7.7 Modification of ReliaQuest Content
RQ Labeled Content should not be modified by the Customer at any time. If any RQ Labeled Content is modified by Customer or any third party, ReliaQuest will not be responsible for any negative repercussions including but not limited to, response times, GreyMatter Integration issues, or other issues caused by the changes. If Customer would like to modify RQ Labeled Content, Customer shall submit a ticket with requested modifications within RQ Portal or make such request directly to a Customer Success Manager in writing.
ReliaQuest recommends Customer provide the following documentation to aid ongoing enablement:
- Latest risk assessment and/or penetration test that includes most credible threats and highest severity vulnerabilities
- Full Log Source list with asset categories (compliance, critical, or other classification)
- List of compliance requirements (SOX, HIPAA, PCI, etc.)
- Security team contact information
- Scanning schedules and IP addresses for both internal and external scanners
- Public Domain(s) and IP Addresses
- Company and Brand Name(s)
- Capitalized terms used herein not defined in context have the meanings set out in this Section 7:
8.1 “Content” means the methodology, design, logic, and construction (including all code and scripts) of RQ labeled content designed to detect, correlate, and flag actionable activity.
8.2 “Content Artifact” means an alert, rule, report, or a dashboard.
8.3 “Core Component”means any component, or system that is required to normalize, aggregate, store and visualize data for a technology with the exception of agents.
8.4 “Critical Content”means a rule designed to detect a known active threat in the Customer’s environment that existing Content does not provide coverage for, for any Log Source Technologies in scope under the Order.
8.5 “Customer”means the opposite party to ReliaQuest in the Order and the party to which ReliaQuest is providing the ongoing enablement in the Order.
8.6 “Customer Roadmap” means the plan developed by ReliaQuest.
8.7 “Customer Success Manager” means a ReliaQuest dedicated point of contact responsible for customer success.
8.8 “Emergency Content” means a request for Content from the Customer to address an issue that presents an imminent threat to business continuity of Customer.
8.9 “EDR” means endpoint detection and response technology.
8.10 “EDR Technology” means EDR Vendor, Product Name
8.11 “EDR Integration Plus”means EDR Vendor, Product name integrated into GreyMatter for all eligible GreyMatter capabilities and ReliaQuest ongoing enablement.
8.12 “GreyMatter” means ReliaQuest’s security operations platform developed by ReliaQuest and consisting of GreyMatter Automate, Detect, Health, Intel, and Investigate capabilities, and any other related ReliaQuest software tools, programs, or platforms, whether existing now or developed by ReliaQuest during the Order, including any enhancements, derivatives, or developments.
8.13 “GreyMatter Additional Integration”means Technology Vendor, Product Name, Function integrated into GreyMatter for limited GreyMatter capabilities.
8.14 “GreyMatter Automate”means the GreyMatter capability which supports the actions to enrich data and/or contain or remediate threats.
8.15 “GreyMatter Detect” means the GreyMatter capability which supports the overall content methodology and lifecycle to accelerate Customer’s detection visibility and facilitate evolution of Customer’s capabilities.
8.16 “GreyMatter Digital Risk Protection”means an add on to GreyMatter Intel to detect data loss, identify brand impersonation, and the Customer’s web and digital attack surface.
8.17 “GreyMatter Health” means the GreyMatter capability which supports the overall health of the GreyMatter Integration..
8.18 “GreyMatter Hunt”means the GreyMatter capability which supports threat hunting potentially leveraging data from Customer’s GreyMatter Integration.