Managed Security (Webroot)

Webroot antivirus software licenses and agents are deployed on all in scope workstations and servers.

Webroot generated alerts for detected infections are monitored, and identified threats are triaged in accordance with the capabilities of the platform.

Upon detection of a virus, malware, or malicious code, services include:

• Notification of detected security incidents, including the affected device or devices and the nature of the threat as reported by the Webroot platform
• Review of available alerts, logs, and telemetry surfaced by Webroot to assess the presence and status of the detected threat
• This review is limited to information provided by the antivirus solution and does not include forensic analysis, threat hunting, or determination of data exfiltration or lateral movement
• Note: Remediation of detected threats, including removal of infected files, device isolation, neutralization of malicious processes, or application of security patches, is outside the scope of this service.
• Findings may be communicated along with guidance on recommended next steps. Remediation actions remain the responsibility of the client unless separately engaged.
• Organizations seeking proactive endpoint threat response and remediation may consider an upgrade to Managed Security Services, which includes advanced endpoint protection through SentinelOne.