|
|
| |
| |
ATTACK AUDIT
TERMS AND CONDITIONS OF USE
THESE TERMS AND CONDITIONS OF USE ARE YOUR CONTRACT WITH ATTACK AUDIT. PLEASE REVIEW CAREFULLY.
YOU ARE HEREBY AGREEING TO THESE TERMS AND CONDITIONS OF USE ("TERMS") BY (i) ACCESSING AND/OR USING WWW.ATTACKAUDIT.COM, (ii) USING ANY SERVICES OFFERED BY ATTACK AUDIT, INCLUDING, WITHOUT LIMITATION, REMOTE VULNERABILITY SCANNING AND PENETRATION TESTING OF YOUR SERVERS ("SERVICES") OR, (iii) BY ELECTRONICALLY CLICKING AN "I ACCEPT" BUTTON OR CHECKBOX IN THE REGISTRATION PAGES FOR THE SERVICES ON THIS WEBSITE.
ATTACK AUDIT MAY AMEND OR REVISE THESE TERMS OF USE AT ANY TIME. YOUR CONTINUED ACCESS AND USE OF WWW.ATTACKAUDIT.COM AND/OR YOUR USE OF THE SERVICES FOLLOWING THE POSTING OF ANY SUCH CHANGES WILL BE DEEMED YOUR ACCEPTANCE OF THE AMENDED OR REVISED TERMS.
1.) Description of Services. Attack Audit provides security audits of those IP addresses and servers registered as part of your Attack Audit account ("Servers") to ascertain the presence, if any, of security vulnerabilities in your Servers. Attack Audit's security audits are conducted through an external network connection and include, but are not limited to, port scanning and port connections, evaluating services by checking responses to certain requests, and crawling a website to perform testing of forms, application responses, and/or to confirm the existence of certain files. Security audits may from time to time include additional probing and validation beyond the scope of our normal automated vulnerability scanning Servers. In certain cases, the exploitation of a security vulnerability and/or extraction of data from your Servers may be conducted to support our security audit findings or to illustrate a vulnerability in the Servers to you. The Services do not include the auditing of individual hardware components.
2.) Nature of Services. The Services provided by Attack Audit are purely informational. Attack Audit does not provide you with any protection against hacking or other security intrusions or invasions into, nor does it repair any security problems with, your Servers. It is your sole responsibility to take appropriate action to correct any security problems identified by Attack Audit as a result of Attack Audit's audit of your Servers.
3.) Risks Inherent in the Services. You acknowledge that the Services (i) are and will be invasive and intrusive and will include attempts by Attack Audit to gain access to your Servers for the purpose of making you aware of the vulnerability of your Servers to intrusion, damage, and/or unauthorized use, (ii) may result in inadvertent damage to your Servers, (iii) may cause excessive amounts of log messages resulting in excessive disk space consumption, and/or (iv) may cause degradation of your Servers including, but not limited to, possible "slowdowns", "hanging" or "crashing" of your Servers, possible failure of your Servers as a result of attempts to invade it, or any other damage resulting from intrusive and/or invasive techniques used to gain access to your Servers.
4.) Use of Services.
a.) Authorization. You hereby authorize Attack Audit to perform the Services on your Servers.
b.) Assumption of the Risk. You agree that your use of the Services is at your own risk. Neither Attack Audit, nor any of its officer's, directors, shareholders, agents and/or employees are responsible for your use of the Services and/or any damage caused to your Servers and/or your business or otherwise, whether resulting from the Services or otherwise. In furtherance hereof, you acknowledge that Attack Audit is obligated to provide support, whether on-line or by telephone, only during normal Pacific Standard Time working hours.
c.) Authority to Scan. You hereby represent and warrant that you have full right, power, and authority to open an account with and/or retain Attack Audit to perform the Services.
5.) Registration.
a.) Login and Security.
i.) In order to register for the Services, you must select login names for each account user. Upon providing a login name for any account user, you agree that you are authorizing such person to access and utilize your Attack Audit account. You may terminate any authorized persons access to and/or use of your Attack Audit account by providing notice to support@attackaudit.com. Such notice will be effective upon written confirmation by Attack Audit, via email, of receipt.
ii.) You agree that you are solely responsible for the activity of all persons you have authorized to access and utilize your Attack Audit account. Strict confidentiality of all passwords, secret questions and login names is your sole responsibility.
iii.) You further agree not provide access to your Servers by (a) allowing others to use your account after you log in, whether intentionally or otherwise; (b) creating an account for someone who is not authorized to perform the role or view the information for which you have granted access; or (c) failing to revoke access for those who are no longer authorized to access your account for any reason.
iv.) You agree to immediately notify Attack Audit of any unauthorized access to or from your Attack Audit account.
b.) No Liability. You acknowledge and agree that Attack Audit is not liable for any disruption or damages resulting from its use or access, or any third parties use of or access, to your Servers and/or Attack Audit account, whether or not such access and/or use is with or without your knowledge or consent.
6.) Display of Certification Seal. Following completion of the initial security audit by Attack Audit and correction of any issues discovered as a result of such security audit, you are authorized to display the Attack Audit Certification Seals on your website. In this regard, you agree to place the HTML source code related to the Attack Audit Certification Seals only on sites approved by Attack Audit. Attack Audit Certification Seals shall at all times be served only from Attack Audit's designated servers and remain under the full control of Attack Audit. Attack Audit shall have the right to discontinue the serving of the Attack Audit Certification Seals should any Servers fail to meet the Attack Audit certification guidelines. Should you discontinue services with Attack Audit, you agree to immediately cease displaying the Attack Audit Certification Seals and remove all HTML source code supplied by Attack Audit from your Servers. You further agree that you are prohibited from using the Attack Audit Certification Seals for or on behalf of any other organization or in connection with any domain name and/or organization name other than those approved by Attack Audit. The Attack Audit Certification Seals shall reside on Attack Audit's server. You agree not to alter the Attack Audit's seals in any form, change the data contained within the image, change the file name of the image, or artificially change the size or shape of the image(s).
7.) Payment Matters and Billing.
a.) Payment. You agree to make payment for the Services annually, in advance. Subject to Paragraph 8 below, all annual subscriptions are non-refundable.
b.) Automatic Renewal. You agree that your subscription to the Services will automatically renew at the end of each year of your subscription period at the then current retail price for the Services and your subscription will continue thereafter until such a time as you request, in writing, to terminate such Services, provided, however, that all requests for termination following the initial year of your subscription must be received by Attack Audit at least 15 days prior to the beginning of the next year in order for your Services to be terminated with respect to the upcoming year.
c.) Change in Fees. Attack Audit may change it fees and charges at any time following thirty (30) days notice to you from Attack Audit, which notice may be sent to you, via e-mail.
d.) Limitation on Claims. All invoices from Attack Audit to you will be considered final ninety (90) days from the date such invoice is delivered to you, whether such delivery is by e-mail or otherwise. You agree not to make any claims related to billing errors after such ninety (90) day period expires.
e.) Billing Information. You agree to immediately notify Attack Audit of any changes related to your account with Attack Audit, including, without limitation, changes in your billing address or applicable credit card used for billing purposes.
8.) Refunds. If for any reason you are not completely satisfied with the Services, you may request Attack Audit to terminate your Account, provided such request is made within thirty (30) days of the issuance by Attack Audit of its first audit report respecting your account ("Guarantee Period"). In the event you make such request within the Guarantee Period, Attack Audit will provide you with a full refund of all subscription fees paid by you in advance for your annual subscription.
9.) Sales and Use Taxes. You shall be solely responsible for and agree to pay all sales or use taxes, if any, related to the Services. In addition, you agree to pay all other local, state or federal taxes arising out of your use of Services (excluding any income taxes of Attack Audit), and upon request from Attack Audit, you agree to provide Attack Audit with written proof of such payment.
10.) Intellectual Property.
a.) Ownership and Use of Trademarks.
i.) Attack Audit owns the Services and all trademarks, logos, service marks ("Marks") utilized in connection with the Services and/or displayed on this Website. Your use of this Website and/or the Services does not confer upon you any right, title or interest in or to the Marks.
ii.) You agree to utilize the Marks only as provided in these Terms. Furthermore, and without limitation of the foregoing, you agree that you will not use, reproduce or display any Mark without Attack Audit's prior written consent, in each instance.
b.) Copyrights. This Website and its contents ("Content") are copyrighted and such copyrights are owned by Attack Audit. You are permitted to view, print, and/or distribute the Content in hard copy from this Website provided that (1) you use the Content for your personal or internal business use only and not for any purpose contrary to Attack Audit's interests; (2) you do not copy, use or place any Content on any network or other website for any purpose other than as contemplated by these Terms; (3) you do not modify, alter, or create derivative works of, the Content; and (4) you include Attack Audit's copyright notice on such Content as follows: Copyright 2008 Attack Audit, Inc., All Rights Reserved.
c.) No Rights. Except as expressly provided herein, nothing included in this Website or the Services is intended, nor shall be construed, to confer in or upon you any rights in, to or under any Content, Mark, copyright, or patent.
11.) NO WARRANTY.
a.) THE SERVICES ARE PROVIDED BY ATTACK AUDIT ON AN "AS IS, AS AVAILABLE" BASIS WITHOUT ANY WARRANTY OF ANY KIND WHATSOEVER. IN FURTHERANCE OF THE FOREGOING AND WITHOUT LIMITATION, ATTACK AUDIT DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, OR ARISING BY CUSTOM AND USAGE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT IN CONNECTION WITH THE SERVICES.
b.) IN FURTHERANCE OF THE FOREGOING AND WITHOUT LIMITATION, YOU ACKNOWLEDGE THAT AUDITING COMPUTER SECURITY IS HIGHLY COMPLEX AND CHANGEABLE. ATTACK AUDIT MAKES NO WARRANTY THAT THE SERVICES WILL LOCATE OR IDENTIFY EVERY SECURITY VULNERABILITY IN YOUR SERVERS, OR THAT THE SOLUTIONS SUGGESTED AND ADVICE PROVIDED BY ATTACK AUDIT WILL BE COMPLETE AND/OR ERROR-FREE.
c.) ADDITIONALLY, ATTACK AUDIT MAKES NO REPRESENTATION OR WARRANTY THAT THE SERVICES WILL ALWAYS BE AVAILABLE AND/OR WITHOUT INTERRUPTION, THAT THE SERVICES WILL BE ERROR FREE, THAT THE SERVICES WILL BE ARE FREE FROM VIRUSES, BUGS OR OTHER HARMFUL COMPONENTS, OR THAT THE SERVICES WILL MEET YOUR REQUIREMENTS.
12.) Limitation of Liability.
a.) YOU ASSUME ALL RESPONSIBILITY AND RISK FOR THE USE OF THIS WEBSITE, THE SERVICES AND THE INTERNET GENERALLY.
b.) YOU AGREE THAT YOU ARE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR SERVERS AND/OR DATA AS A RESULT OF THE SERVICES OR OTHERWISE.
c.) YOU AGREE THAT ATTACK AUDIT SHALL HAVE ABSOLUTELY NO LIABILITY TO YOU OR ANY THIRD PARTIES FOR ANY INTERRUPTIONS, DELAYS, FAILURES TO PERFORM, DAMAGES, LOSSES OR DESTRUCTION, OR MALFUNCTION OF SERVERS OR OTHER EQUIPMENT, OR ANY CONSEQUENCE THEREOF CAUSED OR OCCASIONED BY THE SERVICES, ANY HACKING BY THIRD PARTIES, AND/OR ANY VULNERABILITIES IN YOUR SERVERS.
d.) YOU EXPRESSLY AGREE THAT ATTACK AUDIT SHALL HAVE NO LIABILITY OR OBLIGATION WHATSOEVER TO YOU OR ANY THIRD PARTY, WHETHER ARISING FROM CONTRACT, TORT (INCLUDING NEGLIGENCE), WARRANTY, OR OTHERWISE, FOR ANY LOSS OF REVENUE, PROFIT, DATA, USE OF MONEY, USE OF TIME, OR FOR ANY INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE OR INDIRECT DAMAGES, FORESEEN, FORESEEABLE, UNFORESEEABLE, OR OTHERWISE, ARISING FROM THE SERVICES. THIS LIMITATION APPLIES TO ALL CLAIMS OR CAUSES OF ACTION, INCLUDING, BUT NOT LIMITED TO, THOSE ARISING FROM THE AVAILABILITY OF THE SERVICES, YOUR ACCESS AND USE OF THIRD PARTY SERVICES, CONTENT OR SOFTWARE, OR ANY OTHER MATTER RELATING TO THE SERVICES, BUT NOT LIMITED TO, SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES THAT INCLUDE, BUT ARE NOT LIMITED TO, DAMAGES FOR ANY LOSS OF PROFIT, REVENUE OR BUSINESS ARISING OUT OF ATTACK AUDIT'S SERVICES PROVIDED HERE UNDER.
e.) YOU AGREE THAT ATTACK AUDIT'S LIABILITY FOR ALL CAUSES OF ACTIONS RELATING TO THESE TERMS AND/OR THE SERVICES SHALL BE LIMITED TO AND SHALL NOT EXCEED THE TOTAL AMOUNT OF MONIES PAID BY YOU TO ATTACK AUDIT IN THE 12 MONTHS PRECEDING THE PROPER SERVICE OF THE CAUSE OF ACTION.
13.) Indemnity.
a.) Your Indemnity. You agree to indemnify, hold harmless, and defend Attack Audit, its officers, directors, shareholders, employers, agents, suppliers, licensors, and other related parties from and against all claims, demand, actions, losses, obligations, liabilities, damages, costs and expenses (including attorney's fees) ("Claims") resulting from, related to or arising from (i) your breach of these Terms, (ii) your Attack Audit account, and/or (iii) the Services.
b.) No Indemnity by Attack Audit. Attack Audit does NOT indemnify you against any Claims made against you by others as a result of your use of the Services or otherwise.
14.) Modification Services. Attack Audit also reserves the right to modify, discontinue or suspend the Services at any time, without notice. Any new or modified features of the Services are subject to these Terms.
15.) Breach/Remedies.
a.) Definition of Breach. You will be in breach of these Terms if you (i) fail to make payment to Attack Audit of any amount owing Attack Audit when due, (ii) fail to comply with any provision of these Terms, and/or (iii) make any representation that is or becomes inaccurate or untrue.
b.) Remedies. In the event of your breach, Attack Audit may immediately, and without waiver of any rights and remedies available to it under law or equity, (i) terminate all or any part of the Services, and/or (ii) take any other lawful action Attack Audit deems appropriate, in its sole discretion, to enforce your obligations to Attack Audit.
c.) Termination or Suspension of Services. Notwithstanding anything contained in these Terms to the contrary or otherwise, Attack Audit reserves the right to discontinue or suspend the Services and/or your Attack Audit account at any time, with or without cause and with or without prior notice. Upon any such suspension or termination, you will be responsible for payment of current charges up to and including the day of termination.
16.) Links to Third Party Sites. This Website may contain links to third-party sites. You acknowledge and agree that Attack Audit is not responsible or liable for the content, information, services, or products of any such third-party sites, and that links to a third-party site do not constitute endorsement of all or any portion of that site by Attack Audit. You further agree to and hereby do expressly assume all risk of accessing any and all third-party sites.
17.) Term and Termination. These Terms, as may be amended, shall remain in effect for as long as you subscribe to, renew, or use the Services. You agree that these Terms can only be terminated by you once you have stopped using the Services and have paid all monies owed to Attack Audit. You agree that Attack Audit can terminate these Terms at any time for any reason, with or without cause. Your account will automatically renew on a yearly basis, unless either you or Attack Audit terminates the account in advance of the annual renewal date for the your account.
18.) Confidentiality. You will, by using the services or by contact with Attack Audit,
come into contact with confidential information of Attack Audit, including, but not limited to, trade secrets, methods, details about the Services or other products offered by Attack Audit, and business or marketing plans ("Confidential Information"). The Confidential Information is owned solely by Attack Audit and is considered to be proprietary and confidential. You agree to hold the Confidential Information in strict confidence and take reasonable measures to keep it secure. Your agreements contained in this Paragraph 18 shall survive the termination your account, your use of the Services, and/or the expiration of these Terms.
19.) Privacy. Our Privacy Policy, also on this Website, describes our privacy policies and practices. By agreeing to these Terms, you also agree to comply with the provisions of the Privacy Policy.
20.) Miscellaneous Provisions.
a.) Entire Agreement. These Terms, including all information incorporated herein by reference, sets forth all (and is intended by all parties to be an integration of all) of the representations, promises, agreements and understandings among you and Attack Audit, and supersedes any and all prior or contemporaneous oral or written communications and/or agreements between you and Attack Audit, all of which are merged herein.
b.) Burden and Benefit. These Terms are binding upon each of our respective heirs, devisees, executors, personal representatives, administrators, successors and assigns .
c.) Descriptive Headings. The headings of the articles and sections of these Terms are inserted for convenience only and shall not be deemed to be a part of these Terms.
d.) Modifications and Amendments. No amendment, change or modification of these Terms shall be valid unless posted on this Website by Attack Audit or otherwise agreed to in writing and signed by both Attack Audit and you.
e.) Waiver. No waiver of any provision of these Terms and/or your rights or obligations shall be effective, except pursuant to a written instrument signed by Attack Audit and any such waiver shall be effective only in the specific instance and for the specific purpose stated in such writing.
f.) Governing Law. This Agreement shall be governed by, and interpreted in accordance with the laws of the State of California.
g.) Arbitration. We each agree to submit any dispute concerning the Terms and/or the Services to final and binding arbitration in Los Angeles pursuant to the commercial rules of the American Arbitration Association. At the request of any party, the arbitrators, attorneys, parties to the arbitration, witnesses, experts, court reporters or other persons present at the arbitration shall agree in writing to maintain the strict confidentiality of the arbitration proceedings. Arbitration shall be conducted by a single, neutral arbitrator or, at the election of any party, three neutral arbitrators, appointed in accordance with the commercial rules of the American Arbitration Association. The award of the arbitrator shall be enforceable according to the applicable provisions of the California Code of Civil Procedure. The arbitrator may award damages and/or permanent injunctive relief. Notwithstanding the foregoing, a party may apply to a court of competent jurisdiction for relief in the form of a temporary restraining order and/or preliminary injunction pending final determination of a claim through arbitration in accordance with this Section.
i.) Waiver of Jury Trial. You hereby waive your right to a jury trial of any claim or cause of action based on or arising out of these Terms and/or the Services. You acknowledge that this waiver is a material inducement to Attack Audit to establish your account and provide the Services to you and that Attack Audit will continue to rely on this waiver in its future dealings with you.
j.) Severability. If any provision of these Terms is determined by any court or arbitrator of competent jurisdiction to be invalid, illegal or unenforceable in any respect, such provision will be enforced to the maximum extent possible given the intent of the parties hereto. If such clause or provision cannot be so enforced, such provision shall be stricken from these Terms and the remainder of these Terms will be enforced as if such invalid, illegal or unenforceable clause or provision had (to the extent not enforceable) never been contained in this Agreement.
k.) Governing Law. These Terms are to be governed and construed in accordance with the laws of the State of California, without regard for principles of conflicts of laws.
|
|
| |
|
