Directed Remediation Terms

WhiteHat Security, Inc.

Directed Remediation Terms

February 2017

 

By selecting to enable WhiteHat’s “Directed Remediation” feature for creating and offering customized and targeted code patches (which may remove, inject, and/or alter sections of code) that Customer may elect to download and incorporate into Customer’s Source Application (each, a “Remediation Patch”) (along with related libraries that Remediation Patches may link to (each, a “Remediation Dependency”) as applicable) to address vulnerabilities identified in Customer’s Source Application during the performance of the Service (as defined below), you acknowledge and agree on behalf of Customer that:

 

WhiteHat is granted a worldwide, fully paid-up license, during the term of Customer’s license to WhiteHat’s Sentinel Source service (“Service”), to make a copy of Customer’s Source Application and to develop Remediation Patches for identified vulnerabilities.  If Customer does not own the Source Application that is under WhiteHat’s Sentinel Source service, Customer represents and warrants that it has the authority to permit such copy to be made and such development to be done.  For clarity, WhiteHat does not claim any ownership or any other rights in or to any altered aspects of Customer’s Source Application that result from Customer’s application and use of any Remediation Patch or Remediation Dependency. 

 

Subject to the terms of the master agreement between WhiteHat and Customer, Customer is granted a worldwide, nontransferable, nonsublicensable, fully paid-up license, during the term of Customer’s license to WhiteHat’s Sentinel Source service, to use the Directed Remediation feature for Customer’s internal purposes.  Subject to the terms of the master agreement between WhiteHat and Customer, Customer is granted a worldwide, perpetual, fully paid-up license to copy, incorporate, and use any Remediation Patch or any Remediation Dependency for Customer’s internal purposes (i.e. no resale), solely in connection with the referenced Source Application.  For clarity, WhiteHat retains all ownership and other rights in and to the Directed Remediation feature, any Remediation Patch, and any Remediation Dependency. 

 

Any representations and warranties made by WhiteHat concerning the Services, and any indemnification or any information security obligation of WhiteHat concerning the Services, do not apply to the Directed Remediation feature, any Remediation Patch, or any Remediation Dependency.  It is Customer’s sole responsibility to test, vet, and confirm that any Remediation Patch and any Remediation Dependency are appropriate for Customer’s purposes.  Customer’s use of the Directed Remediation feature, any Remediation Patch, or any Remediation Dependency does not render or guarantee that the Source Application will be invulnerable or free from unauthorized access.