Support & Maintenance

Our Support provides a 8/5, 24/5 or 24/7 service, depending on your SLA Contract. A Service Desk is included, via a web ticketing system, via e-mail or via telephone calls, depending on your Contract. Maintenance service provides documented products updates and patching on monthly basis. Patching is done for bug-fixing with an Update Time from 4 to 48 hours depends on your SLA Contract.

Definitions

Each issue (e.g. incident) that comes into support is assigned one of four priorities, each with its own Service Level Agreement (SLA), which dictates our time goal to respond to and resolve the issue, with some definitions in mind:

  • Priorities

Priority

Incident Type

P1-Urgent

Interruption making a critical functionality inaccessible on a Security Reviewer’s product, causing a severe impact. There is no possible alternative

P2-High

Critical functionality, degraded or unusable on a Security Reviewer’s product, having a severe impact. No acceptable alternative is possible

P3-Normal

Non-critical function or procedure, unusable or hard to use on a Security Reviewer’s product, having a non-critical operational impact. A workaround is available

P4-Low

Procedure unusable, part of a Security Reviewer’s product where a workaround is available or a repair is possible

  • Availability means the schedule of time that Security Reviewer will made staff available to respond to Service Requests or Incidents. All the time are referred to business hours or business days only.

  • Response time is the time elapsed between the Customer is raising a ticket and we first responding to it, assigning the issue. In case of ticketing system is different from ours, Response Time is the time elapsed between the ticket was assigned to us via e-mail and we first responding to it.

  • Update time is defined as the amount of time between when Security Reviewer has all the necessary information and has acknowledged the issue, and informs the Client that it is currently working on it. In case of ticketing system is different from ours, Update Time is the amount of time between the ticket was assigned to us via email, providing all information necessary to open the ticket, and when Security Reviewer actually responds and lets the Customer know they’ve currently working on it. In order to log and track the resolution of Incidents, Security Reviewer expects that Customer will make every attempt possible to:
    a) Verify that the Incident is reproducible on the Supported Platforms for the related Security Reviewer’s product.
    b) Provide information necessary to help Security Reviewer track, prioritize, reproduce, or investigate the incident, such as:

    • Customer name and organization.

    • Provide a full description of the issue and expected results.

    • Categorize issues under “Question Type”.

    • List steps to reproduce the issue and relevant data.

    • Provide exact wording of all issue-related error messages.

  • Resolution time is defined as the amount of time between when Security Reviewer first responds an incident report, confirming the issue and when that problem is actually resolved. For each Incident reported by Customer in accordance with these procedures, Security Reviewer shall:

    • Confirm receipt of the reported Incident within the Update time as listed in the Priorities section.

    • Analyze the Incident and, as applicable, verify the existence of the problem(s) resulting in the Incident, which may include requesting that Customer provides additional information, logs, and re-execution of commands to help identify the root cause and dependencies of the reported issue.

    • Set an updated Priority Level for the Incident, if necessary.

    • Use commercially reasonable efforts to respond to the Incident within the time specified.

    • Give Customer direction and assistance in resolving the Incident.

    • Keep a record of ongoing communications with Customer.

    • Use commercially reasonable efforts to resolve the Incident in accordance with the target Resolution times

    • Upon request of Customer, discuss Priority Level and ongoing communication time frame.

We provide 3 different SLA Contracts:

Standard Support Contract

The Standard Support is always included to provide help regarding purchased Security Reviewer’s product with a valid commercial license or active subscription. We always apply:

  • Priority: All issue are managed as P4

  • Response: 2 Business Days

  • Update: 5 Business days

  • Resolution: 10 Business days

  • Availability: 8/5 via e-mails only (after the ticket was assigned to us in case of external ticketing system)

with products updates and patching on monthly basis, always accompanied by related technical documentation.

The Service Desk maintains regular business hours of 9 AM to 6 PM CET, Monday through Friday. Tickets and emails will be responded only during these hours.

The default SLA time zone will be CET only.

Gold Support Contract (8/5)

The Gold Support enhance the Standard Support Contract with better Update time and Resolution time, for every purchased Security Reviewer’s product with a valid commercial license or active subscription:

Priority

Response

Update

Resolution

P1-Urgent

2 (two) hours

8 (eight) hours

8 (four) hours.
Direct call available.

P2-High

4 (four) hours

8 (eight) hours

8 (eight) hours

P3-Normal

4 (four) hours

2 (two) days

2 (two) days

P4-Low

8 (eight) hours

2 (two) days

5 (five) days

Availability: The Service Desk maintains regular business hours of 9 AM to 6 PM depending on SLA time zone, Monday through Friday. Tickets and calls will be responded to only during these hours.

The default SLA time zone will be only one, declared by the Customer inside the Contract, with CET as default.

Platinum Support Contract (24/5)

Platinum Support augments the underlying Standard Support purchased with your product license, by providing named and dedicated support experts that understand your business — helping you to optimize even the most complex hybrid software environments and resolve issues quickly if they arise.

Priority

Response

Update

Resolution

P1-Urgent

1 (one) hour

2 (hours) hours

4 (four) hours.
Direct call available.

P2-High

1 (one) hour

4 (four) hours

8 (eight) hours

P3-Normal

2 (two) hours

8 (eight) hours

8 (eight) hours

P4-Low

4 (four) hours

8 (eight) hours

2 (two) days

Availability: The Service Desk maintains H24 availability, Monday through Friday. Tickets and calls will be responded H24, depending on above priority levels (P1 to P4). Tickets and calls will be responded to only such days.

In case of multi-national Customer, the default SLA time zones will be maximum 2, declared by the Customer inside the Contract.

24/7 Support

An extension of Platinum Support Contract to 24/7 is available and must be purchased separately, with an additional fee.

Maintenance

“Maintenance” means the provision of any Releases or Workarounds to correct faults and to improve performance that are made generally available by Security Reviewer to Customers.

In case of request of implementation of new programming languages for the scans, not included at the Purchase Order time, this will be developed and released to the Customer with no additional fee.

A Release can be Major, Minor or Patch, based on the type of the changes introduced:

  • Major Release means a specific edition of the Licensed Product that contains major functionality changes. Indicates a very large change in the core package. Rewrites or major milestones. API changes which are not backwards-compatible. The content and timing of all Major Releases will be determined by Security Reviewer in its sole discretion.

  • Minor Release means a specific edition of the Licensed Product that introduce new features or significant changes in functionality, in a backwards-compatible manner. The content and timing of all Minor Releases will be determined by Security Reviewer in its sole discretion.

  • Patch means bug fixes, security releases, error correction or change in operating procedures whereby the Licensed Product is made functional so that Customer can continue to use it. Security Reviewer may provide Patching or workarounds for a release to resolve a Service Issue for up to twelve (12) months after the earlier of the date the subsequent Release is first made commercially available, and the date the current Release is no longer made available as a commercial offering by Security Reviewer. After such twelve (12) month period, Security Reviewer is not obligated to provide Patching but will support Customer’s update of the Licensed Product to the latest Release. Where Patching are to be delivered to resolve a Service Issue, Security Reviewer will provide Customer with a single copy of a Workaround on suitable media or shall make available the applicable Workaround for download by Customer from Security Reviewer’ website.

Versioning

Our release numbering convention follows the guidelines of Semantic Versioning. Given a version number Major.Minor.Patch and an optional Suffix (e.g. 1.3.0-rc.1):

  • Major - signified by version changes to the left of the decimal point (e.g. 2.0.0 → 3.0.0) following the product name.

  • Minor - signified by version changes to the right of the decimal point (e.g. 3.1.0 → 3.2.0) following the product name.

  • Patch - signified by incremental number after the second point (e.g. 3.2.1 → 3.2.2)

  • Suffix - Optional, indicates a development release (e.g. 3.2.3-a.1 → 3.2.3-a.2).

    • aN or alpha.N for alpha releases,

    • bN or beta.N for beta releases, or

    • rcN or rc.N for release candidates.

    Absence of suffix indicates a stable release.

Support & Maintenance Exclude

  • Training for Security Reviewer’s products;

  • Customers who do not have a valid and current license or active subscription of Security Reviewer’s products;

  • Support related to non-Security Reviewer’s products;

  • Support related to Security Reviewer’s products that have been retired;

  • Support for custom scripts written by Customers and used in Security Reviewer’s products;

  • Beta or Development releases of Security Reviewer’s products;

  • Software that is used on or in conjunction with hardware or software other than as specified in the applicable Documentation;

  • Altered or modified Security Reviewer’s products;

  • Defects in the Security Reviewer’s products due to accident, hardware malfunction, abuse or improper use.

Extended Support Addon (ESA)

If you want to keep a specific version of a licensed product and extend the support beyond the end of the Support and Maintenance period, you can purchase annual packages that allow you to continue to take advantage of the support service via Service Desk and Software updates related to minor releases and bug fixing. Ask to your Reseller if you are interested to buy the ESA.

Warranty

Once purchased, our software will be Supported and Maintained for all the period of time covered by the contract. The software must to be always updated to the latest version and the security and bugfix patches released by Security Reviewer must to be applied by the Customer. Visit Product Version Life Cycle page for further information.

In case of contracts regarding three years or more, we guarantee to do not dismiss the purchased product(s) for a period of 5 years after the contract expiration. Of course an additional fee for Extended Support Addon (ESA) must be paid during all those 5 extra-contract years.

COPYRIGHT (C) 2015-2024 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.