RocketCyber and Kaseya Managed Detection Response (KMDR) Terms of Use

April 28, 2026

These RocketCyber and Kaseya Managed Detection Response (“KMDR”) Terms of Use (“Terms“) govern your organization’s (“you,” “your” or “Customer”) use of Kaseya’s RocketCyber and KMDR services (either or both referred to as the “Services” or the “Product”). By purchasing or using the Services, you agree to be bound by these Terms, which are incorporated into the Kaseya Master Agreement accessible here or such other master agreement (the “Agreement”) between you and the Kaseya entity from which you purchase Services (“Kaseya”). Capitalized terms not defined in these Terms have the meaning given to them in the Agreement. In the event of a conflict between the Agreement and these Terms, these Terms will take precedence with respect to the Services.

  1. Definitions

In addition to the definitions set forth in the Master Agreement, the following definitions shall apply.

Alerts” means the presentation to you by the Product of security event information deemed by us or by you (as configured by you in the Product) to require action on your part, often urgent action.

Alert Contact(s)” means personnel whom you have listed in the applicable Product platform to be contacted in the event of an Alert.

Covered Endpoints” means a Supported Application to which you have assigned an active Product License.

Covered M365 Account” means an active, licensed Microsoft 365 user account belonging to a Microsoft 365 tenant that is connected to the Product.

Endpoint” means a desktop, laptop, firewall or server.

Event Data” means information about a time-stamped occurrence generated by the Product , and that signifies a specific action or state of change.

Incoming Communication” means telephone calls or emails placed by your organization to the Kaseya SOC.

Log Data” means information provided to us by the Covered Endpoints regarding actions taken by your identity or Covered Endpoints when using the Product.

Outgoing Communication” means telephone calls, emails or text messages placed by the Kaseya SOC to your Alert Contact(s).

SOC” means the Kaseya Security Operations Center, which services both Products.

Supported Applications” are applications and Endpoints that are a type for which Kaseya provides the Services.

  • A list of RocketCyber Supported Applications can be found in the RocketCyber Integrations Guide, accessible by clicking here, and;
  • A list of KMDR Supported Applications can be found in the KMDR Integrations Guide, accessible by clicking here.

Supported Firewalls” are firewalls of a type and version number which a Product integrates with, and for which Kaseya provides Services.

  • A list Supported Firewalls for RocketCyber can be found in the RocketCyber Integrations Guide, accessible by clicking here, and;
  • A list of Supported Firewalls for KMDR can be found in the KMDR Integrations Guide, accessible by clicking here.

Supported Operating Systems” are operating systems of a type and version number which integrates with a Product, and for which Kaseya provides Services.

  • A list Supported Operating Systems for RocketCyber can be in the RocketCyber Integrations Guide, accessible by clicking here, and;
  • A list of Supported Operating Systems for KMDR can be found in the KMDR Integrations Guide, accessible by clicking here.
  1. Licensing and Services
      1. Licensing.  Each Product is a SOC platform with related management services designed to detect malicious activity across Endpoints and Cloud attack vectors.  Services are provided in exchange for License fees as set forth on the applicable Order.  Onboarding and implementation fees may also apply and shall also be set forth on the applicable Order. Fees are based on the number of Covered Endpoints and Covered M365 Accounts that are to receive Services (“License Units”).  Service is subject to a Committed Service Term as set forth on the Order, and License fees are typically paid monthly in advance unless otherwise agreed to by you and Kaseya.
      1. Proper Licensing.  Service will only be provided with respect to Covered Endpoints and Covered M365 Accounts.  A Product License must be purchased for those Endpoints and M365 Accounts that you wish to have Covered as follows:
        • For Endpoints: One (1) Product License is required to cover each one (1) Endpoint, and;
        • For M365 Accounts: One (1) Product License for required to cover up to 1.3 M365 Accounts.
    2. Transfer of Licenses.  Should you uninstall a Product License from a Covered Endpoint or Covered M365 Account, and transfer/install the License on another, coverage on the newly installed Covered Endpoint or Covered M365 Account may take a number of minutes before becoming active.  A Product can only Alert with respect to Endpoints and M365 Accounts on which the Product is active at the time of the compromise.
    3. Audit of Licensing. Kaseya may, in its discretion, audit use of Products and their License levels at any time, and you hereby agree to cooperate with such audit and promptly provide information as reasonable requested by Kaseya to perform the audit. If such audit reveals that the number of License Units purchased by your organization is below that which is used, Kaseya may automatically increase the number of License Units on your account to the required level, and you hereby agree to pay for such higher number of License Units as well as any true-up charges that Kaseya imposes for past periods during which License Fees paid were below the appropriate level, given actual use.
    4. License Pools and Onboarding. MSPs may purchase Product Licenses in pools, and deploy such licenses to various different Clients from the same pool. Please note that Product coverage will not commence for a Client until that Client has been onboarded with the Kaseya SOC team.
  2. Alerts and Calls with the RocketCyber SOC
    1. Alert Contacts.  You must properly input and update the name, telephone number and email address of Alert Contacts in the product platform.  It is your responsibility to ensure that such contacts are correct and up to date.
    2. Communications with the SOC. The Kaseya SOC will accept communications regarding Alerts and similar security issues. The Kaseya SOC will not answer communications regarding the proper functioning or configuration of a Product platform, or any other Kaseya products or services; such product calls should be directed to Kaseya technical support, which can be contacted as described here Kaseya Helpdesk.  For example:
      • Proper Calls to Kaseya SOC: calls requesting the suppression of certain types of Alerts, or calls asking for more information about suspicious activity.
      • Improper Calls to the Kaseya SOC: calls regarding how to configure a Product, or how to run a particular report within a product.
  3. Your Cooperation and Scope of Services
    The activity that is in scope for a Product is described in the Applicable Product Incident Response Guide which is accessible for RocketCyber by clicking here and accessible for KMDR by clicking here, and accessible for KMDR by clicking here (the “Incident Response Guides”).  Even if listed as in scope, we do not guarantee that all such activity will be detected.  Details regarding the division of responsibility between you and Kaseya, is also set forth in the applicable Response Guide.   Delays in your response can cause risk, and the inability of Kaseya to perform Services.   You and your organization agree to promptly provide the cooperation and information to Kaseya described in the Response Guide.   Kaseya is not responsible for any delay or failure to provide Services where your organization does not meet the obligations described in the Readiness Guide.
  4. Treatment of Special Data and Retention
    1. General Overview of Special Data. Each Product gathers Log Data and creates Event Data from such Log Data. The Product provides you with Alerts based on the Event Data. You hereby represent and warrant that: (i) you or your customers (as applicable) have sufficient rights, consents, permissions or licenses in and to the Log Data as may be necessary and appropriate for use with the Services; and (ii) you authorize us to access and interact with the Log Data to create the Event Data and Alerts.
    2. Rights in the Special Data. Except for the limited license granted hereunder: (i) you (or your customer, as applicable) retain all existing rights in and to the Log Data, and; (ii) we retain all rights in and to the Event Data and Alerts.
  5. General Terms
    1. Change in Support Status.  .  In Kaseya’s discretion, Kaseya may modify the list of Supported Applications, Supported Operating Systems or Supported Firewalls based on reasonable grounds such as, for example and not limitation: (i) a manufacturer’s end-of-support, or; (ii) known issues, bugs, malicious code or vulnerabilities that render support problematic or potentially damaging.
    2. Data Retention. RocketCyber will retain data related to your RocketCyber Subscription as described in the article accessible by clicking here  KMDR will retain data related to your KMDR Subscription as described in the article accessible by clicking here
    3. Non-Solicitation. During any Product Subscription, and for one (1) year thereafter, you shall not, directly or indirectly, solicit to employ in any capacity (including, as employee or contractor) any Kaseya personnel with whom you interacted with respect to your Services (“Restricted Personnel”). Further, you shall not, directly or indirectly, influence or induce Restricted Personnel to discontinue or reduce the scope of the relationship with Kaseya.  Breach of this section shall entitle Kaseya damages including, in its discretion, the right to terminate the Services based on your breach.