Detection and Escalation SLA

Where the applicable Service Description identifies and incorporates this MDR Service Level Agreement, Binary Defense takes commercially reasonable measures to comply with the SLAs set forth below with respect to Validated Critical (P1) and High (P2) Severity Alerts.

1. Certain Definitions. For purposes of this MDR Service Level Agreement, the following terms shall have the following meanings. Capitalized terms used but not defined herein shall have the meaning set forth in the Binary Defense Terms & Conditions.

a. "Critical (P1) Severity Alerts” means Validated security alerts identifying wide-scale impact or critical and imminent danger to business operations, critical infrastructure, or sensitive data, and could include, for example, active malware outbreaks, critical system outages, confirmed data breaches, active APT activity, or ongoing DDoS attacks.

b. “High (P2) Severity Alerts” means Validated security alerts identifying localized threats with potential for escalation to critical severity, and could include, for example, isolated malware infections, detected C2 communications, brute-force attacks, or observed minor system disruptions.

c. “Respond” is defined as the assignment of the alert to an analyst, initiation of investigative actions, documentation in the Binary Defense designated incident tracking system, and direction of notification to the Client.

d. “SLA(s)” means the response time commitments applicable to Critical (P1) and High (P2) Severity Alerts as set forth in Section 2 below.

e.“SLA Failure” means an instance in which Binary Defense fails to meet the applicable SLA. A failure to meet an SLA caused by an SLA Exclusion shall not be considered a SLA Failure.

f. “SLA Compliance Commitment” means the percentage compliance commitment Binary Defense complies with regarding the SLA(s), as identified in Section 3 below.

g. “SLA Exclusions” means those circumstances identified in Section 6 below that do not count against the SLA Compliance Commitment.

h. “Validated” means severity alerts designated as Critical (P1) or High (P2) Severity Alerts (as applicable) at the time of ingestion. Alerts whose severity is modified after ingestion are excluded from the SLA Compliance Commitment.

2. SLA Commitments. Binary Defense agrees to take commercially reasonable measures to comply with the following service levels for all Validated Critical (P1) and High (P2) Severity Alerts as such alerts are designated by Binary Defense at the time of ingestion:

a. Critical (P1) Severity Alerts: Binary Defense agrees to Respond to all Critical (P1) Severity Alerts within thirty (30) minutes of detection by Binary Defense’s monitoring systems.

b. High (P2) Severity Alerts: Binary Defense agrees to Respond to all High (P2) Severity Alerts within four (4) hours of detection by Binary Defense’s monitoring systems.

The designation of a severity alert as Critical (P1), High (P2), or neither shall be such designation as designated by Binary Defense at the 1me of ingestion.

3. SLA Measurement and Compliance Threshold. Binary Defense shall use commercially reasonable efforts to comply with the SLAs (cumulatively across Critical (P1) and High (P2) Severity Alerts) ninety-five percent (95%) of instances of Critical (P1) and High (P2) Severity Alerts during any given quarter. The SLA Compliance Commitment for both Critical (P1) and High (P2) Severity Alerts shall be measured cumulatively (both Critical (P1) and High (P2) Severity Alerts combined) on a monthly basis and averaged over a rolling three-month period by using the following equation:

Failures to meet the SLAs based on or relating to any of the SLA Exclusions identified in Section 5 below shall not be attributable to Binary Defense and shall not count against the SLA Compliance Commitment.

4. Service Credit. In the event of Binary Defense’s breach of the SLA Compliance Commitment, the Client may request a Service Credit equal to the following amounts based on the applicable Percent Compliant range identified below:

*Service Credit amounts are based on the total fees invoiced to Client or Services rendered under the applicable Service Description which do not meet the SLA in the affected quarter

For a Service Credit to apply:

a. Client must submit a written claim to Binary Defense fourteen (14) calendar days following the end of the relevant quarter in which Binary Defense breached the SLA Compliance Commitment;

b. Claims must be submitted to service-credits@binarydefense.com;

c. Client must be in good standing (e.g., Client is not delinquent or in default of its payment obligations); and

d. Client has onboarded the Services for at least sixty (60) days

For clarity, the maximum amount of Service Credits that Binary Defense shall be liable for in a single quarter is a Service Credit worth no more than 5% of the total fees invoiced to Client for Services rendered under the applicable Service Description which do not meet the SLA in the affected quarter. Service Credits can only be applied to future Client invoices or the purchase of other Binary Defense Services. Client hereby agrees that this Service Credit constitutes the Client’s sole and exclusive remedy, and Binary Defense’s sole and exclusive liability and obligation, for any claim of non-compliance with this MDR Service Level Agreement or Binary Defense’s failure to meet the SLAs.

5. SLA Exclusions. Failures to meet the SLA based on the following circumstances shall not be attributable to Binary Defense and shall not count against Binary Defense’s SLA commitments:

a. Proof of Concept Services or trials

b. Client-side failures (e.g., access restrictions, delayed approvals)

c. Third-party or Client system outages

d. Maintenance windows

e. Force majeure events and circumstances outside of the reasonable control of Binary Defense

f. Internet access or related issues beyond the demarcation point of Binary Defense

g. Availability or performance of the Internet at large

h. Client’s misuse of the Services or breach of the Binary Defense Terms & Conditions

i. Client negligence

j. Unvalidated or duplicate alerts

k. Alerts whose severity is modified after ingestion

l. Client platform(s) not integrated into Binary Defense Security Workbench

m. Client-created detections that have not been validated by Binary Defense