...
As a security best practice Armor will not have direct access to your environment beyond the permission set required to deploy and maintain the portions of the solution for which Armor is responsible. Armor will provide support and guidance, working with you and relevant vendors to ensure you’re enabled to manage the portions of the solution for which you’re responsible.
Armor’s Responsibilities
Armor is responsible for providing the Infrastructure-as-Code (IaC) reference architecture and solution templates that can be used to deploy and update the solution stack, ensuring that they comply with current best practice standards. This includes:
...
Once the solution is fully deployed and alerts begin to be emitted that require investigation, it is Armor’s responsibility to triage and investigate those alerts. Armor will follow our Incident Response Plan (IRP) and do so within our Service Level Agreement (SLA). Armor will provide detection, investigation, mitigation and remediation guidance, and strategies for improving your security posture. Implementation of guidance and suggestions is the responsibility of the customer (see below).
Customer’s Responsibilities
As our customer, it is your responsibility to ensure the devices that Armor is monitoring are properly sending logs and events to our the XDR+SOC platform. This includes:
...
Furthermore, once Armor has triaged and investigated an incident, we will provide mitigation and remediation guidance, as well as suggestions of strategies to help improve your security posture. Because Armor’s concrete experience with your specific infrastructure and devices is limited, and as a security principle Armor will not have direct access to your environment, the responsibility of implementing such guidance and suggestions is yours.
Shared Responsibilities
Customers may choose to have Armor manage the deployment and maintenance of the XDR+SOC stack, or may choose to deploy and manage it themselves (most commonly this is to integrate with an existing CI/CD and infrastructure-as-code pipeline). Segmentation of responsibilities varies based on this choice – where the following items are the responsibility of the party who owns deployment and management of the stack:
...