Ransomware Guarantee

Ransomware Warranty


This SentinelOne Ransomware Warranty (“Warranty Agreement”) outlines the terms and conditions of the Ransomware Warranty (“Warranty”) that SentinelOne, Inc. (“SentinelOne”) grants to SentinelOne customers who subscribe to its Control or Complete SKUs of SentinelOne’s malware protection solutions (“Company”) and “Solutions”) under the SentinelOne Terms and Service (“Terms”). This Warranty Agreement governs the Warranty, provided that the Warranty is included in a quote between SentinelOne, the Company, or an approved SentinelOne partnership and the Company (collectively ” PO“). This Warranty shall become effective on the date of execution of the PO (” Effective Day“), and will remain in effect until the Company subscribes and uses the Solutions according to the terms of this Warranty Agreement (” Warranty Terms“). You represent that the Company has authorized you to accept the Warranty as part of your subscription to the Solutions. The meaning of capitalized terms will be the same as the meanings assigned to them in this Warranty Agreement. Capital terms that are not defined in the Warranty Agreement will have the meanings assigned in the Terms.

The parties agree to be bound by the following terms and conditions:

Special Ransomware Warranty

1. Warranty. The Endpoints of the Company will be protected by the Solutions, provided that the Company subscribes to them following the Terms. All Endpoints covered by the Warranty shall be subject to this Agreement, provided:

  • (a) Solutions are deployed in Endpoints according to the Documentation. Endpoints such as these are currently active and properly configured.
  • (b) This Warranty covers only files that are located on Endpoints.
  • (c) All Endpoints of the Company must have the following configurations:
    • (i) Solutions
      • There are two policy mode options: Threats: Protect or Suspicious. Protect.
      • All engines are on (except Application Control).
      • Cloud connectivity is not disabled.
      • Anti-Tamper has been turned ON
      • Snapshots can be turned ON
      • Scan New Agents can be turned ON
      • Before Ransomware infect, the SentinelOne Windows Endpoint Agent’s latest General Availability (GA), or GA with a critical Security Service Pack (SP), if applicable) version is deployed.
      • There are no Pending Activities (such as Reboot), listed at any Endpoint.
      • The Management Console can be used in a supported version.
      • The Management Console and Agent do not support exclusions that are specified in the SentinelOne Knowledge Base article “Not Recommended Exclusions”.
      • Binary Vault can be enabled, if available
      • 2 Factor authentication is enabled =
    • (iii) Operating System:
      • The Warranty covers Standard (not Legacy), Windows Agents, and supported versions of Microsoft Windows (as described in the SentinelOne Knowledge Base article “System Requirements”.
      • Before SentinelOne Windows Agent installation, each endpoint has been virus-free.
      • OS is up-to-date and patched to ensure security updates are applied on all Endpoints. All vulnerable applications have been updated to the latest versions.
      • VSS (Volume Shadow Copy Service), is enabled on all Windows devices. VSS Disk Space Usage must be set up with at least 10% on all drives.
  • (d) Following infection, the Company follows the following manual steps (i.e. Upon detection of Ransomware, the Company follows these manual actions:
    • Add Ransomware threat immediately to your blacklist.
    • If the Ransomware is not blocked but was only detected, the remediation and rollback action takes place within one hour of infection/discovery.
    • notifies SentinelOne of the Ransomware discovery within 24 hours at warranty@sentinelone.com.
      This Section 1(d), however, shall not apply if the Company subscribes to Vigilance Response during the Warranty Term.

2. Scope and conditions of the Warranty. SentinelOne will pay the Company’s actual damages resulting from a ransomware attack against Company Endpoints that are covered under the Warranty Agreement. This includes the requirements in Section 1 and a cap of USD 1,000 per Endpoint that is affected by a Breach. The additional cap of USD 1,000,000 for each consecutive 12 months in which the Company subscribes, concerning the affected Endpoint, is subject to this Warranty Agreement.

3. Precedent to Warranty Payment. SentinelOne will only pay the Warranty Payment if the Ransomware attack is reported by the Company during the Warranty Term and Company subscription.

4. Exclusions – The Warranty does not apply to any breach primarily caused by: (i) any deployment configuration or use of the Solutions (or any portion thereof) in a way inconsistent with the Documentation and the requirements of Section 1, (iii), Company’s negligence, misconduct, or (iii), other products and/or service which directly or indirectly causes the malfunction or nonperformance of the Solutions concerning the Ransomware.

5. The Only and Exclusive Remedy. SentinelOne is liable for any breach of the warranty and will only seek the above remedy.

6. Definitions. These capitalized terms shall be understood as follows:

  • (a) ” Break” refers to the unauthorized access of at least 1 Company Endpoint through Ransomware that has caused material damage to the Company. “Material harm” can be defined as (i) the unencrypted acquisition of digital data that compromises security, confidentiality, or integrity of personal or confidential information kept by the Company; and (ii). public disclosure of personal or confidential information maintained at the Company; or (iii). the compromise of at most one Company Endpoint, resulting in access to such Endpoint.
  • (b) ” Ransomware“, a malware program that infects the Company’s systems from outside sources (i.e. in the wild), and continues to demand payment (“the Ransom“) to decrypt encrypted files. Ransomware is not malware that has been introduced to Company’s systems by any third party, either intentionally (i.e. malware testing), or because of a breach in its security.
  • (c) ” endpoints” means any computing device that runs Microsoft Windows and has the Solutions installed according to the Documentation under the valid Terms between SentinelOne, the Company.

7. Additional Terms and Conditions. This Warranty Agreement shall not affect any other terms or conditions of the Terms, except as specifically stated in the Terms. If there is any conflict between this Warranty Agreement’s terms and those contained in the Terms relating to the Warranty, this Warranty Agreement will prevail.

8. Miscellaneous. This Warranty Agreement is the entire agreement between the parties regarding the Warranty granted hereunder. It supersedes all previous agreements or representations. SentinelOne can modify the terms of this Warranty Agreement at any time, at its sole discretion. However, such revisions will not reduce or eliminate Section 2’s monetary remedy. SentinelOne will pay the Company a portion of the Warranty. The company also agrees that SentinelOne will acquire a right to sue the hacker who delivered Ransomware to Company. SentinelOne may also sue the hacker for damages. SentinelOne is allowed to help SentinelOne in any such claim. Any provision in this Warranty Agreement that is held invalid or unenforceable shall be amended only to the extent that it makes it enforceable. This Warranty Agreement shall be governed and construed according to the substantive laws in California. California’s competent courts will have exclusive jurisdiction over any dispute arising out of or connected with the Warranty Agreement.