Service Level Agreement
Red Sword Security Private Limited - Red Sword Strix SLA
Effective Date: 15 May, 2026
Company: Red Sword Security Private Limited
Product: Red Sword Strix
Registered Location: Hamirpur, Himachal Pradesh, India
Contact Email: contact@redswordsecurity.com
Default Data Retention Period: 180 days
1. Purpose
This Service Level Agreement ("SLA") defines the service availability, support commitments, incident response targets, maintenance practices, and customer responsibilities for Red Sword Strix, a cybersecurity SOC intelligence platform operated by Red Sword Security Private Limited.
This SLA applies to paid production customers unless otherwise agreed in writing. Alpha, beta, trial, proof-of-concept, demo, and free access environments are provided on a best-effort basis unless a separate written agreement states otherwise.
2. Service Description
Red Sword Strix is a cybersecurity intelligence platform designed to help organizations reduce SOC alert fatigue by grouping duplicate alerts, suppressing low-value noise, prioritizing high-risk alerts, generating risk scores, and providing investigation context.
The platform may include:
- Alert ingestion
- Alert deduplication
- Noise reduction
- Risk scoring
- Incident timelines
- Threat intelligence views
- Reports and dashboards
- AI-assisted explanations and recommendations
- Integrations with SIEM, Wazuh, cloud, email, Slack, ticketing, or other tools
Red Sword Strix is a security intelligence and decision-support platform. It does not guarantee complete prevention, detection, remediation, or elimination of all cyber threats.
3. Availability Commitment
For paid production customers, Red Sword Security Private Limited will use commercially reasonable efforts to maintain the following monthly uptime targets:
| Plan | Monthly Uptime Target |
|---|---|
| Alpha / Beta / Trial / Demo | Best effort |
| Starter | 99.0% |
| Professional | 99.5% |
| Enterprise | 99.9%, subject to separate written agreement |
"Availability" means the Red Sword Strix web application and API are accessible to the customer, excluding planned maintenance, emergency maintenance, customer-side failures, third-party failures, force majeure events, and customer misconfiguration.
4. Exclusions from Availability
Downtime will not count against the uptime target if caused by:
- Scheduled maintenance
- Emergency security maintenance
- Customer network, device, firewall, DNS, or configuration issues
- Third-party cloud, hosting, API, DNS, SIEM, payment, email, or integration provider failures
- Force majeure events
- Customer misuse, abuse, or unauthorized activity
- Alpha, beta, demo, trial, sandbox, or development environments
- Suspension due to non-payment, abuse, legal compliance, or security risk
- Failure of customer-controlled agents, endpoints, SIEMs, API keys, credentials, or integrations
- Any issue outside the reasonable control of Red Sword Security Private Limited
5. Maintenance
Red Sword Security Private Limited may perform scheduled maintenance to improve reliability, security, scalability, or performance.
Where practical, advance notice will be provided for scheduled maintenance. Emergency maintenance may be performed without prior notice where required to protect the platform, customer data, infrastructure, users, or security integrity.
6. Support Channels
Support may be provided through:
- Email: contact@redswordsecurity.com
- Ticketing portal: to be provided if available
- Phone/WhatsApp support: only where agreed
- Dedicated communication channel: only for approved paid or enterprise customers
7. Support Response Targets
| Severity | Description | Target First Response |
|---|---|---|
| Critical | Platform unavailable or major security-impacting failure | 4 business hours |
| High | Major feature unavailable or significant operational impact | 1 business day |
| Medium | Partial issue, workaround available | 2 business days |
| Low | General query, UI issue, documentation, enhancement request | 3-5 business days |
Alpha, beta, demo, trial, and proof-of-concept access are supported on a best-effort basis.
8. Security Incident Response
If Red Sword Security Private Limited becomes aware of a confirmed security incident affecting customer data or service integrity, it will take reasonable steps to:
- Investigate the incident
- Contain and remediate the issue
- Notify affected customers where legally required
- Cooperate with lawful regulatory or CERT-In obligations where applicable
- Provide reasonably available information required for customer-side incident response
Customers remain responsible for their own statutory, contractual, regulatory, and CERT-In reporting obligations unless otherwise agreed in writing. CERT-In Directions require covered entities to report specified cyber incidents within 6 hours of noticing or being brought to notice of such incidents.CERT-In
9. Customer Responsibilities
The customer must:
- Provide accurate account and organization information
- Maintain confidentiality of login credentials, API keys, tokens, and access controls
- Ensure lawful collection and processing of endpoint/security logs
- Obtain all necessary internal approvals, employee notices, consents, and permissions before deploying agents or integrations
- Ensure endpoints, SIEM tools, firewalls, and integrations are configured correctly
- Not upload illegal, malicious, unauthorized, or unlawfully obtained data
- Not use Red Sword Strix for unlawful surveillance, unauthorized hacking, offensive cyber activity, or privacy violations
- Maintain customer-side backups, logs, access controls, and incident response procedures
- Report suspected platform issues promptly
10. Data Backup and Retention
Unless otherwise agreed in writing, Red Sword Security Private Limited may retain customer data, alerts, reports, audit logs, and operational records for up to 180 days.
| Data Type | Default Retention |
|---|---|
| Security alerts | 180 days |
| Reports | 180 days |
| Audit logs | 180 days |
| User/account records | Account duration + legal requirement |
| Backups | Up to 180 days or backup cycle period |
| Alpha/beta/demo data | Up to 180 days unless deleted earlier |
Retention may vary depending on customer plan, legal requirement, investigation need, technical limitation, or written agreement.
11. Service Credits
Service credits are not refunds. They are applied as credits against future subscription fees. Service credits, if offered, apply only to paid production subscriptions and must be requested within 15 days of the affected month.
| Monthly Uptime | Service Credit |
|---|---|
| Below 99.0% | 5% of monthly fee |
| Below 98.0% | 10% of monthly fee |
| Below 95.0% | 20% of monthly fee |
Alpha / Beta / Trial: No SLA credits
Paid Starter/Professional: Limited service credits
Enterprise: Custom SLA
Service credits are the customer's sole and exclusive remedy for SLA availability failures unless otherwise required by law or agreed in writing. Service credits are not refunds. They are applied as credits against future subscription fees.
12. Limitations
Red Sword Strix assists security teams with alert prioritization, noise reduction, investigation, and reporting. It does not guarantee that:
- All threats will be detected
- All false positives will be removed
- All attacks will be prevented
- All vulnerabilities will be identified
- All AI-generated explanations will be complete or accurate
- All third-party integrations will remain continuously available
13. Governing Law and Jurisdiction
This SLA is governed by the laws of India.
Subject to applicable law, courts located in Hamirpur, Himachal Pradesh, India shall have jurisdiction unless otherwise agreed in writing.