Datto EDR scope of support

Scope of support

Datto Technical Support investigates and addresses issues related to the functionality and operation of the Datto EDR product. Support responsibilities include the following:

Troubleshooting product errors or faults that impact Datto EDR operation.
Escalating requests for rule or detection changes when appropriate.
Verifying that Datto-provided detection rules or extensions are functioning as expected within the platform.
Confirming expected product behavior based on documented features, supported configurations, and workflows.
Explaining how policy settings and rules function within Datto EDR.

Datto Technical Support can assist in determining whether the Datto EDR platform is functioning as designed.

Limits of support

Due to the wide variety of custom rules and extensions that can be developed on the Datto EDR platform and their environment-specific nature, Datto Technical Support cannot assist with creating or troubleshooting customer-developed rules or extensions.

IMPORTANT Extensions are executable files that run with administrative privileges. Treat extensions with the same caution as any command executed with administrative privileges. You must fully test any custom extensions and verify the trustworthiness of their source before deployment.

In addition, Datto Technical Support does not provide the following services:

Investigation or analysis of attack origination.
Review of logs to determine lateral movement.
Full incident response or remediation services.
Root-cause analysis beyond data available within the Datto EDR platform.
Threat hunting across the customer environment.
Creation of remediation or cleanup scripts.
Cleanup of compromised infrastructure.
Legal, regulatory, or compliance reporting.
Troubleshooting Microsoft Defender Antivirus conflicts beyond documented compatibility.
Threat containment, eradication, or remediation activities outside of Datto EDR provided functionality.
Digital forensic analysis of endpoints, logs, alerts, or security events.
Validation or investigation of findings generated by third-party security tools or services.
Security advisory opinions regarding breach scope, impact, or root cause.
Guidance or recommendations for configuring the platform within a partner’s environment.
Recommendations for policy configurations.

Policy management must be performed from a single source. If Datto EDR is the policy source, Technical Support can explain platform functionality and troubleshoot Datto EDR policies only.

Revision	Date
Global revision.	3/17/26

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.