Event

Online
Cybereason Partner Agreement

This Cybereason Partner Agreement is a legal agreement between the entity entering into this Agreement (“Partner”) and Cybereason Inc.,
a Delaware corporation with offices located at 200 Clarendon Street, Boston, MA 02116 USA (“Cybereason”) (each a “Party” or
collectively the “Parties”).


BY CLICKING “I ACCEPT,” THE INDIVIDUAL ACCPETING THESE TERMS (“YOU”) REPRESENT THAT (I) YOU HAVE THE
AUTHORITY TO LEGALLY BIND PARTNER TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, (II) YOU HAVE
READ THESE TERMS AND CONDITIONS, AND (III) YOU HEREBY AGREE ON BEHALF OF PARTNER TO COMPLY WITH
AND BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT. SUBJECT TO THE WRITTEN NOTIFICATION
OF CYBEREASON EXPRESSLY APPROVING PARTNER AS AN AUTHORIZED PARTNER OF CYBEREASON, THIS
AGREEMENT SHALL BECOME EFFECTIVE ON THE DATE YOU CLICK “I ACCEPT.”


In consideration of the promises and the mutual agreements set forth herein, and intending to be legally bound, the parties hereby agree
as follows:
1. Definitions
1.1 “Affiliate” means an entity that directly or indirectly controls, is controlled by, or is under common control with a Party. For
purposes herein, “control” means ownership, directly or indirectly, of more than fifty percent (50%) of the voting shares or other
equity interest in an entity.
1.2 “Anti-Corruption Laws” means: (i) the U.S. Foreign Corrupt Practice Act, (ii) the UK Bribery Act 2010, and (iii) any anti-bribery or
anti-corruption provisions in the criminal, anti-competition, anti-bribery, anti-money laundering and/or anti-corruption laws of
the Territory and the jurisdictions in which each of the Parties to this Agreement operate, together with any amending,
consolidating or successor legislation or case law which has effect from time to time in the relevant jurisdiction.
1.3 “Business Partner Code of Conduct” means the Cybereason Business Partner Code of Conduct, as may be amended from time
to time, available at https://www.cybereason.com/business-partner-code-of-conduct.
1.4 “Capacity Addendum” means an addendum describing the relevant capacity and the terms and conditions applicable to said
capacity as set out in the exhibits hereto.
1.5 “Confidential Information” means, any information, data or knowledge of any kind and in any form and however disclosed,
presented or displayed, by a Party hereto and/or any of its affiliates (“Disclosing Party”) to the other Party (the “Receiving Party”)
and which is not generally available to the public, including technology, products and services (and any related documentation),
computer programs, business information, trade-secrets, methodology, know-how, marketing and other commercial/financial
knowledge, techniques, specifications, plans and other proprietary information. Confidential Information shall not include
information which the Receiving Party or its Representatives can demonstrate (a) is in or comes into the public domain without
fault on the part of the Receiving Party or any of its Representatives; (b) was lawfully known to it prior to its disclosure by the
Disclosing Party; (c) is disclosed to the Receiving Party or its Representatives by a third party without breaching of any duty of
confidentiality; (d) was independently developed without reference to the Confidential Information; (e) is made available to third
parties by the Disclosing Party without restriction on the disclosure of such information; or (f) is approved by the Disclosing Party
for release in writing.
1.6 “Documentation” shall mean the documentation, technical specifications and material pertaining to the Offering provided by
Cybereason to Partner for use in conjunction with the Offering. For the avoidance of doubt, Documentation does not include
marketing materials or other information or communications.
1.7 “End User” means an individual or entity receiving products or services from and/or via the Partner based on the Offering.
1.8 “End User Agreement” means the form of Cybereason End User Agreement available at https://www.cybereason.com/mlsa as
may be amended from time to time by the Cybereason or other similar agreement approved by Cybereason.
1.9 “Export Controls and Economic Sanctions Laws” means all export control, economic or financial sanctions, and trade embargo
laws, regulations, orders, directives and other legal requirements applicable to Cybereason, Partner, and/or any Targets,
including but not limited to those administered and enforced from time to time by (a) the U.S. government, including the U.S.
Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), the U.S. Department of State, or the U.S. Department
of Commerce, (b) the United Nations, (c) the European Union (“EU”), (d) the state of Israel, (e) HM Treasury of the United
Kingdom, or (f) the government of any other country or territory in which Cybereason, Partner, or any Target conducts or in the
past have conducted business, directly or indirectly.
Cybereason Partner Agreement – Online Version- April 2022
1.10 “Intellectual Property Rights” means all patents, patent rights, copyrights, mask work rights, moral rights, rights of publicity,
trademark, trade dress and service mark rights, goodwill, trade secrets, trade secret rights and other intellectual property rights,
as may now exist or hereafter come into existence, and all applications therefor and registrations, renewals and extensions
thereof, under the laws of any state, country, territory or other jurisdiction.
1.11 “Offering” means any software, software as a service, any other service provided by Cybereason and any related Documentation.
1.12 “Partner Program” means Cybereason’s program applicable to its partners as set out in the Partner Portal, as may be amended
from time to time, and which may include, inter alia, matters such as partner tiers, goals and requirements, details of the
Offerings, pricing, deal registration process, and additional partner benefits and obligations.
1.13 “Partner Portal” means the portal located at https://cybereason.force.com/partnercommunity/login (or any other URL as
Cybereason may advise from time to time).
1.14 “Prohibited Person” means any individual or entity that is (i) on the U.S. Department of Commerce’s Denied Persons List, Entity
List, Unverified List or affiliated lists, (ii) on the OFAC Specially Designated Nationals and Blocked Persons List, (iii) on the U.S.
Department of State’s Debarred List or Nonproliferation List, (iv) located, resident, or organized in jurisdictions subject to U.S.
and/or other applicable territorial sanctions (collectively “Prohibited Jurisdictions”; as of the date of this Agreement, such
jurisdictions include, without limitation, Cuba, Iran, Iraq, Lebanon, Libya, North Korea, Sudan, Syria, Venezuela, Yemen and the
Regions of Crimea, Donetsk and Luhansk (Ukraine), (v) any entity, regardless of location, that is owned or controlled by a
government of any Prohibited Jurisdiction, or (vi) otherwise the targets of any Export Controls and Economic Sanctions Laws
such that dealings with such individual or entity by the Cybereason, Partner, or any Target would be prohibited.
1.15 "Representatives" of a Party shall mean such Party’s directors, officers, employees, consultants, agents or advisers (which shall
not include a competitor of the Disclosing Party) and any other person that the Disclosing Party has authorized the Receiving
Party to disclose the Confidential Information to.
1.16 “Target” means any individual, partner, corporation or other legal entity to which Cybereason’s products or services are
promoted, marketed or planned to be marketed.
1.17 “Territory” means the geographic region or territory expressly authorized by Cybereason and notified to Partner in writing.


2. Appointment of Partner; Purchases
2.1 During the term of this Agreement, the Partner may act in the specific capacity approved by Cybereason in writing, in the relevant
Territory, subject to the provisions of this Agreement, the relevant applicable Capacity Addendum (as set out in the exhibits
hereto), and the Partner Program. For the avoidance of doubt, Cybereason may agree to approve more than one specific capacity
for Partner. Notwithstanding the above, Cybereason retains the full and complete right to license, sublicense, assign, market
and/or otherwise distribute, directly or indirectly through third parties, the Offering or any part thereof, throughout the world.
2.2 Partner shall issue a written purchase orders to Cybereason for all orders placed for an Offering. No purchase order shall provide
for a delivery date sooner than Cybereason’s applicable lead-time for the Offering ordered unless approved in writing by
Cybereason. Cybereason shall have the right, within its sole discretion, to accept or reject any orders, and no purchase order
shall be binding upon Cybereason unless accepted by Cybereason. Each purchase order will set forth, at a minimum, the following
(i) the name and address of the End User, (ii) the number or type of package of Offering(s) being purchased (including the number
of endpoints) and under which Capacity Addendum, (iii) the countries and locations where the Offerings(s) are to be installed,
(iv) requested delivery dates, (v) requested ship to location(s), (vi) billing address, (vii) reference to this Agreement and/or the
quotation under which the purchase order is issued, (viii) an email contact address of Partner for billing purposes, and (ix) any
other reasonable information required by Cybereason. Purchase orders shall constitute firm purchase obligations on behalf of
Partner.
2.3 Except as expressly provided in this Agreement, and subject to the warranty provisions of this Agreement or the End User
Agreement, as applicable, neither Partner nor End User shall be entitled to return and/or exchange any Offering, nor shall they
be entitled to receive any refunds with respect to any such Offering for any reason.
2.4 The terms and conditions of this Agreement shall exclusively govern the purchase and supply of the Offering under this
Agreement and shall override any conflicting, amending and/or additional terms contained in Partner’s purchase order, provided
that in case of any conflict or inconsistency with the provisions contained herein and those in the End User Agreement, the latter
shall govern.
2.5 Subject to the terms and conditions of this Agreement, Partner is authorized to access and use the Offering, on a nonexclusive,
nonsublicensable (unless specifically authorized in a Capacity Addendum), nontransferable basis, solely for the purpose of:
(i) demonstrating the Offering to prospective End Users, and (ii) providing training in the use of the Offering to Partner’s
employees and End Users. Partner may only demonstrate the Offering once with respect to any potential End User, and any
Cybereason Partner Agreement – Online Version- April 2022
demonstration of the Offering shall expire with respect to each potential End User after thirty (30) days from its first use with
respect to such potential End User, unless otherwise approved by Cybereason. Furthermore, without derogating from any other
provision hereof and notwithstanding anything contained in this Agreement to the contrary, the demonstration Offering is
provided “AS IS” and Cybereason shall not be liable for any damage and/or loss, of any kind whatsoever, arising from and/or
related to the demonstration of the Offering.
2.6 Partnershall provide prompt written notification of any suggestions, comments, complaints or other feedback about the Offering
and/or Cybereason’s Confidential Information (“Feedback”) that are made by End Users or Partner’s prospective End Users, or
that originate with Partner, and of any problems with the Offering or its use of which Partner becomes aware. Such written
notification shall be the property of Cybereason, and shall be considered Cybereason’s Confidential Information hereunder.
Partner hereby grants, on behalf of itself and its End Users and prospective End Users, to Cybereason a worldwide, irrevocable,
non-exclusive, royalty-free, fully paid, perpetual, sub-licensable and transferable license to use, disclose, reproduce, distribute,
publicly display, exploit and prepare derivative works of the Feedback or any part thereof, and Partner hereby waives on its and
their behalves, any moral rights in the Feedback, to the extent permitted by law.
2.7 Cybereason shall have the right to make modifications to the Offering and Cybereason’s Confidential Information at any time.
2.8 Partner Affiliates that have been approved by Cybereason’s compliance department may place purchase orders subject to the terms of this Agreement, provided that Partner is responsible for
ensuring such Affiliate’s compliance with the terms of this Agreement and shall be responsible for any breach of the terms hereof
by any such Affiliate.


3. Prices and Payment Terms
3.1 Prices for the Offerings are set out in the Partner Program. Unless otherwise agreed between the Parties in writing, amounts due
shall be invoiced by Cybereason upon execution of the applicable purchase order and shall be paid by Partner to Cybereason in
USD within thirty (30) days of the invoice date. If any fees payable by an End User to Partner is payable in installments, such
installment methodology is for the convenience of the End User only, and the full amount of the fees payable by Partner to
Cybereason with respect to such End User is acknowledged as fully earned by Cybereason’s acceptance of a purchase order with
respect to such End User and such amounts shall be payable by Partner as set out above unless otherwise agreed between the
Parties in writing. Partner is obligated to pay the applicable fees set out in the purchase order by the above due date regardless
of whether it has received payment from the End User. Such fees payable by Partner constitute the agreed consideration for
Cybereason’s authorized access to and use of the Offering and the provisions of the Offering to an End User.
3.2 All prices are exclusive of shipping, insurance and installation charges, all of which are Partner’s sole responsibility. All prices are
exclusive of all sales, use, excise, value added, withholding and other taxes, and all customs duties and tariffs now or hereafter
claimed or imposed by any governmental authority upon the sale or license of the Offering. Any such taxes, duties or tariffs will
be added to the price or subsequently invoiced to the Partner. In the event Cybereason is required to pay any such tax, duty,
tariff or any such charge, Partner will promptly reimburse Cybereason therefor on an after-tax basis. Any taxes or levies based
on the income, revenue or profits of Cybereason in Cybereason’s country of incorporation will be paid by Cybereason and will
not be reimbursed by or recharged to Partner.
3.3 Any amounts not paid when due may accrue, at Cybereason’s election, interest at the rate of 1.5% per month, or the maximum
amount allowed by law, if lower. Each accepted purchase order is a separate, independent transaction, and Partner has no right
of setoff, offset, deduction, counterclaim, reduction, recoupment or other charge against other purchase orders or other
transactions with Cybereason. Unless otherwise agreed between the Parties in writing, no discounts for prepayment are
authorized.
3.4 For the avoidance of any doubt, it is hereby clarified that Cybereason shall not be required to pay any fees, or other remuneration
to Partner in consideration for any of Partner’s marketing, promotion, or other services or activities relating to the Offerings.


4. Proprietary Rights
4.1 Title to and ownership of the Offering and Cybereason’s Confidential Information, and any improved, updated, modified or
additional parts thereof, and all copyright, patent, trade secret, trademark and other Intellectual Property Rights embodied
therein or related to the Offering and/or the Cybereason’s Confidential Information, shall at all times remain the property of
Cybereason or Cybereason’s licensors. The use by Partner of of the Offering and Cybereason’s Confidential Information is
authorized only for the purposes herein set forth and upon termination of this Agreement for any reason, such authorization will
cease. Partner hereby undertakes to keep the Offering and Cybereason’s Confidential Information free and clear of all claims,
liens and encumbrances and not to sell, assign, transfer, encumber or dispose of in any way any such Offering or Cybereason’s
Confidential Information except as explicitly permitted under this Agreement.
4.2 Partner shall not and shall not cause or permit others to (i) copy, modify, sublicense, sell, distribute, transfer, tamper with,
reverse engineer, disassemble or decompile the Offerings or any part thereof or otherwise attempt to derive or obtain the source
Cybereason Partner Agreement – Online Version- April 2022
code of the Offerings or any part thereof; (ii) modify, improve or make derivative works incorporating the Offerings or any part
thereof, nor use the Offerings or any part thereof as part of a service bureau, or to provide commercial, rental or sharing
arrangements for the benefit of any third party; (iii) remove and/or alter any copyright notices, trademark, logo or other
proprietary or restrictive notice or legend affixed to, contained or included in, the Offerings and/or (iv) use or provide access to
the Offerings to any Cybereason competitor and/or for any purposes competitive to Cybereason including creating or developing
competitive intelligence software or services based in part or in whole on data provided by Cybereason, or causing or allowing
any End-User, third party, agent or other designee to do so; (v) perform any benchmarking of the Offerings (save for in the course
of performing an evaluation of the Offerings authorized by Cybereason), or use or disclose the results of any testing or
benchmarking of the Offerings to any third party; (vi) disparage Cybereason, the Offering or other products or services of the
Cybereason (vii) disclose any competitive information to any third party (viii) engage in any unethical practices with respect to
its dealing with End-Users (ix) use any feature of the Offering for any purpose other than in the performance of, and in accordance
with, this Agreement; (x) use the Offerings in any application that involves risk of death, personal injury, or severe property or
environmental damage, or in any life support applications, devices or systems except as explicitly approved in writing by
Cybereason’s Chief Executive Officer. Furthermore, Partner shall comply with all applicable laws, including data protection and
privacy laws, and shall not send or cause to be sent any unsolicited email, including without limitation newsgroup postings
4.3 Partner may use the Offering names of Cybereason in Partner’s advertising and promotional media used for marketing the
Offering, provided (i) that Partner conspicuously indicates in all such media that such names are trademarks of Cybereason and
its licensors and (ii) that Partner submits all such media to Cybereason for prior approval in its reasonable discretion. ANY USE
OF THE CYBEREASON TRADEMARKS (AS DEFINED IN CYBEREASON’S EXTERNAL BRAND GUIDELINES) IS SUBJECT TO
CYBEREASON’S EXTERNAL BRAND GUIDELINES, LOCATED AT: https://www.cybereason.com/external-brand-guidelines .
Partner shall not remove and/or alter any copyright notices, trademark, logo or other proprietary or restrictive notice
(hereinafter, collectively “Proprietary Notices”) or legend affixed to, contained or included in, the Offering or Cybereason’s
Confidential Information and Partner shall reproduce and copy all such Proprietary Notices on all copies of the Offering and
Cybereason’s Confidential Information, if applicable, or any part thereof, made pursuant and subject to the terms of this
Agreement. Upon termination of this Agreement for any reason, Partner will immediately cease all use of the Offering names
and, at Cybereason’s election, destroy or deliver to Cybereason all materials in Partner’s control or possession which bear such
names, including any sales literature. Partner will not challenge Cybereason’s ownership of its patents or any Intellectual
Property Rights claimed by Cybereason or its licensors in its trademarks, trade names or logos, or use any trademark, trade name
or logo which might be confusingly similar to Cybereason’s trademark, trade name or logo.


5. Partner’s Responsibilities
5.1 Partner may register an opportunity in accordance with Cybereason’s deal registration policy set out at
https://nest.cybereason.com/resource-documents/cybereason-deal-registration-policy.
5.2 Partner will, at all times, conduct its business in a professional manner which will favorably reflect upon Cybereason. Partner
shall at all times comply with good business practices and all applicable laws and regulations relevant to this Agreement and the
subject matter hereof. Partner shall at all times maintain whatever organization and resources that are necessary for the
performance of its obligations pursuant to the terms of this Agreement.
5.3 Partner shall advise each End User of the appropriate operating systems, operating environment, licenses, application server
licenses, web server licenses and the hardware required for the installation and operation of the Offering.
5.4 Partnershall use commercially reasonable efforts to market and promote the Offering in the Territory. These efforts may include,
without limitation, the use of mailings, telemarketing programs, advertising, seminars, other customary marketing techniques
and collaboration with Cybereason. Partner further agrees to place Cybereason’s logo on the partner section of Partner’s
corporate Website in equal to or greater position as other vendor logos if the partner supports a corporate Website.
5.5 Unless Partner is allowed to sublicense the Offerings (as set out in the relevant Capacity Addendum and/or as approved by
Cybereason in writing), Partner shall ensure that Targets that wish to evaluate the Offering shall enter an End User Agreement
(and if such evaluation is by way of an on premises deployment or the Offering is installed by the Partner, then Partner shall
provide Cybereason with a copy of the End User Agreement executed by the End User). Unless otherwise agreed, Partner shall
ensure that each End User that evaluates the Offering to complete its evaluation within a thirty (30) day period, provided that
such period may be extended with Cybereason’s prior written consent, after which time Cybereason shall be entitled to
deactivate such End User’s evaluation license to the Offering.
5.6 Partner shall (i) provide truthful and complete documentation supporting, in reasonable detail, the work performed and any
expenses incurred in connection with this Agreement; (ii) maintain true, accurate, and complete records related to work
performed and any expenses incurred under this Agreement; and (iii) retain such records for a period of five (5) years following
the termination of this Agreement. Partner shall maintain an accurate and complete list of all End Users to whom Partner
Cybereason Partner Agreement – Online Version- April 2022
markets and promotes Cybereason’s products and services, including the names, contact and addresses of each End User and
shall provide the same to Cybereason upon its request.


6. Delivery
Cybereason shall use commercially reasonable efforts to meet the agreed delivery/make available date for the Offering. The time
period of delays and holds resulting from Partner or End User activity or omission may extend the agreed date but shall not affect
the commencement and end dates of any agreed term. Any partial activations or installations delivered by Cybereason may be
invoiced separately. No part of any fees payable by Partner to Cybereason shall be subject to deduction, offset, setoff, counterclaim
or reduction, recoupment or other charge as a result of any such delay, hold or extension.


7. Acceptance
The Offering shall be deemed accepted once the software is available for download and the instance is provisioned. Partner must
provide written notice to Cybereason within thirty (30) days of such time in the event that the Offering does not conform to the
purchase order.


8. Warranty and Limitation of Liability
8.1 EXCEPT FOR THE WARRANTY TO THE END USER SET FORTH IN THE END USER AGREEMENT, CYBEREASON PROVIDES THE
OFFERING AND CYBEREASON’S CONFIDENTIAL INFORMATION “AS IS” AND MAKES NO WARRANTIES WITH RESPECT TO SAME
AND DISCLAIMS ALL IMPLIED WARRANTIES WITH RESPECT TO THE OFFERING AND THE CYBEREASON’S CONFIDENTIAL
INFORMATION, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
NON-INFRINGEMENT OF THIRD PARTY RIGHTS, EFFECTIVENESS, USEFULNESS, RELIABILITY OR ARISING FROM A COURSE OF
DEALING OR USAGE OF TRADE.
8.2 IN NO EVENT SHALL CYBEREASON AND/OR ITS LICENSORS OR OTHER PARTNERS BE LIABLE TO PARTNER, END USER OR ANY
THIRD PARTY FOR ANY INCIDENTAL, INDIRECT, PUNITIVE, EXEMPLARY, SPECIAL OR CONSEQUENTIAL DAMAGES, OR FOR COSTS
OF PROCUREMENT OF SUBSTITUTE PRODUCTS OR SERVICES, LOST PROFITS, LOSS OF BUSINESS OR BUSINESS OPPORTUNITIES,
LOSS OF GOODWILL, REPUTATIONAL DAMAGES, WORK STOPPAGE, BUSINESS INTERRUPTION, OR LOST SAVINGS OR REVENUES
OF ANY KIND, OR FOR LOST DATA, DAMAGE TO OTHER SOFTWARE, COMPUTER FAILURE OR MALFUNCTION OR DOWNTIME.
CYBEREASON’S TOTAL AND CUMULATIVE LIABILITY FOR ALL CLAIMS UNDER THIS AGREEMENT AND/OR ANY ORDER, OR FOR
BREACH OF THIS AGREEMENT AND/OR ANY ORDER, HOWEVER CAUSED AND REGARDLESS OF THE FORM OF ACTION, WHETHER
IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, SHALL IN NO EVENT EXCEED 100% OF THE
AGGREGATE AMOUNT RECEIVED BY CYBEREASON FROM PARTNER UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTH
PERIOD IMMEDIATELY PRIOR TO THE DATE THE CAUSE OF ACTION AROSE. THE LIMITATIONS SET FORTH HEREIN SHALL APPLY
EVEN IF CYBEREASON AND ITS RELATED PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND
NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. IN NO EVENT SHALL THERE BE ANY
DUPLICATION OF LIABLITY BETWEEN CYBEREASON AND PARTNER AND/OR END USER.
8.3 ALL REPRESENTATIONS MADE OR AGREEMENTS EXECUTED BY PARTNER TO OR WITH ANY END USER PURSUANT TO THIS
AGREEMENT SHALL BE PARTNER’S SOLE RESPONSIBILITY. FURTHERMORE, EACH SUCH AGREEMENT SHALL CONTAIN AN
ACKNOWLEDGMENT BY ANY THIRD PARTY THAT IT IS NOT RELYING ON ANY REPRESENTATIONS OR WARRANTIES MADE BY
CYBEREASON EXCEPT FOR THOSE WARRANTIES EXPRESSLY MADE IN THE END USER AGREEMENT.


9. Compliance with Laws
9.1 Partner hereby agrees on its behalf and on behalf of its owners, partners, officers, directors, employees, affiliates, and other
persons acting for or on its behalf to abide and strictly comply with Cybereason’s Business Partner Code of Conduct.
9.2 Partner shall comply and shall at all times conduct its business in full accord with all applicable Anti-Corruption Laws.
9.3 Partner shall notify Cybereason in writing of any change in its ownership or in its directors or officers, or if any of its owners,
partners, officer, directors, employees or other persons acting on its behalf is or becomes a Government Official within seven (7)
business days of the effective date of any such change.
9.4 Cybereason shall have the right, from time to time at its expense, to review the books, records, and accounts of the Partner
relating to its activities under this Agreement or to have such audited by its auditors or any consulting firm Cybereason chooses
in its sole discretion for the purpose of verifying compliance with this Section 9. Partner shall fully cooperate in any audit
conducted by or on behalf of Cybereason. Cybereason shall not be liable to Partner for any claims related to its decision to audit
Partner under this Section.
9.5 Partner represents to Cybereason that (i) neither Partner nor any of its owners, partners, officers, directors, employees, or any
other persons acting for or on its behalf is a Prohibited Person, and (ii) Partner shall comply with, and shall at all times conduct
its business in full accord with, all applicable laws, decrees, ordinances and regulations, including those related to anti-boycott,
Cybereason Partner Agreement – Online Version- April 2022
import or use restrictions, the U.S., the UN and that of the Territory and the jurisdictions in which each of the Parties to this
Agreement operate, together with any amending, consolidating or successor legislation or case law which has effect from time
to time in the relevant jurisdiction.
9.6 Partner agrees to comply strictly with all Export Controls and Economic Sanctions Laws and Partner shall take no action that
would cause Cybereason to violate any U.S. or other economic sanctions laws or regulations. Partnershall take all actions, furnish
all documents, and provide all assistance reasonably requested by Cybereason in connection with any application by Cybereason
for any export license that may be required under Export Control and Economic Sanctions Laws for the sale, supply, export, reexport or transfer of any of the Offerings to any Target to which the Partner has marketed and promoted such Offering within
the Territory.
9.7 Partner expressly agrees that, without the prior written authorization of Cybereason and the applicable Government, Partner
shall not (a) directly or indirectly acquire, export, re-export, divert, ship or transfer the Offerings or Cybereason’s Confidential
Information or any related intellectual property or direct product thereof to or for the benefit of any Prohibited Person, or (b)
directly or indirectly disclose any data derived from Cybereason’s Offering or any related intellectual property or direct product
thereof to or for the benefit of any Prohibited Person when such disclosure is restricted or prohibited by Export Controls and
Economic Sanctions Laws. Partner agrees to assist Cybereason with reasonable requests with respect to the Parties’ compliance
with Export Controls and Economic Sanctions Laws, including furnishing applicable certification and other documentation with
respect to Targets.
9.8 Partner undertakes that no Target is a Prohibited Person; and that none of the Offerings will be used for nuclear activities,
chemical/biological weapons, or missile projects unless authorized by the U.S. Government.
9.9 Partner acknowledges that from time to time during the term of this Agreement, Cybereason may in its discretion obtain and
review information regarding Partner’s business practices and history and conduct customary background checks with respect
to Partner, and Partner will cooperate as reasonably requested by Cybereason with all such inquiries, including information
substantiating Partner’s compliance with this Section.
9.10 Partner shall cause its owners, partners, officers, directors, employees, affiliates, and other persons acting for or on its behalf to,
promptly complete any training required by Cybereason, including any training relating to Anti-Bribery and Anti-Corruption
and/or Export Controls and Economic Sanctions Laws. Where deemed necessary by Cybereason, Partner will make its owners,
partners, officers, directors, employees, affiliates, and other persons acting for or on its behalf reasonable available for training
conducted by Cybereason.
9.11 Notwithstanding any other provision of this Agreement, Cybereason shall not be obligated to take any action or omit to take any
action under this Agreement that it believes, in good faith, would cause it to be in violation of any applicable U.S. or other law
or regulation, including Anti-Corruption Laws and Export Controls and Economic Sanctions Laws. Furthermore, Cybereason shall
not provide any benefit under this Agreement to the extent that doing so would expose Cybereason to any applicable economic
sanctions prohibition or restriction under any Export Control and Economic Sanctions Laws.


10. Mutual Representations and Warranties
Each Party represents and warrants to the other that it has been duly registered and (if an entity rather than an individual) organized
in accordance with all applicable laws, it has received all necessary governmental authorizations to enter into and perform its
obligations under this Agreement, if not an individual its entry into and performance under this Agreement has been duly authorized
by all necessary corporate or other entity action, its entry into and performance of this Agreement will not violate any applicable
laws or any other agreements to which it is bound, and this Agreement constitutes its legal, valid and binding agreement, enforceable
in accordance with its terms subject to applicable bankruptcy, insolvency, moratorium or other similar laws affecting the rights of
creditors generally and the application of general principles of equity (regardless of whether considered in a proceeding at law or in
equity).


11. Indemnification by Partner
Partner shall be liable for damages or remedies as provided by law, and shall defend, indemnify and hold Cybereason harmless from
any liability, judgment, fine, loss, damage, claim or expense arising out of or relating to any breach by Partner of any of Partner’s
representations or warranties set forth herein or relating to or arising from Partner’s performance or its failure to comply with its
obligations under this Agreement.
Cybereason Partner Agreement – Online Version- April 2022


12. Confidentiality
12.1 The Receiving Party will maintain the Confidential Information in strict confidence and will use at least the same degree of care
and discretion it uses to protect the confidentiality of its own confidential, proprietary or trade secret information of similar
nature but not less than a reasonable degree of care.
12.2 Except as expressly authorized hereunder, the Receiving Party will not disclose or use or allow others to disclose or use the
Confidential Information without the prior written consent of the Disclosing Party. The Receiving Party shall only use the
Confidential Information for the purposes of this Agreement (the “Purpose") and only disclose the Confidential Information to
those of its Representatives who need to have access to same for the Purpose, provided that each of the Representatives to
whom the Confidential Information is disclosed is bound by confidentiality obligations no less restrictive than those contained
herein and the Receiving Party agrees to enforce any such undertaking. Notwithstanding the above, the Receiving Party
acknowledges that it shall be responsible for any breach of any of the provisions of this Agreement by any of its Representatives,
including after termination of their employment or engagement, as the case may be. The Receiving Party agrees to promptly
notify the Disclosing Party in writing of any misuse or misappropriation of Confidential Information which may come to its
attention.
12.3 If the Receiving Party or any of its Representatives receives a request or order for disclosure of Confidential Information from
any court, tribunal, government department or agency or other official body, or Receiving Party believes disclosure is otherwise
required under applicable law, if legally permissible, it shall promptly notify the Disclosing Party and shall cooperate with the
Disclosing Party (at the Disclosing Party’s expense) in seeking a protective order or other appropriate remedy. If, in the absence
of a protective order or other remedy, the Receiving Party or any of its Representatives is legally compelled to disclose
Confidential Information, it may disclose only that portion of the Confidential Information which is legally required to be
disclosed.
12.4 The Receiving Party shall notify the Disclosing Party immediately in writing upon becoming aware that any Confidential
Information has been disclosed to an unauthorized third party and assist the Disclosing Party in remedying such unauthorized
disclosure.


13. Term and Termination
13.1 This Agreement is effective on the Effective Date and, unless terminated as provided in this Agreement, shall remain in effect for
one (1) year and shall automatically renew for successive one (1) year terms unless terminated by either Party by providing
written notice of non-renewal to the other Party at least 30 days prior to the applicable renewal date. The termination or
expiration of this Agreement shall not affect the obligations of either Party to the other Party pursuant to any purchase order
previously executed hereunder, and the terms and conditions of this Agreement shall continue to apply to such purchase order
as if this Agreement had not expired or been terminated.
13.2 If either Party breaches a material provision of this Agreement and fails to cure such breach within thirty (30) days after receiving
written notice of the breach, the non-breaching Party shall have the right to terminate this Agreement at any time. Partner’s
breach of any payment obligation constitutes a default on the date the payment is due and Cybereason shall have the right to
immediately terminate or suspend this Agreement. Either Party may terminate this Agreement, effective immediately, if the
other Party becomes the subject of a voluntary or involuntary petition in bankruptcy or any proceeding relating to insolvency,
receivership, liquidation or composition for the benefit of creditors that, in the case of an involuntary proceeding, is not dismissed
within sixty (60) days. Cybereason may terminate this Agreement or any other agreement with Partner without any further
obligation if Partner, or its equity holders, partners, officers, directors, employees, representatives, affiliates, subcontractors, or
other agents, take any action which in Cybereason’s sole discretion potentially violates any provision of this Agreement.
Cybereason shall have the right to terminate this Agreement immediately upon Partner’s violation or suspected violation of
Section 9 hereof.


14. Effect of Termination
14.1 Upon the termination or expiration of this Agreement (i) Partner shall (unless set out in the relevant Capacity Addendum or
agreed between the Parties in writing) immediately cease use of the Offering and Cybereason's Confidential Information and
shall delete the Offering from Partner’s systems and shall no longer access Cybereason’s systems in any manner (including cloud
based applications), (ii) all of Partner’s rights hereunder, including with respect to the Offering and Cybereason’s Confidential
Information, shall immediately terminate, provided that each End User Agreement in place with an End User with respect to an
Offering shall survive in accordance with its terms, subject to termination in accordance with its terms under the applicable End
User Agreement and (iii) each Party will treat all Confidential Information of the other Party hereto as stated in Section 12 of this
Agreement.
14.2 In the event of termination by either Party in accordance with any of the provisions of this Agreement, neither Party shall be
liable to the other, because of such termination, for compensation, reimbursement or damages on account of the loss of
Cybereason Partner Agreement – Online Version- April 2022
prospective profits or anticipated sales or on account of expenditures, inventory, investments, leases or commitments in
connection with the business or goodwill of either Party. Termination shall not, however, relieve either Party of any obligations
incurred prior to the termination, including, without limitation, the obligation of Partner to pay Cybereason for the Offerings
purchased prior to such termination. No Partner Subscription Fees or fees for Services paid hereunder shall be subject to
repayment or credit in whole or in part in connection with any such termination, nor relieve Partner of its obligations to make
all payments due hereunder to Cybereason without deduction, offset, setoff, counterclaim or reduction, recoupment or other
charge.
14.3 The provisions of Sections 1, 2.6, 4, 5.6, 8, 9, 10, 11, 12, 14 and 15 of this Agreement, and all payment obligations incurred during
the term of this Agreement, shall survive the expiration or termination of this Agreement for any reason. All other rights and
obligations of the parties shall cease upon termination of this Agreement.


15. Miscellaneous
15.1 If any portion of this Agreement is held invalid, the parties agree that such invalidity shall not affect the validity of the remaining
portions of this Agreement.
15.2 The failure of either Party to exercise any right granted herein or to require any performance of any term of this Agreement or
the waiver by either Party of any breach of this Agreement shall not prevent a subsequent exercise or enforcement of, or be
deemed a waiver of any subsequent breach of, the same or any other term of this Agreement.
15.3 Nothing in this Agreement shall constitute or create a joint venture, partnership, or any other similar arrangement between the
parties. No Party is authorized to act as agent for the other Party hereunder except as expressly stated in this Agreement.
15.4 All notices required or permitted under this Agreement will be in writing and will be deemed received when (a) delivered
personally; (b) when sent by e-mail (followed by the actual document in air mail/air courier); (c) three (3) days after having been
sent by registered or certified mail, return receipt requested, postage prepaid (or six (6) days for international mail); or (d) one
(1) day after deposit with a commercial express courier specifying next day delivery or, for international courier packages, two
(2) days after deposit with a commercial express courier specifying 2-day delivery, with written verification of receipt. Unless
otherwise specified, the address of each Party for the purpose of serving notices is as set out above and shall be sent to attention
of the General Counsel of each Party.
15.5 Partner shall not assign or transfer this Agreement or any rights or obligations under this Agreement, without the prior written
consent of Cybereason. Cybereason or any successor may assign or transfer, in whole or in part, any or all of its rights under this
Agreement from time to time (including but not limited to assignment or transfer by way of merger, consolidation or sale of
assets or shares, and assignment or transfer to a third party or to a subsidiary) without the consent of Partner or any End User.
Any assignment or transfer of this Agreement made in contravention of the terms hereof shall be null and void. Subject to the
foregoing, this Agreement shall be binding on and inure to the benefit of the Parties’ respective successors and permitted assigns.
15.6 This Agreement is to be construed in accordance with and governed by the laws of the applicable jurisdiction, as set forth in the
table below (the “Applicable Jurisdiction”) without giving effect to any choice of law rule that would cause the application of the
laws of any other jurisdiction. Any legal suit, action or proceeding arising out of or relating to this Agreement shall be commenced
only in the courts of the Applicable Jurisdiction and each Party hereto irrevocably submits itself to the exclusive jurisdiction and
venue of any such court in any such legal suit, action or proceeding.
Region in which Partner’s Address is Located Applicable Jurisdiction
Europe/Middle East and Africa (EMEA) London, England
Asia/Pacific (APAC) and India (excluding
Japan)
Singapore, Republic of Singapore
North America/Central & Latin America
(NA/CALA)
New York, NY, USA
Japan Tokyo, Japan
IF RELEVANT TO THE APPLICABLE JURISDICTION, EACH PARTY HERETO HEREBY IRREVOCABLY WAIVES, TO THE FULLEST EXTENT
PERMITTED BY APPLICABLE LAW, ANY RIGHT IT MAY HAVE TO A TRIAL BY JURY IN ANY LEGAL SUIT, ACTION OR PROCEEDING
ARISING OUT OF OR RELATING TO THIS AGREEMENT.
15.7 Neither Party shall be responsible for any failure to perform or delay in performance of its obligations (other than payment
obligations) under the Agreement attributable in whole or in part to any cause beyond its reasonable control, including but not
limited to acts of God, government actions, pandemic (other than COVID 19), war, civil disturbance, insurrection, riots, terrorism,
sabotage, labor shortages or disputes, failure or delay in delivery by suppliers or subcontractors, transportation difficulties,
shortage of energy, raw materials or equipment, or the other Party’s fault or negligence or any other force majeure event.
Cybereason Partner Agreement – Online Version- April 2022
15.8 Each of Cybereason’s licensors shall be entitled to enforce, on a non-exclusive basis, the rights of Cybereason under this
Agreement that are for the benefit of such licensor as if such licensor was a party to this Agreement. Cybereason is a third-party
beneficiary of, and is entitled to enforce, any limitations on rights under and use of each Offering sold or otherwise provided by
Partner to any End User. For the avoidance of doubt, this Section does not limit or condition the rights in relation to this
Agreement or any right to enforce the terms hereof, of assignees and transferees permitted under Section 15.5.
15.9 This Agreement, (including each purchase order, each Cybereason quotation document and any documents incorporated herein
or therein by reference such as the relevant Capacity Addendum and the Partner Program), constitutes the entire agreement
between the Parties concerning the subject matter hereof and supersedes all prior communications, transactions, and
understandings, whether oral or written, with respect to the subject matter hereof and constitute the sole and entire agreement
between the parties pertaining to the subject matter hereof. No modification, addition or deletion, or waiver of any of the terms
and conditions of this Agreement shall be binding on either Party unless made in a non-preprinted agreement clearly understood
by both parties to be a modification or waiver, and signed by a duly authorized representative of each Party, provided that the
End User Agreement may be amended, modified or supplemented by Cybereason as provided under Section 1.8.
Cybereason Address for Notice:
as set out in preamble with a copy to:
E-mail: legal@cybereason.com
Partner Address for Notice:
as submitted by Partner to Cybereason upon
registration
Exhibits
Exhibit A – Reseller Partner Capacity Addendum
Exhibit B – MSSP Partner Capacity Addendum
Exhibit C – IR and Advisory Partner Addendum
Exhibit D – Distributor Partner Addendum
Cybereason Partner Agreement – Online Version- April 2022
Exhibit A – Reseller Partner Capacity Addendum
Subject to the provisions of the Partner Agreement between Partner and Cybereason (including this Capacity Addendum and the
provisions of the Partner Program) (the “Agreement”) which are incorporated herein by reference, Cybereason hereby authorizes
Partner to market and promote the Offerings in the Territory and act as a Cybereason reseller to submit Purchase Orders on behalf
of End Users in the Territory for the Offerings and collect the relevant fees payable by such End Users in respect of the Offerings, on
a nonexclusive, non-sublicensable, nontransferable basis, all subject to payment by Partner to Cybereason of the applicable fees
agreed between Cybereason and Partner. The authorization set forth in this Section shall be effective once the Partner is approved
by Cybereason for this specific capacity and has executed the Partner Agreement. Capitalized terms used and not defined in this
Capacity Addendum shall have the meaning ascribed thereto in the Partner Agreement.


1. Subject to and conditioned upon the End User entering into an End User Agreement with Cybereason, the Offering shall include
the number of endpoint installations purchased by the Partner from Cybereason. Partner is obligated, and hereby agrees to
include the following language on any document in which it offers the Offerings to its customers:
“Any use of the Cybereason products and services is subject to and hereby incorporates by reference the
Cybereason Master License and Services Agreement located at https://www.cybereason.com/mlsa and if
applicable the service descriptions located at https://www.cybereason.com/terms/services. Notwithstanding
the foregoing, if you have executed a separate agreement or Statement of Work with Cybereason in
connection with the products and services ordered hereunder, such separate agreement or Statement of Work
will take precedence”


2. Unless otherwise approved by Cybereason in writing or otherwise set forth herein, Partner is not authorized to, and shall not
make any undertakings, warranties or representations with regard to the Offerings beyond those set out in the End User
Agreement.


3. Cybereason shall use commercially reasonable efforts to provide support and maintenance to the End User during the relevant
subscription period in accordance with Cybereason’s support and maintenance policies as set forth in the End User Agreement,
as may be amended from time to time in accordance with the End User Agreement.
Cybereason Partner Agreement – Online Version- April 2022
Exhibit B – MSSP Partner Capacity Addendum
Subject to the provisions of the Partner Agreement between Partner and Cybereason (including this Capacity Addendum and the
provisions of the Partner Program) (the “Agreement”) which are incorporated herein by reference, Cybereason hereby authorizes Partner
to market and promote the Offerings in the Territory on a and act as a managed security services partner in the Territory for the Offerings,
on a nonexclusive, non-sublicensable, non-transferable basis, all subject to payment by Partner to Cybereason of the applicable fees
agreed between Cybereason and Partner. The authorization set forth in this Section shall be effective once the Partner is approved by
Cybereason for this specific capacity and has executed the Partner Agreement. Capitalized terms used and not defined in this Capacity
Addendum shall have the meaning ascribed thereto in the Partner Agreement.


1. Definitions
“MSSP Services” means any of the following services, provided they have been expressly authorized in advance in writing by
Cybereason (i) MSS (managed security services), (ii) MDR (managed detection and response), (iii) DFIR (digital forensics and incident
response), (iv) advisory services (v) any other services which involves deployment and/or support of the Offering by Partner.
“Multi Customer Instance” means a Cybereason SaaS delivered cloud instance that incorporates data from more than one End User.
“Transaction Agreement” means the agreement between Partner and an End-User, under which, among other things, Partner
provides MSSP services to the End-User on a set number of End-User’s endpoints in accordance with this Agreement.


2. Purchase orders
Unless otherwise agreed by Cybereason, the following provisions apply to all purchase orders:
2.1 Purchase Orders Details. Each purchase order must specify as applicable the subscription term, specific Offering, total number
of endpoints and, when the workstation/server ratio set out in Section 2.4 below is exceeded. Without derogating from the
above and as otherwise agreed between the Parties, Cybereason may reject purchase order for any reason, including, without
limitation: (i) the purchase order includes no less than the minimum number of endpoints determined by Cybereason, (ii) the
Purchase Order is for an opportunity that has not been approved by Cybereason.
2.2 Minimum Order Size. Any purchase orders submitted by Partner to Cybereason, and/or sold by Partner to End Users must be
for at least 100 endpoints for any instance which is not a Multi Customer Instance. Any orders for less sensors is subject to
Cybereason’s prior written consent.
2.3 Minimum Order Term. All orders must be for a twelve (12) month minimum (with the exception of pay-as-you-grow (PAYG)
orders for shorter term commitments which are approved by Cybereason). Provided there remains four (4) months of term on
an existing environment, then Partner can co-term additional subscriptions purchased subject to Cybereason’s prior written
consent which shall not be unreasonably withheld.
2.4 Ratio. Workstation-to-server ratio for endpoints is 85:15 per instance (i.e. the number of server endpoints in within 15% of the
total number of endpoints in the order).
2.5 Excess Use. In the event that Partner contracts with an End User for more endpoints than it has purchased from Cybereason (or
from an approved distributor) (“Excess Use”), Cybereason (or the distributor) will invoice Partner for such Excess Use in
accordance with the applicable pricing under the Partner Program. Such Excess Use will be co-termed and pro-rated and paid in
accordance with the provisions of the Agreement.


3. Data Processing
3.1 The Parties agree that to the extent that Cybereason processes any End User personal data pursuant to Partner’s activities
hereunder, then the terms of the Data Processing Agreement set out at https://www.cybereason.com/DPA (“DPA”) shall apply
to such processing, with the understanding that all references to “Customer” in the DPA shall be interpreted and understood to
refer to Partner, and all references to “Agreement” in the DPA shall be interpreted and understood to refer to the Agreement
between Partner and Cybereason. Without derogating from any other provision of the Agreement, Partner undertakes to comply
Cybereason Partner Agreement – Online Version- April 2022
with all applicable laws when processing the End User’s personal data, and will enter a data processing agreement with the End
User for such purpose if and to the extent required under said laws.
3.2 Partner is responsible for ensuring that no reporting or data is shared or otherwise disclosed or accessed by any End User who
does not own the data. Partner is solely responsible for tagging or labeling each End User customer endpoint (including the End
User’s legal entity name and location) and ensuring data grouping and segregation. All data included within a particular instance
will have the same data treatment and retention.


4. End User Agreements
4.1 It is agreed that as a condition for Partner to provide any MSSP Services, there must be either (i) a valid Transaction Agreement
with each End User under which, amongst others, (a) Partner flows down the following provisions of the End User Agreement: 2
(Access and Use Rights), 3 (Restrictions), 6 (Audit), 7 (Data Collection and Use), and 10 (Warranties and Disclaimers) and (b)
stipulates that Cybereason is a third party beneficiary, or (ii) if specifically approved by Cybereason in advance, on a case-by-case
basis, a valid end user license agreement between Cybereason and End User titled ‘MSSP EULA’ to be used for the specific End
User in question for its receipt of MSSP Services.
4.2 Subject to the payment of all applicable fees and compliance with all the other provisions of the Agreement (including this
Capacity Addendum), Partner may use the Offering solely for the purpose of providing the specific MSSP Services agreed between
the Parties in writing (whether in a signed quotation or purchase order), for the internal business purposes of End Users in the
Territory, and for the number of instances, duration, number of endpoints and other criteria so agreed in writing), as well as for
any other MSSP Services that have been approved in accordance with Cybereason’s prior written consent.
4.3 In order to facilitate their collaboration, upon request, Cybereason may agree to make available to Partner certain Offerings for
demonstration and/or evaluation and/or lab testing and/or incident response and/or education and/or training purposes.
Cybereason will advise Partner if any additional fees apply. Any such arrangement is subject to the provisions of Section ‎4.1‎3.1
above, and the evaluation provisions set out in the End User Agreement which shall apply between Cybereason and Partner (and
which Partner shall flow down to the End User).


5. Offering Use
5.1 Remote Access. Partner acknowledges and agrees (and will cause the End-User to acknowledge and agree) that (a) Cybereason
may communicate with the Offerings for reasonable purposes including, (i) verifying credentials; (ii) issuing reports and alerts
such as automated support requests and alert messages; (iii) providing support and maintenance services; (iv) applying policy
and configuration changes; and (v) extracting usage information, service performance information, and infection logs, and b)
such communications do not, in the normal course of business involve the processing of protected health information, financial
data, social security numbers or other sensitive (personal) information. Partner will ensure that the Transaction Agreement
expressly allows Cybereason to exercise its rights pursuant with the foregoing.
5.2 Alert Messages. Upon receipt of any alert messages from Cybereason, Partner will promptly communicate, as appropriate, such
alert messages to its End-Users. Partner acknowledges and agrees that Partner is responsible for checking regularly for alert
messages received from Cybereason and is solely responsible for communicating such alert messages to its End-Users.


6. Reports. Within ten (10) business days of the start of each calendar month (or as mutually agreed), Partner will submit a report to
Cybereason, by enabling automated reporting (where available) or otherwise by submitting a consolidated manual report to
Cybereason in an agreed format. Such report must include the following:
6.1 List of all End-Users including:
a. End-user entity name, and address
b. End-user point of contact
c. Total number of end points contracted and deployed
d. Locations where Cybereason’s Offering has been deployed (City/state/country)
e. Service start date
f. Term of service
g. End point type by count
Cybereason Partner Agreement – Online Version- April 2022
6.2 good faith monthly rolling forecasts of Partner’s anticipated requirements for the Offering in the six-month period following
the date of such forecast.


7. Quality of Service. Partner will cooperate with Cybereason in performing a quality-of-service assessment via Net Promoter Score
Questionnaires (NPS) (or other manner) which may require input and involvement from the End User.


8. PARTNER’S OBLIGATIONS
8.1 Partner’s General Obligations. Partner will at all times:
8.1.1. Prior to providing services to End Users, comply with training and certification requirements as set forth in the Partner
Portal, or as mutually agreed in writing, and will maintain the number and level of resources as required by
Cybereason at all times while providing services;
8.1.2. Ensure that End-Users receive notification of updates and upgrades promptly and in any event within seventy-two
(72) hours following Cybereason making such updates and upgrades available or as otherwise directed by Cybereason;
8.1.3. Except as set forth in Section 8.1.4 below, provide all Level 1 & 2 support to End Users in the manner directed by
Cybereason and ensure that End-Users do not contact Cybereason directly. If End-Users contact Cybereason directly,
they will be re-directed to the Partner. Cybereason will provide Partner with support in the manner described at:
https://nest.cybereason.com/resource-documents/mssp-support-guide, but is not required to provide any support
and maintenance of the Offering to Partner’s End-Users. If Partner fails to provide its End User with adequate support
or fails to manage the security of their End User’s machines and machine networks to the Cybereason’s satisfaction,
Cybereason will have the right, but not the obligation, to step in, contact, and support such End User for the remainder
of the term of the Transaction Agreement at Partner’s sole cost and expense and Partner will ensure that the
Transaction Agreement expressly allow Cybereason to do so;
8.1.4. When the Partner is supporting an End User that has purchased Offerings via a resale order, then Cybereason will
direct partner as to the extent and level of support to be provided by Partner to such End User;
8.2 Marketing. Partner shall use commercially reasonable efforts to promote the sale and distribution of the Offering. Any
marketing materials or documentation developed by or on behalf of Partner in relation to the Offering shall not be distributed
to any third party without Cybereason’s prior approval of the material. Upon approval of the material, Partner shall be able to
distribute material to promote the sale and distribution of the Offering, provided that such material incorporates “Powered by
Cybereason”. Cybereason shall use commercially reasonable efforts to support Partner in its promotional efforts by providing
reasonable marketing, technical, and sales support. Any materials produced by Partner in relation to the Offering must be
approved by Cybereason in advance.


9. PRICING
The prices applicable for the MSSP Offerings are as set out in Cybereason’s partner program or as otherwise provided to Partner,
unless otherwise agreed between the Parties in writing. For purchase orders submitted by MSSP to an authorized distributor, the
fees shall be agreed between Partner and said distributor.


10. TERMINATION.
Subject to the termination provisions of the Agreement, the Parties agree that upon the termination or expiration of the Agreement,
all of Partner’s rights hereunder, including with respect to the Offerings, shall immediately terminate, provided that any End User
which has executed a Transaction Agreement with Partner for use of the Offerings, and for which Partner has paid Cybereason for the
relevant term, may continue to use the Offerings until the end of the paid term (unless termination is due to breach of Section 9 of
the Agreement).


11. GENERAL
Partner’s obligations contained in this Capacity Addendum, shall apply also in the instance in which Partner is submitting orders to
distributors and not directly to Cybereason, except for provisions that are obviously replaced by such arrangement (e.g. payments
terms which are agreed between Partner and the distributor when payment is made by Partner to distributor and not to Cybereason).


Cybereason Partner Agreement – Online Version- April 2022
Exhibit C – IR and Advisory Partner Addendum
Subject to the provisions of the Partner Agreement between Partner and Cybereason (including this Capacity Addendum and the
provisions of the Partner Program) (the “Agreement”) which are incorporated herein by reference, Cybereason hereby authorizes Partner
to act as an Incident Response (“IR”) & Advisory Partner in the Territory on a nonexclusive, non-sublicensable, nontransferable basis.
Pursuant to this authorization, Partner may be allowed to: (a) procure certain Offerings, (b) install such Offerings on its computers and
the computers of Partner’s customers (“IR/Advisory Customers”) who have engaged Partner to (i) provide investigation and incident
response services as a result of security breaches, internal or external threats, or other security incidents, or (ii) provide proactive threat
hunting, breach discovery, and risk assessment services; (c) use such Offerings to provide such services; and (d) if approved by Cybereason,
to permit Partner to leave all or some of the Offerings on IR/Advisory Customer’s endpoints, pursuant to the terms and conditions of the
Cybereason Partner Agreement. The authorization set forth in this Section shall be effective once the Partner is approved by Cybereason
for this specific capacity and has executed the Partner Agreement. Capitalized terms used and not defined in this Capacity Addendum
shall have the meaning ascribed thereto in the Partner Agreement.


1. PROGRAM OVERVIEW AND REQUIREMENTS: In its capacity as an IR & Advisory Partner, and provided Partner maintains the
Conversion Target described below, Cybereason may provide to Partner certain Offerings(s) at no additional cost solely in support of
Partner’s IR and Advisory Services (i.e. a cyber posture assessment, or insurance qualification audit) Customers (“Short-Term Use
Authorization”).


The IR Program is measured on the Partner endpoint conversion rate. The target conversion rate of Short-Term Use Authorization
converted to annual service subscriptions is 33.3% or higher (“Conversion Target”). Performance against the Conversion Target will
be assessed quarterly in arrears, beginning (6) months from the initial contract date, by analyzing the preceding quarter (3) month
period (“Assessment Period”). To count towards the Conversion Target, an IR/Advisory Customer must have issued a purchase order
for annual subscription services for such Offering(s) within six (6) months from the expiration of the Short Term Use Authorization
(“Order Window”). Any purchase made by an IR Customer outside of the Order Window will not count towards the Conversion
Target.
By way of example, if Partner deploys 3 Short Term instances for a total of 45,000 deployed endpoints, then converts 1 of those
IR/Advisory Customers, through MSSP or resale, for a total of 15,000 endpoint annual subscriptions sold within the Order Window,
that is a conversion rate of 33.3%.
If Partner does not meet the Conversion Target on a quarterly basis, Cybereason has the option to terminate the Partner from
the Short Term Authorization Program.


2. ADDITIONAL RIGHTS AND OBLIGATIONS: All use of the Offerings(s) by Partner hereunder is subject to the End User Agreement which
is hereby confirmed accepted by Partner. As a Partner under this Capacity Addendum, Partner is hereby authorized to install and use
the number of Offerings specified on each particular purchase order, solely on behalf of the particular IR/Advisory Customer during
the IR Customer Term (as defined below), or for such term as otherwise expressly permitted by Cybereason in writing in an order.
Partner may not permit an IR/Advisory Customer to use the Offering(s) directly and will be responsible for any use or misuse of such
Offering(s).
Short Term Use Authorizations cannot be provided to the same IR/Advisory Customer business unit more than twice. The parties
acknowledge that Partner's IR/Advisory Customers may have different business units or legal entities, and that independent
engagements by separate business units or entities within the same organization shall not violate the foregoing limitation. The
parties agree to work together in good faith if needed to resolve any discrepancy.


3. TERM AND QUANTITIES. Short Term Use Authorizations shall be made available to Partner for a period of thirty (30) days, or other
mutually agreed upon term and in the quantities agreed by Cybereason in writing (“IR Customer Term”). Any request for an extension
to the IR Customer Term shall be approved by Cybereason and pursuant to the rates and terms in 4(a) and (b) below.
a) Partner may procure additional time to extend the Short Term Period for the fees specified in the IR Partner Program
documentation and/or as agreed by the Parties.
b) The Short Term Use Authorizations are available for up to two (2) monthly paid extensions only, unless additional extensions are
approved by Cybereason in writing.


Cybereason Partner Agreement – Online Version- April 2022


4. RIGHT TO LEAVE OFFERING BEHIND. As of the earlier of the expiration of the IR Customer Term or the conclusion of the Partner’s
engagement for an IR/Advisory Customer, Partner will delete all copies of the Offerings(s) from the IR/Advisory Customer devices,
unless (a) Cybereason has notified Partner in writing that the applicable IR/Advisory Customer has executed a license agreement with
Cybereason for such Offerings(s), (b) Partner has resold the Offering(s) to the IR/Advisory Customer pursuant to the Reseller Capacity
Addendum (which shall already be in place between Cybereason and Partner), (c) Partner has entered into an MSSP relationship with
the IR/Advisory Customer to provide services to IR/Advisory Customer utilizing the Offering(s) and subject to the terms of the MSSP
Capacity Addendum, which shall already be in place between Cybereason and Partner, or (d) if Cybereason otherwise agrees in writing
to allow the Offerings(s) to remain installed.


5. EFFECT OF TERMINATION. Promptly upon expiration or termination of the rights hereunder, Partner shall delete (a) all copies of the
Offering, other than any copy that Partner is permitted to leave installed in accordance with the terms of Section 5 above, and (b) all
related materials. At Cybereason’s request, Partner will provide written certification of such deletion.


6. DISCLAIMER OF WARRANTIES. The Short Term Use Authorizations made available to Partner at no charge are deemed an Optional
Tool pursuant to the terms of the End User Agreement, and therefore subject to the warranties and limits of liability applicable to
Optional Tools.


7. Data Processing. The Parties agree that to the extent that the Cybereason processes any End User personal data pursuant to Partner’s
activities hereunder, then the terms of the Data Processing Agreement set out at https://www.cybereason.com/DPA (“DPA”) shall
apply to such processing, with the understanding that all references to “Customer” in the DPA shall be interpreted and understood
to refer to Partner, and all references to “Agreement” in the DPA shall be interpreted and understood to refer to the Cybereason
Partner Agreement between Partner and Cybereason. Without derogating from any other provision of the Agreement, Partner
undertakes to comply with all applicable laws when processing the End User’s personal data, and will enter a data processing
agreement with the End User for such purpose identifying Cybereason as Partner’s sub processor, if and to the extent required under
said laws.


Cybereason Partner Agreement – Online Version- April 2022
Exhibit D – Distributor Partner Addendum


Subject to the provisions of the Partner Agreement between Partner and Cybereason (including this Capacity Addendum and the
provisions of the Partner Program) (the “Agreement”) which are incorporated herein by reference, Cybereason hereby authorizes
Partner to market and promote the Offerings in the Territory, and act as a Cybereason distributor to submit purchase orders on
behalf of End Users in the Territory for the Offerings, and collect the relevant fees payable by such End Users in respect of the
Offerings, on a nonexclusive, non-sublicensable, nontransferable basis. The authorization set forth in this Section shall be effective
once the Partner is approved by Cybereason for this specific capacity and has executed the Partner Agreement. Capitalized terms
used and not defined in this Capacity Addendum shall have the meaning ascribed thereto in the Partner Agreement


1. In addition to the foregoing appointment, Cybereason hereby authorizes Partner to appoint non-exclusive, authorized resellers
to sell the Offeringsto End-Users in the Territory (“Resellers”) (in the event of a software Offering, such sales shall be of licenses),
provided that (i) Partner ensures that in connection with its general agreements with the Reseller, all such Resellers are legally
bound in writing by substantially similar terms and conditions applicable to Partner under the Agreement (including this Capacity
Addendum, but excluding any right for such Resellers to appoint additional resellers), and (ii) Partner only appoints Resellers that
have been approved in advance by Cybereason; and (iii) Partnershall use its best endeavors to ensure compliance of its Resellers’
acts and omissions with respect to the Cybereason Offerings and all related obligations under their applicable Reseller
agreements, and (iv) Partner continuously monitors its Resellers’ compliance with their contractual obligations (including, inter
alia, compliance with all obligations under Section 9 of the Cybereason Partner Agreement (Compliance with Laws) below, and
(v) Partner includes in each quotation it issues to a Reseller pursuant to this Capacity Addendum (“Distributor Quotation”) a
statement that the transaction under said quotation is subject to and governed by the terms and conditions located at
https://www.cybereason.com/terms-and-conditions/disti-res, and countersignature by Reseller of said quotation and/or
issuance by Reseller of a purchase order to Partner under said quotation (“Reseller PO”) shall constitute Reseller’s acceptance
of said terms and conditions.


2. Partner may appoint Resellers only with prior written approval from Cybereason. Partner must register with Cybereason all
approved and appointed Resellers promptly upon their appointment in the manner instructed by Cybereason. Partner shall not
authorize nor appoint any dealers, representatives, sub-distributors, original equipment manufacturers, value-added
distributors, systems integrators, or other third parties, to market, promote, demonstrate, distribute, or sell Cybereason
Offerings. Except as expressly provided for in writing, Partner shall not rent, issue, auction, sell, assign, use the Offerings for
outsourcing purposes, provide application or Internet service provider’s services or otherwise transfer the Offerings.


3. Cybereason also hereby authorizes Partner to appoint approved Resellers, on a non-exclusive basis, to act as a Cybereason
managed security services provider (MSSP) partner (“MSSP Reseller”) and for Partner to submit purchase orders to Cybereason
for such purpose, subject to the provisions of the Agreement (including this Capacity Addendum) as well as the following
additional provisions:
3.1 Any such MSSP Reseller has first received Cybereason’s prior written approval to act as a Cybereason managed security
services partner and has executed Cybereason’s Partner Agreement which is valid and in effect at the time of submitting such
a purchase order; and
3.2 Any purchase order submitted by Partner to Cybereason for such purpose contains all the details and meets all of MSSP
Reseller’s obligations as set out in the Agreement and the MSSP Capacity Addendum); and
3.3 Cybereason may terminate any such purchase order for managed security products and services submitted hereunder in the
event that the MSSP Reseller is in breach of its obligations under the Agreement.


4. With regard to any supply of the Offerings by Partner to End Users, it is agreed that in addition to the provisions of the Agreement,
the provisions of the Reseller Capacity Addendum shall apply as well.


5. Partner shall neither solicit nor accept purchase orders (i) outside the Territory; (ii) from any Cybereason exclusive account(s);
(iii) from other distributors; (iv) for any services other than from customers who have purchased the Offerings related to such
services through Partner. Furthermore, Partner shall not provide any pricing, financial or other commercial information regarding
the Offerings to any third party that is not a Reseller that has already been approved by Cybereason in writing.


6. Partner agrees that: (i) Partner will use best efforts to promote, market, and sell the Offerings to potential End Users in the
Territory in accordance with the Agreement, this Capacity Addendum and the Partner Program; (ii) Partner will actively recruit
Cybereason Partner Agreement – Online Version- April 2022
and train Resellers to be effective in selling and supporting the Offering(s); (iii) Partner will ensure that Resellers shall solely
determine the price and payment terms for the Offering(s) as between Reseller and the End User; (iv) Partner shall solely
determine the price and payment terms for the Offerings as between Partner and the End User and/or Reseller/MSSP Reseller;
(v) Partner will (a) conduct business in a manner that reflects favorably on the Offerings and the good name, goodwill, and
reputation of Cybereason; (b) not engage in deceptive, misleading, or unethical practices and (c) make no representations or
warranties concerning the capabilities, functionality, performance or other characteristics of the Offerings other than those
which are consistent in all material respects with, and do not expand the scope of the Documentation; (vi) Partner will comply
with all policies and procedures established by Cybereason from time to time regarding the promotion of the Offerings, the
solicitation and/or submission of purchase orders and all other matters related to the distribution of the Offerings; and (vii)
Partner shall not disparage or make any negative comments with respect to Cybereason or the Offerings, as well as Cybereason’s
business and operations.


7. Partner shall use best efforts to accurately explain the Offerings to prospective End Users, and upon request by Cybereason,
Partner shall provide available feedback to Cybereason regarding a prospective End User’s concerns and reactions, if any, relating
to its purchase of any Offerings.


8. Partner shall have access to Cybereason’s generally available online partner product training at no additional charge via
Cybereason’s partner portal.


9. Partner may only provide implementation services for the Offerings if Partner has complied with the requirements of
Cybereason’s partner technical enablement program.


10. Partner must deliver each purchase order to Cybereason within forty-eight (48) hours of Partner’s initial receipt of the purchase
order from End User or Reseller/MSSP Reseller. In addition to the provisions of the main agreement applicable to purchase
orders, it is agreed that each order from Partner to Cybereason shall reference general details of the Distributor Quotation,
including: the date and serial/identifying number of the Distributor Quotation, as well as identifying details for the Reseller and
End User (formal legal name and address of business). Upon Cybereason’s request, Partner will provide Cybereason with a copy
of the relevant Distributor Quotation and the Reseller PO (for the avoidance of doubt, Reseller PO shall be interpreted to include
the purchase order issued by the MSSP Reseller to Partner for MSSP products/services as contemplated above where relevant).