A case study on AI warranty

AI cyber attack detection company guarantees that it will detect at least 85% of cyber attacks

Disclaimer: This is an illustrative, simplified version of an AI Performance warranty contract for a fictitious company named Acme AI.

About the Company

Acme AI provides an AI-driven cybersecurity platform aimed at detecting and responding to sophisticated cyber threats in real-time. Besides early identification of cyber threats and their effective prioritization, they also evaluate attack progressions to better anticipate and respond to emerging threats.

AI Use Case

Acme’s AI cyber attack detection platform evaluates threats across hybrid and multi-cloud infrastructures in real-time. These identified threats are enriched with contextual information to differentiate between malicious and benign activities and detect real attacks.

AI Warranty Contract

Scope of warranty

Acme promises that its AI cyber attack detection platform will:

  • detect at least 85% of cyber attacks defined in MITRE ATT&CK, the public knowledge base of adversarial techniques
  • false alerts will not constitute more than 1% of total alerts every quarter

Payout Structure

If Acme fails to meet the defined Scope of Warranty, Acme’s customer will be compensated as follows:

Payout per missed cyber attack = 5 * Service fee charged by Acme to its customer
Payout per false alert = 3 * Service fee charged by Acme to its customer

Exclusions

The guarantee does not apply if:

  • Cyber attack occurs originates from an unmonitored channel. For example, attack originates due to an adversarial technique not listed on MITRE ATT&CK
  • Underperformance occurs during the trial period of the Enterprise service plan

Claims Process

In the event of underperformance, Acme’s customer shall notify either Adri AI or the AI provider, no later than 30 days after the interview was conducted. This notification should be accompanied by sufficient supporting evidence.

A good faith judgment will be made to decide if the warranty applies to the submitted claim. If the claim is validated, the customer will be compensated as defined in the Payout structure.

Obligations of AI vendor's customer

Acme’s customer must use the AI cyber attack detection platform in standard settings and only for the use cases stipulated in the service contract.

Definitions

  • "Customer" refers to the organization that has purchased Acme’s Enterprise service plan.
  • “Underperformance” is said to have occurred if the Scope of Warranty is not fulfilled.
Share article