IMPORTANT NOTICE: PLEASE READ THE FOLLOWING TERMS BEFORE DOWNLOADING AND OPERATING INTELLIGENCE-DIRECTED DYNAMIC APPLICATION SECURITY TESTING (“IDD”), AS APPLICABLE TO THE LICENSE AND USE OF SUCH SOFTWARE.
This End-User License Agreement (“EULA”) is solely between NTT Security AppSec Solutions Inc. dba WhiteHat Security (“WhiteHat”) and the User (“You” or “you”) and governs your Use of all versions of the IDD software (collectively “Software”). If you are accepting this EULA on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to the terms of this EULA, and, in such event, “you” and “your” will refer to that company or other legal entity. If you do not have such authority, do not accept this EULA and do not Use the Software. “Use”, “Using”, or “Used” means to directly or indirectly activate the processing capabilities of the Software, load, execute, access, utilize, store, employ the Software, content, or display information resulting from such capabilities. “User” means the individual or individuals whom you designate to Use the Software and for whom you have paid the applicable fees (if any). “Application” means a computer program accessible over the Internet. “API” means an application programing interface web service that is accessed via a URL, and is described using the web services description language (WSDL) (limited to simple object access protocol (SOAP) or hypertext transfer protocol (HTTP)) or a representational state transfer (RESTful) API (limited to HTTP). “Report” means the (a) data reports (including the underlying data) generated as a result of a Test (defined below) that contain the results of such Test or (b) remedial measures (including source code) recommended by WhiteHat related to a Test.
BY DOWNLOADING, INSTALLING, OR USING THE SOFTWARE ON ANY COMPUTER SYSTEM, OR BY ACCEPTING THIS EULA (EITHER BY CLICKING A BOX INDICATING THAT YOU ACCEPT THIS EULA, OR BY EXECUTING AN ORDER REFERENCING THIS EULA), YOU INDICATE YOU HAVE READ, UNDERSTOOD AND AGREED TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS EULA. IF YOU DO NOT AGREE WITH ALL OF THE TERMS, CONDITIONS AND LIMITATIONS OF THIS EULA YOU ARE NOT AUTHORIZED TO DOWNLOAD, INSTALL OR USE THE SOFTWARE.
During the Term, WhiteHat grants you a revocable, non-exclusive, non-transferable, non-sublicensable limited license (the “License”) to install and Use the Software on a single device or on multiple devices owned and controlled by you, and to access and Use the Software to perform a test (each, a “Test”) on an unlimited number of Applications and/or APIs on such device(s) strictly in accordance with the terms and conditions of this EULA and any service agreement associated with your device(s). WhiteHat reserves the right to modify the terms of this EULA at its sole discretion. Please note that any data created as a result of the use of this software application may be accessible and/or viewable by Postman or other third parties. WhiteHat is not responsible for the security of any such data.
You agree that WhiteHat may collect and use technical data and related information including but not limited to technical information about your device, system and application software, and peripherals that are gathered to facilitate the provision of software updates, product support, and other services to you (if any) related to the Software. WhiteHat may use this information for the purpose of improving its products and/or to provide services or technologies to you.
WhiteHat Security is offering an integration between Intelligence Directed DAST and the Postman platform. With such integration, vulnerability data generated by Intelligence Directed DAST will be accessible within the Postman platform, at which point such data is outside the scope and control of WhiteHat Security. All data accessible within the Postman platform generated by the use of Intelligence-Directed DAST or any other WhiteHat Security offerings are subject to the terms and conditions mutually agreed upon by the applicable user and Postman, Inc. WhiteHat Security is not responsible for, nor does it offer any warranties, or guarantees with respect to how Postman, Inc. makes use of any and all data accessible to it as a part of this integration.
Except for the License set out in this EULA, WhiteHat grants you no other license or right in the Software. Your License for the Software will end when this EULA is either terminated or expires (as set forth below) even if there are terms to the contrary set out elsewhere in this EULA or in other documentation entered into between WhiteHat and you.
You acknowledge and agree that: (a) it is your sole responsibility to update and maintain the Application or API on which you Use the Software to perform a Test, including without limitation, fixing any security vulnerabilities revealed by such Test and the associated Reports; (b) the Reports are not guaranteed by WhiteHat to show all vulnerabilities in the Application and/or API; (c) it is your sole responsibility to test, vet and confirm that any proposed remedial measures referenced in the Reports or otherwise recommended by WhiteHat to you are appropriate for your purposes before implementing such measures; and (d) your Use of the Software to test an Application and/or API does not render or guarantee that such Application and/or API will be invulnerable or free from unauthorized access. You further acknowledge and agree that you are responsible for providing all applicable configuration data needed to Use the Software. Failure to provide configuration data does not release you from any responsibility set forth in this EULA. You acknowledge and agree that your and your Users’ Use of the Software is dependent upon access to telecommunications and Internet services. You shall be solely responsible for acquiring and maintaining all such telecommunications and Internet services and other hardware and software required for your access and Use of the Software, including, without limitation, any and all costs, fees, expenses, and taxes of any kind related to the foregoing. WhiteHat shall not be responsible for any loss or corruption of data, lost communications, or any other loss or damage of any kind arising from any such telecommunications and Internet services.
You shall not: (a) copy or otherwise reproduce, whether in whole or in part, the source code or binaries of the Software; (b) decompile, decode, disassemble, de-obfuscate, reverse engineer, unlock, attempt to derive/reconstruct/discover the algorithms, underlying ideas, source code or binaries of, or decrypt the Software; (c) make any modification, adaption, improvement, enhancement, translation or derivative work from the Software; (d) violate any applicable laws, rules, regulations in connection with your access or Use of the Software; (e) Use (or allow to be Used) the Software for any unlawful purposes, particularly as the Software contains functionality that can be Used to attack and compromise computer systems, and you shall be responsible for all losses, costs, liabilities or other damages incurred by WhiteHat in connection with any claim by a third party in connection with a breach by you of this obligation; (f) remove, alter, modify, the whole or any part of the Software, nor permit the Software or any part of it to be combined with, or become incorporated in, any other programs; (g) remove, alter, or obscure any product identification or proprietary notice including any notice of copyright or trademark of WhiteHat or its affiliates, partners, suppliers or the licensors of the Software; (h) re-sell, lease, sublicense, rent, loan, distribute, market, or commercialize the Software for any purpose; (i) use any proprietary information or interfaces of WhiteHat or other intellectual property of WhiteHat in the design, development, manufacture, licensing or distribution of any software, applications, accessories or devices for Use with the Software; (j) introduce any malicious code, virus, malware, or any other material that disrupts, slows down or causes the Software to malfunction; (k) Use the Software for any competitive purpose or publicly disseminate performance information or analysis including, without limitation, benchmarks.
The Software includes certain free, open source software (“OSS“) and third-party software (“Third-party Software”) that is provided with the Software. WhiteHat may provide certain notices to you in readmes or notice files embedded in the Software in connection with such OSS or Third-party Software. To the extent such OSS or Third-party Software licenses expressly supersede the terms of this EULA, such licenses govern your use of the modules licensed to WhiteHat under such licenses.
Each of the parties reserves all rights not expressly granted in this EULA and no licenses are granted by either party under the terms and conditions of this EULA except as set forth herein. You acknowledge and agree that WhiteHat and its licensors have and retain all legal right, title and interest in (a) the Software (including but not limited to any ideas, concepts, inventions, systems, platforms, interfaces, tools, utilities, user interface, algorithms, logic, formula, scripts, work flows, processes, software, methodologies, databases, know-how, trade secrets and other technology and information including any and all intellectual property rights that exist therein, whether registered or not, and wherever in the world they may exist), including any modifications or improvements thereof and (b) all data generated as a result of a Test (including but not limited to the Reports). In addition, WhiteHat hereby grants you a non-exclusive, irrevocable, perpetual, royalty free right and license to use the WhiteHat intellectual property contained in any Reports generated as a result of a Test.
You and WhiteHat acknowledge and agree that, in the event of a third-party claim that the Software or your Application and/or API, or your possession or Use of the Software infringes any third-party’s intellectual property rights, you (and not WhiteHat) will be responsible for the investigation, defense, settlement and discharge of any such claim of intellectual property infringement.
Unless otherwise agreed to between you and WhiteHat in writing, this EULA (and the License granted to you herein) shall commence as of the date you accept the terms and conditions of this EULA and shall continue until 11:59 pm pacific time, September 1, 2021 (the “Term”) unless earlier terminated by WhiteHat as described herein. WhiteHat may, in its sole and absolute discretion, at any time and for any or no reason, suspend or terminate the terms and conditions of this EULA and the License and the rights afforded to you hereunder with or without prior notice. Furthermore, if you fail to comply with any terms and conditions of this EULA, then this EULA (and the License) and any rights afforded to you thereby shall terminate automatically, without any notice or other action by WhiteHat. Upon termination of this EULA and the License, you shall cease all Use of the Software and uninstall the Software from all your devices. For the avoidance of doubt, any termination or expiration of this EULA will automatically result in the termination or expiration of the License granted hereunder, as applicable.
By virtue of this EULA, the parties hereto may have access to each other’s Confidential Information. “Confidential Information,” as used in this EULA, means any written, machine-reproducible and/or visual materials that are clearly labeled as proprietary, confidential, or with words of similar meaning, and all information that is orally or visually disclosed, if not so marked, if it is identified as proprietary or confidential at the time of its disclosure or in a writing provided within thirty (30) days after disclosure, or where the nature of such information or the circumstances in which it was supplied imply that it should be treated as confidential. Confidential Information does not include information that: (a) is now, or hereafter becomes, through no act or failure to act on the part of the receiving party, generally known or available to the public; (b) was acquired by the receiving party before receiving such information from the disclosing party and without restriction as to use or disclosure; (c) is hereafter rightfully furnished to the receiving party by a third party, without restriction as to use or disclosure; or (d) is information which the receiving party can document was independently developed by the receiving party without use of the disclosing party’s Confidential Information.
Neither party shall disclose any of the other party’s Confidential Information to any third party or use such Confidential Information for any purpose other than to (i) perform its obligations or exercise its rights under this EULA or as otherwise required by law. Each party shall use the same measures to protect the Confidential Information of the other party as it uses with respect to its own confidential information of like importance, but in no event shall it use less than reasonable care, including, instructing its employees, vendors, agents, consultants and independent contractors of the foregoing and requiring them to be bound by appropriate confidentiality agreements. If a party is required to disclose by law Confidential Information of the other party, such party shall use best efforts to give the other party reasonable advance notice of such required disclosure. Upon termination or expiration of this EULA the receiving party will promptly return to the disclosing party or destroy, at the disclosing party’s option, all tangible items containing or consisting of the disclosing party’s Confidential Information.
YOU EXPRESSLY UNDERSTAND AND AGREE THAT YOUR USE OF THE SOFTWARE IS AT YOUR SOLE RISK AND THAT THE SOFTWARE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO ANY WARRANTY OF NONINFRINGEMENT, TITLE, FUNCTIONALITY, MERCHANTABILITY OR FITNESS FOR PURPOSE. YOU MAY HAVE OTHER STATUTORY RIGHTS, BUT THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, SHALL BE LIMITED TO THE SHORTEST PERIOD PERMITTED BY LAW. WHITEHAT DOES NOT WARRANT THAT THE PRODUCT WILL MEET YOUR REQUIREMENTS OR THAT ITS OPERATION WILL BE SECURE, ERROR FREE, VIRUS FREE OR UNINTERRUPTED, THAT ANY STORED DATA WILL BE ACCURATE OR RELIABLE, OR THAT ANY STORED DATA WILL NOT BE LOST OR CORRUPTED, OR THAT IT WILL BE ABLE TO RECTIFY OR REMEDY ANY ERRORS OR DEFECT.
YOU HAVE CHOSEN TO USE THE SOFTWARE OF YOUR OWN VOLITION AND WHITEHAT BEARS NO RESPONSIBILITY AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE. WHITEHAT WILL NOT UNDER ANY CIRCUMSTANCE BE RESPONSIBLE FOR LOSS OF ANY DATA WHETHER FROM YOUR COMPUTER OR ANY SERVER, DUE TO USE OF THE SOFTWARE. FURTHER, YOU ACKNOWLEDGE AND AGREE THAT THE SOFTWARE IS NOT CURRENTLY AVAILABLE IN A PRODUCTION SAFE MODE AND WHITEHAT MAKES NO GUARANTEES ABOUT THE SAFETY OF AN APPLICATION OR API TESTED BY YOU USING THE SOFTWARE OR THE ACCURACY OF ANY ASSOCIATED RESULTS. NOTHING IN THIS EULA WILL OBLIGATE WHITEHAT TO COMMERCIALLY RELEASE THE SOFTWARE, OR TO OFFER YOU THE FEATURES AND FUNCTIONALITY OF THE SOFTWARE AFTER THE TERM, WHETHER AT NO COST OR AT A CHARGE.
WHITEHAT HAS NO CONTROL OVER THE CONTENT UPLOADED OR GENERATED BY YOU IN YOUR USE OF THE SOFTWARE. WHITEHAT UNDERTAKES NO RESPONSIBILITY FOR ANY LOSS THAT YOU OR ANY OTHER PERSON MAY SUFFER DUE TO ANY CONTENT UPLOADED OR GENERATED BY YOUR USE OF THE SOFTWARE. WHITEHAT HAS NO CONTROL OVER THE USE THAT ANY THIRD-PARTY MAY PUT TO ANY CONTENT THAT IS SHARED (INTENTIONALLY OR UNINTENTIONALLY) BY YOU ON THE SOFTWARE. WHITEHAT ASSUMES NO RESPONSIBILITY FOR ANY LOSS THAT YOU OR ANY THIRD-PARTY MAY SUFFER DUE TO ANY CONTENT SHARED (INTENTIONALLY OR UNINTENTIONALLY) BY YOU USING THE SOFTWARE.
WHITEHAT SHALL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES OR OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS OR OTHER SYSTEMS OUTSIDE WHITEHAT’S REASONABLE CONTROL.
UNDER NO CIRCUMSTANCES, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, OR OTHERWISE), SHALL WHITEHAT OR ITS AFFILIATES, PARTNERS, SUPPLIERS OR LICENSORS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES ARISING OUT OF OR IN CONNECTION WITH YOUR ACCESS OR USE OF OR INABILITY TO ACCESS OR USE THE SOFTWARE OR ANY THIRD-PARTY CONTENT AND SERVICES, WHETHER OR NOT THE DAMAGES WERE FORESEEABLE AND EVEN IF WHITEHAT OR ONE OF ITS LICENSORS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL WHITEHAT’S (OR ITS AFFILIATES, PARTNERS, SUPPLIERS OR LICENSORS) TOTAL LIABILITY TO YOU FOR ALL DAMAGES (OTHER THAN AS MAY BE REQUIRED BY APPLICABLE LAW IN CASES INVOLVING PERSONAL INJURY) EXCEED THE AMOUNT OF FIFTY DOLLARS ($50.00). THE FOREGOING LIMITATIONS WILL APPLY EVEN IF THE ABOVE STATED REMEDY FAILS OF ITS ESSENTIAL PURPOSE.
Neither this EULA nor the licenses granted hereunder are assignable or transferable by you (and any attempt to do so shall be void). WhiteHat may freely assign, delegate, license and/or transfer this EULA, in whole or in part, without consent. This EULA shall be deemed to have been made in, and shall be construed pursuant to the laws of the State of California and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods or the Uniform Computer Information Transactions Act. Subject to the foregoing, the provisions hereof are for the benefit of the parties only and not for any other person or entity. The parties are independent contractors, and neither party will have the power to bind the other or incur obligations on the other’s behalf without such other party’s prior written consent. Any notice, report, approval, authorization, agreement or consent required or permitted hereunder shall be in writing; notices shall be sent to the address the applicable party has or may provide by written notice or, if there is no such address, the most recent address the party giving notice can locate using reasonable efforts. No failure or delay in exercising any right hereunder will operate as a waiver thereof, nor will any partial exercise of any right or power hereunder preclude further exercise. If any provision shall be adjudged by any court of competent jurisdiction to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this EULA shall otherwise remain in full force and effect and enforceable. The provisions of this EULA that by their nature are intended to survive termination or expiration of this EULA shall so survive. This is the complete and exclusive statement of the mutual understanding of the parties with respect to the License granted herein and supersedes and cancels all previous written and oral agreements and communications relating to such License and any waivers or amendments shall be effective only if executed in writing by the affected parties; however, any pre-printed or standard terms of any purchase order, confirmation, or similar form, unless signed by WhiteHat after the effectiveness hereof, shall have no force or effect. The substantially prevailing party in any action to enforce the terms of this EULA will be entitled to recover its attorney’s fees and costs in connection with such action.