WhiteHat Scout

Terms & Conditions

WhiteHat Security, Inc.

WhiteHat Scout – Service Terms

September 2017

These WhiteHat Security, Inc. (“WhiteHat”) Service Terms (“Service Terms”) apply to the Services you (“You” or “Your”) will receive from WhiteHat directly or through its authorized reseller / partner. For the purpose of these Service Terms, “Services” or “Scout Services” shall mean the application security testing, vulnerability management and benchmarking, and related services (including associated software and access to WhiteHat’s hosted software application) provided with the WhiteHat Scout software as a service application. If You are accepting these Service Terms on behalf of a company or other legal entity, You represent and warrant that You have the authority to bind that company or other legal entity (the “Customer”) to these Service Terms, and, in such event, “You” and/or “Your” will refer to the Customer.

 

YOU ACKNOWLEDGE AND AGREE THAT YOU HAVE READ, UNDERSTOOD AND AGREED TO THE TERMS AND CONDITIONS OF THESE SERVICE TERMS AND YOUR USE OF THE SERVICES IS SUBJECT TO THESE SERVICE TERMS. IF YOU DO NOT AGREE WITH ALL THE TERMS, CONDITIONS AND LIMITATIONS OF THESE SERVICE TERMS, YOU ARE NOT AUTHORIZED TO RECEIVE THE SERVICES. WRITTEN APPROVAL IS NOT A PREREQUISITE TO THE VALIDITY OR ENFORCEABILITY OF THESE SERVICE TERMS AND NO SOLICITATION OF ANY SUCH WRITTEN APPROVAL BY OR ON BEHALF OF WHITEHAT SHALL BE CONSTRUED AS AN INFERENCE TO THE CONTRARY. WHITEHAT’S ACCEPTANCE IS EXPRESSLY CONDITIONAL ON YOUR ASSENT TO THESE SERVICE TERMS TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE SERVICE TERMS ARE CONSIDERED AN OFFER BY WHITEHAT, ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.

 

  1. LICENSE FOR SERVICES / YOUR RESPONSIBILITIES

1.1 During the Promotional Period (as defined in Section 2 below) and subject to the terms and conditions of these Service Terms, WhiteHat hereby grants to You a limited, non-exclusive, non-transferable license to use and access the Services, for one (1) User for Your own legal purposes (for clarity, not for resale).  For the purposes of these Service Terms, “User” means an individual user of the Services as identified by a unique email address provided by You to WhiteHat that may not be transferred or reassigned. 

1.2 Subject to Section 1.1 above, WhiteHat will not charge You a license fee during the Promotional Period.  However, following such Promotional Period, You must enter into a service order for the license of the Services, subject to the existing agreement between You and WhiteHat or WhiteHat’s standard Master Software as a Service Agreement (each a “Master Services Agreement”).

1.3 You acknowledge and agree that: (i) it is Your sole responsibility to update and maintain any source code or binary code (“Customer Code”) on which WhiteHat performs the Services, including without limitation, fixing any security vulnerabilities revealed by the Services and Reports (as defined in Section 3.3 below); (ii) the Reports, including any remedial measures or source code / binary code provided therein which may address vulnerabilities, are not guaranteed by WhiteHat to show all vulnerabilities in the Customer Code; (iii) it is Your sole responsibility to test, vet and confirm that any proposed remedial measures referenced in the Reports or otherwise referenced by WhiteHat to You are appropriate for Your purposes before implementing such measures; and (iv) Your use of the Services does not render or guarantee that the Customer Code will be invulnerable or free from unauthorized access. You further acknowledge and agree that Your use of the Services starts on the Effective Date (defined below) and You are responsible for providing all applicable configuration data needed to perform the Services. Failure to provide configuration data does not release You from any responsibility in these Service Terms. You acknowledge and agree that Your and Your users’ use of the Services is dependent upon access to telecommunications and Internet services. You shall be solely responsible for acquiring and maintaining all such telecommunications and Internet services and other hardware and software required for Your access and use of the Services, including, without limitation, any and all costs, fees, expenses, and taxes of any kind related to the foregoing. WhiteHat shall not be responsible for any loss or corruption of data, lost communications, or any other loss or damage of any kind arising from any such telecommunications and Internet services.

1.4 During the Promotional Period, You may contact WhiteHat customer support via email to support@whitehatsec.com.

 

2.PROMOTIONAL PERIOD AND TERMINATION.  Unless otherwise agreed to between the parties, these Service Terms shall commence on the date You accept these terms online (the “Effective Date”), and shall continue for a period of six (6) months (the “Promotional Period”), unless earlier terminated as set forth herein. WhiteHat may, at its option, terminate these Service Terms immediately if You (i) fail to comply with any terms and conditions of these Service Terms or (ii) use the Service(s) other than as authorized herein. Sections 3-7 below shall survive any termination or expiration of these Service Terms. Any usage of the Scout Services described herein following the Promotional Period must be subject to a Master Services Agreement, pursuant to Section 1.2 above.

 

  1. PROPRIETARY RIGHTS

3.1 Right to Perform Services.  You hereby grant WhiteHat the right to access, use, assess and test the Customer Code in order to perform the Services for the Customer Code on Your behalf. You acknowledge and agree that WhiteHat’s access and use of the Customer Code when providing the Services, is not subject to any “Terms of Use” or other terms or conditions that may be posted on, linked or otherwise provided with, the Customer Code. You represent that You are either the owner of the Customer Code or have the authority to permit WhiteHat to provide the Services for the Customer Code. You shall provide WhiteHat adequate written evidence thereof upon WhiteHat’s request. In the event the Customer Code is owned by a third party, You shall indemnify WhiteHat for any claims against WhiteHat that arise from WhiteHat accessing such Customer Code to provide the Services.

3.2 Restrictions.  You shall not: (a) copy or otherwise reproduce, whether in whole or in part, the Services or software associated therewith; (b) modify or create any derivative work of the Services or software associated therewith; (c) sell, rent, loan, license, sublicense, distribute, assign or otherwise transfer the Services or software associated therewith; (d) cause or permit the disassembly, decompilation or reverse engineering of the Services or software associated therewith or otherwise attempt to gain access to the source code to the Services or software associated therewith; or (e) cause or permit any third party to do any of the foregoing.

3.3 Reservation of Rights.  Each party reserves all rights not expressly granted in these Service Terms and no licenses are granted by either party to the other party under these Service Terms except as expressly stated in this paragraph, whether by implication, estoppel or otherwise. WhiteHat and its licensors own and retain all right, title and interest (including all intellectual property rights) in and to the Services and associated software and materials, including any modifications or improvements thereof and to all data generated by performing the Services. WhiteHat hereby grants You a non-exclusive, irrevocable, perpetual, royalty free right and license to use the WhiteHat intellectual property contained in any (i) data reports generated by the Services for the Customer Code that contain the results of the tests performed by the Services, or (ii) remedial measures recommended by WhiteHat (collectively the “Reports”) for Your own legal purposes (for clarity, not for resale).

 

  1. No Warranty. WHITEHAT PROVIDES THE SERVICES “AS IS” AND MAKES NO WARRANTIES, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, WITH RESPECT TO THE SERVICES, REPORTS OR ANY OTHER RELATED DATA OBTAINED FROM THE SERVICES, AND SPECIFICALLY DISCLAIMS ANY WARRANTY OF AVAILABILITY, ACCURACY, RELIABILITY, USEFULNESS, ANY IMPLIED WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, TITLE OR FITNESS FOR A PARTICULAR PURPOSE AND ANY CONDITION OR WARRANTY ARISING FROM COURSE OF PERFORMANCE, DEALING OR USAGE OF TRADE.

 

  1. LIMITATION OF LIABILITY. IN NO EVENT SHALL WHITEHAT HAVE ANY LIABILITY TO YOU OR ANY THIRD PARTY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES OR ANY LOST OPPORTUNITY, DATA OR PROFITS, OR THE COSTS OF PROCUREMENT OR SUBSTITUTE GOODS OR SERVICES, ARISING OUT OF THESE SERVICE TERMS, OR ANY EXHIBIT, SCHEDULE OR ADDENDUM THERETO, UNDER ANY CAUSE OF ACTION OR THEORY OF LIABILITY (INCLUDING NEGLIGENCE OR OTHER TORT), WHETHER OR NOT WHITEHAT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL WHITEHAT’S AGGREGATE LIABILITY HEREUNDER FOR ANY CAUSE OF ACTION OR THEORY OF LIABILITY EXCEED ONE HUNDRED DOLLARS ($100.00). WHITEHAT SHALL NOT BE RESPONSIBLE FOR ANY MATTER BEYOND ITS REASONABLE CONTROL.

 

  1. CONFIDENTIALITY. By virtue of these Service Terms, the parties may have access to each other’s Confidential Information. “Confidential Information,” as used in these Service Terms, means any written, machine-reproducible and/or visual materials that are clearly labeled as proprietary, confidential, or with words of similar meaning, and all information that is orally or visually disclosed, if not so marked, if it is identified as proprietary or confidential at the time of its disclosure or in a writing provided within thirty (30) days after disclosure. Confidential Information does not include information that: (a) is now, or hereafter becomes, through no act or failure to act on the part of the receiving party, generally known or available to the public; (b) was acquired by the receiving party before receiving such information from the disclosing party and without restriction as to use or disclosure; (c) is hereafter rightfully furnished to the receiving party by a third party, without restriction as to use or disclosure; or (d) is information which the receiving party can document was independently developed by the receiving party without use of the disclosing party’s Confidential Information.

Neither party shall disclose any of the other party’s Confidential Information to any third party or use such Confidential Information for any purpose other than to (i) perform its obligations or exercise its rights under these Service Terms; (ii) use vulnerability data about Customer Code generated during the performance of the Services, after aggregating and sanitizing it, for data and analytics purposes or (iii) as otherwise required by law. Each party shall use the same measures to protect the Confidential Information of the other party as it uses with respect to its own confidential information of like importance, but in no event shall it use less than reasonable care, including, instructing its employees, vendors, agents, consultants and independent contractors of the foregoing and requiring them to be bound by appropriate confidentiality agreements. If a party is required to disclose by law Confidential Information of the other party, such party shall use best efforts to give the other party reasonable advance notice of such required disclosure. WhiteHat reserves the right to disclose the terms and conditions of these Service Terms, in confidence, (a) to accountants, banks and financing sources and their advisors for the purpose of securing financing; or (b) in connection with an actual or proposed merger or acquisition or similar transaction. Upon termination or expiration of these Service Terms the receiving party will promptly return to the disclosing party or destroy, at the disclosing party’s option, all tangible items containing or consisting of the disclosing party’s Confidential Information.

 

  1. GENERAL. These Service Terms constitute the entire agreement between WhiteHat and You with respect to the subject matter hereof and supersede any and all other prior and contemporaneous agreements, representations and understandings between the parties hereto regarding the subject matter hereof. Any terms contained in a purchase order or invoice issued by either party in connection with a transaction covered by these Service Terms are null and void. Any term or provision of these Service Terms may be amended, and observance of any provision of these Service Terms may be waived, only be a writing signed by the party to be bound; provided that WhiteHat reserves the right to unilaterally amend these Service Terms from time to time so long as Your use of the Services is not materially detrimentally impacted.  If any provision of the Service Terms is found to be invalid or unenforceable, such provision shall be severed from the Service Terms and the remainder of the Service Terms shall be interpreted so as best to reasonably affect the intent of the parties hereto.  All headings in the Service Terms are not to be considered in the construction or interpretation of any provision of the Service Terms.  The parties are independent contractors, and neither party will have the power to bind the other or incur obligations on the other’s behalf without such other party’s prior written consent.  These Service Terms shall be governed by the laws of the State of California without reference to conflicts of laws principles.  The parties consent to exclusive jurisdiction and venue in state and federal courts sitting in and for Santa Clara County, California.  Each party reserves the right to seek injunctive relief due to the other party’s actual or threatened breach of the Service Terms.  Neither party shall be responsible for any non-performance or delay attributable to any cause beyond its reasonable control (force majeure).  You may not assign these Service Terms, or any of Your rights or obligations hereunder, by operation of law or otherwise, without WhiteHat’s prior written consent. Any notice shall be in writing and shall be delivered by hand, confirmed email, or overnight express mail to the party’s corporate headquarters, Attn: Legal Dept.