Service Agreement

Introduction


This document outlines the terms and conditions for the use of NeroSwarm Honeypot, also called NeroSwarm, provided by NeroTeam Security Labs SAS (company number: 949119036). By subscribing to our cybersecurity deception services, you agree to adhere to these terms.


Agreement Overview


Parties: This agreement is between NeroTeam Security Labs SAS (referred to as "we" or "us") and the subscribing customer detailed in the order form (referred to as "you").

Included Documents: The agreement includes the quotation, order form, these terms, and any other specific terms agreed upon in writing.

Effective Date: This agreement becomes effective when we accept your initial subscription order and continues until terminated as outlined below.


Subscription Details


Duration: Subscriptions start on the first day of the month following payment receipt and are valid for 12 months.

Renewal: Subscriptions automatically renew each year unless you provide written notice of non-renewal at least 30 days before the end date.

Trial Period: Trial subscriptions last for one month from the start date, with the possibility to extend for an additional two weeks if requested.


Service Description


Components: Our services include access to two types of honeypots, both types of honeypots incorporate AI high interaction capabilities, allowing them to log detailed interactions:

  1. Physical Hardware Honeypots: These honeypots can be deployed within your physical infrastructure and are designed to simulate vulnerable systems to detect unauthorized access attempts and log interactions.
  2. Cloud-Based Docker Container Honeypots: These honeypots can be deployed on any cloud provider and are designed to simulate vulnerable systems to detect unauthorized access attempts.
  3. Honeytoken Documents: Upon the purchase of a honeypot, you are entitled to the creation of unlimited honeytoken documents, which are designed to act as bait to detect unauthorized access and provide additional security insights.

System Requirements: To use our services, you need a high-speed internet connection and necessary infrastructure, including compatible hardware and software.

Cloud-Based Docker Container Honeypots: These honeypots are compatible with the following operating systems and versions:

  • CentOS: Version 8 or above.
  • Debian: Version 12 or above.
  • Fedora: Version 33 or above.
  • Red Hat Enterprise Linux (RHEL): Version 8 or above.
  • Ubuntu: Version 20.04 or above.

Architecture Compatibility: These honeypots are compatible with the following architectures:

  • amd64 (x86_64)
  • arm64 (aarch64)

Support and Maintenance: We provide online support as detailed in your order form. Scheduled maintenance may cause temporary service interruptions. Regular backups and a disaster recovery plan are in place to ensure service continuity.


Access and Usage


Authorized Users: You must maintain a list of authorized users who can access the management console and receive alerts. You are responsible for their actions and ensuring they comply with security protocols.

Third-Party Access: Written permission is required to grant direct access to third parties or use our services to offer similar services to others.


Data Security, Privacy, and GDPR Compliance


Data Ownership: You retain ownership of all data provided or generated to deliver our services. We handle your data according to our privacy policy and relevant data protection laws.

GDPR Compliance: We are committed to complying with the General Data Protection Regulation (GDPR). This includes ensuring that personal data is processed lawfully, fairly, and transparently. We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction.

  1. Data Processing: We process personal data only as necessary to provide our services and in accordance with your instructions.
  2. Data Subject Rights: We support your rights to access, rectify, or erase personal data, and to restrict or object to its processing. You can exercise these rights by contacting us at [email protected].
  3. Data Breaches: In the event of a data breach, we will notify you without undue delay and provide sufficient information to help you meet any reporting obligations.

Confidentiality: Both parties agree to keep each other's confidential information secure and use it only for purposes related to this agreement. Confidential information includes proprietary data, business records, and personal information shared during the term of this agreement.

Intellectual Property: We own or have licenses for all intellectual property related to our services. You may not modify, distribute, or reverse-engineer our technology without prior written consent.


Service Performance and Liability


Our Responsibilities: We will take all reasonable steps to maintain the services, including employing qualified personnel and ensuring system security and stability.

Your Responsibilities: You agree to enter this agreement voluntarily and that it does not violate any other agreements. You also agree to comply with all security protocols and notify us of any security incidents.

Force Majeure: Neither party is liable for non-fulfillment of obligations due to events beyond control, such as natural disasters, pandemics, or war. If such circumstances persist for 60 days or more, either party may terminate the agreement.


Payment Terms


Fees: Subscription fees are outlined in the order form and are due within 30 days of invoice. Interest will be charged on overdue amounts at the prime lending rate plus 1,7%. All fees exclude VAT unless specified otherwise.

Payment Methods: Payments should be made using the methods specified in the order form. Withholding payment for any reason is not permitted.


Termination and Suspension


Service Suspension: We may suspend your access if you attempt unauthorized access, pose a security threat, or engage in fraudulent or illegal activities.

Termination by Notice: Either party can terminate the agreement with 30 days’ written notice. If terminated mid-subscription, refunds are provided only for full months remaining.

Immediate Termination: We may terminate the agreement immediately if we discontinue services, need to comply with legal requirements, or if repeated breaches occur. Upon termination, all services will cease, and any remaining hardware must be returned to us.


Resolving Disputes


Governing Law: This agreement is governed by the laws of France and must be interpreted accordingly.

Dispute Resolution: Parties agree to attempt to resolve disputes through negotiation, followed by mediation or arbitration if necessary. Legal proceedings may be initiated if the dispute is not suitable for arbitration.

Jurisdiction: The parties consent to the jurisdiction of the French courts for any legal proceedings.


Miscellaneous Provisions


Entire Agreement: This agreement constitutes the entire agreement between the parties and supersedes any prior agreements or representations.

Severability: If any provision of this agreement is found to be invalid or unenforceable, the remaining provisions will continue in effect.

Assignment: You may not assign this agreement without our written consent. We may assign it to a successor or purchaser of our business.

Notices: Legal notices and communications will be sent to the email addresses specified in the most recent order form or as updated in writing.


Contact Information


Contact Information: For any questions or concerns regarding these terms, please contact us at [email protected]