provided to the staff of ECC. Alerts are integrated into the EventTracker Incidents screen which can launch notifications (e.g. e-mail) and/or auto remediation actions.

The service includes the maintenance of Snort for signature, engine and platform updates. A separate instance of EventTracker is also required; the reports and risk scores from ETIDS are integrated and available within EventTracker.

3. Service Delivery

The purchased services (except any billable T&M services) are delivered from the ECC. The options for periodicity of service delivery are:
  • Weekday - Monday thru Friday, except US holidays. ECC staff will perform review and analysis of alerts, incidents and logs for the previous one (1) working day.
  • 7 Days per Week - Monday thru Sunday, all calendar days of the year. ECC staff will perform review and analysis of alerts, incidents and logs for the previous one (1) calendar day.
  • Weekly – On a scheduled day every week, except US holidays. Schedule will be pre-agreed during service initiation. In case of US holidays, service will be delivered the working day prior to the holiday. ECC staff will perform review and analysis of the alerts, incidents and logs for the previous seven (7) calendar days.
Service Offering Daily (Working Week) Monday - Friday Except US holidays 7 days per Week Monday - Sunday Without any holidays Weekly
RUN Once a week Once a week Once a week
WATCH Daily (for prior 1 weekday) Daily (for prior 1 calendar day) Weekly (for prior 7 days)
COMPLY Daily (for prior 1 weekday) Daily (for prior 1 Calendar day) Weekly (for prior 7 days)
TUNE Under annual subscription service Week 1, Week 16 and Week 32 from commencement of services. Additional Tuning will be done as billable T&M Professional Services Engagement
ETIDS Installation of Snort (Community Edition). ECC staff tune and maintain available rules, to monitor your network. The monitoring will be scheduled either Weekly or Monthly
ETVAS Installation of VAS OVA. Threat Intelligence feeds updates are done Weekly Scanning of identified assets will be done monthly or quarterly. Detailed results, including remediation recommendations are integrated into the EventTracker Reports Dashboard and are scored by risk. Trend reports showing new, remediated or unchanged vulnerabilities are provided at the conclusion of every scan

4. Hours of Work

EventTracker Control Center's hours of operation are: Monday - Friday : 06:30 - 18:30 GMT (2:30am - 2:30pm EST) Saturday - Sunday : 07:30 - 16:30 GMT (03:30am - 12:30pm EST)

5. Data Privacy

EventTracker Security LLC (“EventTracker” or “ECC Staff”, “We,” “Us,” “Our” or similar pronouns), created this Privacy Statement to demonstrate our firm commitment to your privacy. This Privacy Statement discloses our information gathering and disseminating practices for use of the services we provide at www.eventtracker.com (the “Service”).

5.1. Privacy Policy

We strongly believe in protecting the privacy and confidentiality of personally identifiable information that refers or relates to our remote access users (“You” or “Your”) and your Clients. We explain what information we collect about you, how we use the information we collect, how we protect the security and confidentiality of such information, and what you should do if you have any questions or comments. Our commitment to you is clear: We do not sell, license or rent any personally identifiable information about you or your customers, your information or any other information about your affiliates to any third party without your express consent and we will take reasonable measures to protect the confidentiality of personal identifiable information you provide to us.

5.2. Terms of Use

This Privacy Statement co-exists with our Terms of Use, and together both policies govern the practices of use of the Service. Your use of the Service at any time shall be deemed conclusive evidence of your agreement that your license to access and use the Service is governed by this Privacy Statement and Our Terms and Conditions of Use. We encourage you to familiarize yourself with both policies.

5.3. Changes to This Privacy Statement

We may change this Privacy Statement and/or the Terms and Conditions of Use at any time by posting revisions to the Terms of Use of the Service. Your use of this Service constitutes acceptance of the provisions of this Privacy Statement and the Terms and Conditions of Use, and your continued usage after such changes are posted constitutes acceptance of each revised Privacy Statement and/or Terms and Conditions of Use.

5.4. What Information is collected?

If you choose to provide personally identifiable information to us, you represent and warrant that all such information is true, accurate and complete, and in compliance with our Terms of Use.

5.5. General Use of the Service

We continually seek to improve the quality of the Service so that we may better meet your needs. As part of this process, the information we collect from our Service users and data regarding your use of this Service is used in the following ways:

  • By us – We use personally identifiable information that you provide to us (such as your name, address, phone and fax numbers, email address and other similar types of information specific to you) to statistically analyze the Service usage and to improve the Service and our product and service offerings. We may use your email address, mailing address, phone or fax number to contact you regarding comments that you may have provided or information that you actively requested from us. Further, we may be required to disclose personally identifiable information by court or administrative order such as a law, regulation, search warrant, or subpoena. We may also provide third parties with aggregate information regarding users of the Service. For example, we might inform third parties regarding the number of unique users of our Service, and aggregate information on the types of the activities such users conducted while on the Service. This aggregate information will not contain information that can identify you, and will not contain any personally identifiable information that refers or relates to you.
  • By Third Parties – We provide no personally identifiable information about you or your customers to any third party without your express consent. Further, without your consent, no third party will contact you using personally identifiable information you gave to us through the Service (but note, that if we obtain or are provided information about you from other sources, this rule does not apply).

5.6. Security of Personal Identifiable Information

We take the security of personal identifiable information seriously. Commercially reasonable efforts are made to secure servers, networks, host operating systems and databases against unauthorized access. Please remember that the security measures taken above are not foolproof; no hosted service can guarantee that personally identifiable information will be protected in all situations. Therefore we can only state that we will make a reasonable effort to protect from unauthorized access the information that you provide. You must also recognize your role in security and maintain all access and login credentials, and we are not liable or responsible for any failure by you to maintain such security.

5.7. Updating Your Personal Information and Contacting Us

You can always contact us in order to: (i) update the personally identifiable information you have provided; or (ii) direct us to render inactive on our systems all personally identifiable information that refers or relates to you. We may be reached by email at privacy@eventtracker.com.

6. EventTracker Responsibilities

Provided you have paid all relevant licensing, support and SIEMphonic fees, ECC will:
  • Provide services set forth in the Service Description, as ordered by you;
  • Provide all Product Updates and Version Releases commercially released by EventTracker;
  • Use its reasonable commercial efforts to resolve technical problems identified within EventTracker’s Services
  • As detailed in section 2 , “Functionality - Service Offerings”, EventTracker’s responsibilities are limited to:
    • Ensuring to the best of our capabilities that EventTracker is functioning as has been configured at the client site. Through the service offering options ECC Staff will confirm proper reporting and alerting of incidents and alerts to assigned ‘points of contact’ within the client organization.
    • Review of incidents and logs wherein ECC Staff will escalate any potential security, regulatory or compliance issues in accordance with service delivery period described in section 3 of this document
    • Wherever possible (depending on the incident / alert) ECC Team will attempt to suggest a remediation option to address a potential issue.
  • EventTracker’s responsibility is limited to notifying you of any potential security, regulatory or compliance concerns.
  • EventTracker is not responsible if alerts / incidents brought to your notice either by the automated alerts or by the ECC Team are not addressed / managed / remediated.
  • EventTracker is not responsible for any remediation of security, regulatory or compliance requirements within your network

7. Warranty

EventTracker warrants that the Services as detailed in Section 2 will be performed in a professional manner consistent with relevant industry standards. Except as expressly provided herein, EventTracker makes no representations or warranties, and EventTracker disclaims all representations, warranties, and conditions, express or implied, including, without limitation, any implied warranties of fitness for a particular purpose, merchantability, and title. EventTracker does not guarantee for (i) services to find all vulnerabilities and/or incidents; or (ii) the services and/or reporting to be error free. EventTracker shall use all reasonable efforts to ensure that all information it provides or makes available is accurate, however, except in the case of gross negligence or willful acts, customer agrees that EventTracker shall not be liable for any errors, omissions or inaccuracies with respect to such information.

8. Terms of Use for Third Party Services

EventTracker relies on third party services for Threat Intelligence. To know about the Terms of use of these third parties, please visit Product Terms of Use

9. Force Majeure

EventTracker is not liable for failure to perform its obligations, if such failure is as a result of:
  • acts of God (including but not limited to fire, flood, earthquake, storm, hurricane, typhoon or other natural disaster);
  • war, riot, invasion, act of foreign enemies, hostilities (regardless of whether war is declared;
  • civil war, rebellion, revolution, insurrection, military or usurped power or confiscation, terrorist activities, explosion;
  • contamination by radio-activity from any nuclear fuel, or from any nuclear waste from the combustion of nuclear fuel, radio-active toxic explosive;
  • nationalization, government sanction, blockage, embargo, labor dispute, strike, lockout, boycott;
  • slowdown or interruption or failure of electricity or telephone service, acts of state or governmental action prohibiting or impeding from performing its respective obligations under the contract;
Either Party shall be excused from performance and shall not be in default in respect of any obligation hereunder to the extent that the failure to perform such obligation is due to a Force Majeure Event.

10. Limitation of Liability

EVENTTRACKER’S AND ITS AFFILIATES TOTAL AGGREGATE AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY FOR ANY CLAIM OF ANY TYPE WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH ANY SERVICES, DELIVERABLES OR ANY OTHER MATTER CONSIDERED HEREUNDER SHALL BE LIMITED TO PROVEN DIRECT DAMAGES CAUSED BY EVENTTRACKER IN AN AMOUNT NOT TO EXCEED THE FEES PAID BY CUSTOMER TO EVENTTRACKER FOR THE SPECIFIC SERVICES FROM WHICH SUCH CLAIM ARISES IN THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO A CLAIM HEREUNDER. FURTHER, IN NO EVENT SHALL EVENT TRACKER HAVE ANY LIABILITY TO CUSTOMER OR ANY THIRD PARTY FOR ANY LOST PROFITS, LOSS OF DATA, LOSS OF USE, COSTS ASSOCIATED WITH INTEGRATION, INTERRUPTION OF BUSINESS, COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY, CONSEQUENTIAL, OR EXTRA-CONTRACTUAL DAMAGES OF ANY KIND, HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY AND WHETHER OR NOT EVENTTRACKER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

11. Your Responsibilities

You shall supply EventTracker with all technical data and all other information EventTracker may reasonably request from time to time to allow EventTracker to supply the services to you, including a completed pre-deployment questionnaire. You will provide EventTracker, or its authorized representative, reasonable and free access to your networking equipment during the Expert Install stage. Obtaining all approvals required by any third parties in order for EventTracker to perform any services under this Service Description is your responsibility. EventTracker shall not be in default of its obligations to the extent it cannot perform the service either because such approvals have not been obtained or any third party otherwise prevents EventTracker from performing such services. You assume full responsibility for the control and use of the data contained in any reports provided by EventTracker hereunder. You acknowledge the potential privacy and other issues associated with the collection and use of this data. You assume full responsibility to back-up and/or otherwise protect all data against loss, damage, or destruction. You acknowledge that it has been advised to back-up and/or otherwise protect all data against loss, damage or destruction. You recognize that information sent to and from you will pass through EventTracker’s systems and accordingly you undertake to comply with all relevant legislation applicable to its use of the Internet. Implementing and using strong passwords for accessing EventTracker dedicated infrastructure, is your responsibility. You agree that you will not resell the Product and/or Services or create or offer derivative versions of the services either directly or through a third party. You agree to pay EventTracker, at EventTracker's then current rates, plus any reasonable actual out-of-pocket expenses, for any rework or additional work resulting from modification of services requested by you (and accepted by EventTracker) or any act or omission by you, including providing inaccurate information to EventTracker. EventTracker shall seek your approval in advance of incurring such costs if it knows costs will be incurred as a result of such act or omission by you. In performing the services, EventTracker may instruct you to perform certain tasks or checks relating to your network / infrastructure. You should, at your own expense, perform all such checks and tests. You shall comply with such laws and regulations governing use, export, re-export, and transfer of EventTracker Products and technology and will obtain all required U.S. and local authorizations, permits, or licenses. You must notify EventTracker within 7 calendar days, if the number of licenses used increases by more than 5% of the declared licenses. EventTracker reserves the right to require you to purchase additional licenses, if the number of actual distinct agents/devices (as shown by EventTracker’s traffic logs) exceeds the number of licenses from time to time. Your failure to comply with this section may be deemed a material breach.

12. Exclusions

EventTracker Control Center will use appropriate processes, procedures and tools to monitor and report against all devices that are reporting into the EventTracker server (s). If any device in your environment is not reporting into EventTracker and there are vulnerabilities exposed on such said device, EventTracker does not take responsibility for such device or the impact that such device may have on the network environment. Services that are not expressly set forth in this Service Description are not covered, including, without limitation, the following:
  • Any customization of EventTracker Software.
  • Services relating to installation of EventTracker Software.
  • Services pertaining to non-EventTracker products used in connection with SIEMphonic Services.
  • Services or software to resolve Software or Hardware problems resulting from third party products.
  • Resolution of causes beyond ECC control or failure by you to perform your responsibilities as set forth in this Service Description.
  • Expenses incurred to visit your location.

12.1 E-mail

Computer viruses can be transmitted via email. Recipients should check received email and any attachments for the presence of viruses. EventTracker accepts no liability for any damage caused by any virus transmitted by email. E-mail transmission cannot be guaranteed to be secured or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.

12.2 Anti-virus Software

Anti-virus software scans files or your computer's memory for certain patterns that may indicate an infection. The patterns it looks for are based on signatures (definitions), of known viruses. Virus authors are continually releasing new and updated viruses, so it is important that the latest definitions be installed across your environment. The management and performance of your Anti Virus solution is out of scope of any services provided by EventTracker.

12.3 Software Patches and Operating System Updates

Software companies on periodic basis release patches or updates for the Products or Technologies they produce. If such patches are not applied when released by the software manufacturer, you might be susceptible for malware to enter your environment. Such malware could exploit flaws in your systems in order to do its work.

Defects in clients such as web browsers, email programs, instant messaging software, image viewers, and or media players may allow malicious websites, email messages, IM messages, images, and sound files to infect or compromise your computer systems with no action on your part, other than viewing or listening to a website, message, or media.

The application and management of system and software patches is out of scope of any services provided by EventTracker.

12.4 Mobiles Phones and Tablets

Such devices are getting more popular and fancier all the time, hence making them a target for theft. If such devices fall into the wrong hands, using the wireless access you could be subject to theft of your identity and other personal information. Also such devices are becoming more susceptible to hacks. Attackers are exploiting vulnerabilities in the software, by writing viruses and other malware for phones and tablets. Such malware can disable your device or expose the data stored on it.

To protect such devices, select a strong password (if applicable to your phone/tablet). This assists in restricting access to the keypad. Change this password often. Keep the operating system and software of your phone /tablet patched and updated to protect against harmful software, just like you would your regular computer system.

The application and management of system and software patches to mobile devices is out of scope of any services provided by EventTracker. Theft and misuse of mobile devices is out of scope of any services provided by EventTracker.

13. Tuning

TUNING is a service offering from EventTracker to its clients. It is recommended that EventTracker remains Tuned at all times. If improperly tuned, system performance can be unpredictable and lead to missed or unwanted alerts, reports, or other conditions.

14. Support

You can contact EventTracker Control Center via e-mail at ecc-alerts@eventtracker.com. You can contact Technical Support via e-mail at support@eventtracker.com You can get updates at http://www.eventtracker.com

15. Copyright

All intellectual property rights in this work belong to EventTracker. The information contained in this work must not be reproduced or distributed to others in any form or by any means, electronic or mechanical, for any purpose, without the prior permission of EventTracker, or used except as expressly authorized in writing by EventTracker Security LLC. Copyright © 1999 - 2017 EventTracker. All Rights Reserved.

16. Trademarks

All company, brand and product names are referenced for identification purposes only and may be trademarks or registered trademarks that are the sole property of their respective owners.

17. Disclaimer

EventTracker reserves the right to make changes to this document and the content described herein without notice. EventTracker has made all reasonable efforts to ensure that the information in this document is accurate and complete. However, EventTracker shall not be liable for any technical or editorial errors or omissions made herein or for incidental, special, or consequential damage of whatsoever nature resulting from the furnishing of this document, or operation and performance of equipment in connection with this document. The information contained in this document represents the current view of EventTracker Security LLC. as of the date of publication. Because EventTracker must respond to changing market conditions, it should not be interpreted to be a commitment on the part of EventTracker, and EventTracker cannot guarantee the accuracy of any information presented after the date of publication.