Service Level Agreement (SLA)
What is Service Level Agreement (SLA)?
Service Level Agreement (SLA)A formal contract that defines the expected level of service between a provider and its customer, including measurable performance and security commitments.
An SLA codifies the targets a service provider must meet — uptime, response time, resolution time, security event handling, data-protection commitments — together with reporting, escalation paths and penalties for breach. In security operations, SLAs commonly cover SOC alert acknowledgement, incident response start, MTTC and MTTR per severity, patch windows for critical CVEs and notification deadlines required by regulations. SLAs depend on underlying OLAs with internal teams and UCs with sub-suppliers. Well-designed SLAs are measurable, regularly reported, aligned with business priorities, and revised as threat landscapes and service usage evolve.
● Examples
- 01
An MDR provider committing to acknowledge critical alerts within 15 minutes and start response within 30 minutes.
- 02
A cloud provider's SLA guaranteeing 99.99% monthly availability with service credits if missed.
● Frequently asked questions
What is Service Level Agreement (SLA)?
A formal contract that defines the expected level of service between a provider and its customer, including measurable performance and security commitments. It belongs to the Defense & Operations category of cybersecurity.
What does Service Level Agreement (SLA) mean?
A formal contract that defines the expected level of service between a provider and its customer, including measurable performance and security commitments.
How do you defend against Service Level Agreement (SLA)?
Defences for Service Level Agreement (SLA) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Service Level Agreement (SLA)?
Common alternative names include: Service-level contract, SLA contract.