AttackIQ Flex and Ready! Agreement

This EULA applies specifically to AttackIQ Flex and Ready!. If you are using AttackIQ Enterprise, please refer to the AttackIQ Enterprise EULA.

---

Customer’s use of the Flex Report and Ready! Report will be governed by the AttackIQ Flex and Ready! Agreement displayed below.

PLEASE READ THIS ATTACKIQ FLEX AND READY! AGREEMENT CAREFULLY. THIS ATTACKIQ FLEX AND READY! AGREEMENT, TOGETHER WITH THE READY! QUOTE, IS A BINDING CONTRACT FOR THE USE OF THE ATTACKIQ FLEX REPORT AND READY! REPORT.

IF YOU DO NOT AGREE TO BE BOUND BY ALL OF THE PROVISIONS OF THIS ATTACKIQ FLEX AND READY! AGREEMENT THEN DO NOT ACCESS OR USE THE ATTACKIQ FLEX REPORT OR READY! REPORT.

This AttackIQ Flex and Ready! Agreement is entered into by AttackIQ, Inc. a Delaware corporation (“AttackIQ”) and the customer purchasing the Flex Report or listed on the Ready! Quote, or both (“Customer”).

Section 1—Agreement.

This AttackIQ Flex and Ready! Agreement made between Customer and AttackIQ governs the use of the Flex Report or the quote for the Ready! Report prepared for Customer (“Quote”), or both (collectively, the “Agreement”). A list of additional definitions appears at the end of this AttackIQ Flex and Ready! Agreement.

Section 2—Offerings.

2.1 Overview.

The goal of the Flex Report and the Ready! Report is to identify evidence of security gaps that require remediation, and ultimately, to enable Customer to demonstrate improvement in its security program over time.

2.2 Flex.

Subject to the terms of the Agreement, during the Flex Subscription Term AttackIQ will deliver a Flex Report to Customer. The “Flex Subscription Term” commences on the date Customer places credits in its Credit Account and continues until Customer’s Credit Account balance is zero, unless  terminated earlier pursuant to  Section 6.

2.3 Ready!

a) Subject to the terms of the Agreement, during the Ready! Subscription Term AttackIQ will deliver a Ready! Report to Customer. The “Ready! Subscription Term” commences on the Start Date listed on the Quote and ends on the End Date listed on the Quote, unless  terminated earlier pursuant to  Section 6.

b) Agents. In order to receive the Ready! Report, Customer first must deploy the Agent, up to the maximum number of Agents listed on the Order, on machines owned or controlled by Customer. Subject to the terms of this Agreement, AttackIQ grants to Customer a limited, non-exclusive, non-sublicensable, non-transferable license during the Term to install, reproduce and use the Agent, solely for the Purpose. Customer is responsible for deploying the Agents appropriately in order to establish Customer’s in-scope testing parameters.

2.4 Support Services.

Subject to Customer’s payment obligations under this Agreement, AttackIQ will provide technical support services by email to [email protected], for no additional charge.

2.5 Reports; Ownership

a) Flex Report; Ownership. During the Flex Subscription Term, AttackIQ will provide Customer’s Users with a monthly report outlining the in-scope testing performed and the results of the completed battery of standard assessments run, as further described in the Flex Documentation (the “Flex Report”). AttackIQ will determine the scope of the standard testing. AttackIQ will deliver the Flex Report to Customer only electronically. Customer owns all right, title and interest in the Flex Report; provided, however, that AttackIQ retains ownership of generic template text included in the Flex Report that AttackIQ makes generally available to AttackIQ customers.

b) Ready! Report; Ownership. During the Ready! Subscription Term, AttackIQ will provide Customer’s Users with a monthly report outlining the in-scope, standard testing performed and the results of the completed battery of standard assessments run, as further described in the Ready! Documentation (the “Ready! Report”). AttackIQ will determine the scope of the standard testing. AttackIQ will deliver the Ready! Report to Customer only electronically. Customer owns all right, title and interest in the Ready! Report; provided, however, that AttackIQ retains ownership of generic template text included in the Ready! Report that AttackIQ makes generally available to AttackIQ customers.

2.5 Limitations.

Customer may not use the Flex Report or Ready! Report in any manner or for any purpose other than the Purpose. The Flex Report and the Ready! Report follow a defined testing method, based on industry vulnerability standards, to identify certain weaknesses, vulnerabilities and exploits, on the in-scope resources being tested. A weakness, noncompliance issue or vulnerability may not be discovered if evidence of it is not encountered by AttackIQ, or if it is a new, unknown or unlikely weakness, vulnerability or exploit.

Section 3—Data.

3.1 Customer Data Security.

AttackIQ shall maintain appropriate security for the Customer Data, consistent with the security standards AttackIQ uses to protect its Confidential Information and consistent with industry technical and organizational standards to protect against unauthorized processing and accidental loss or damage of the Customer Data.

3.2 Limited Use.

AttackIQ will use the Customer Data solely for the purpose of providing the Flex Report or Ready! Report, or both, to Customer. AttackIQ will delete the Customer Data within twenty (20) days of a request to do so from Customer or as otherwise required by law.

3.3 Personal Data.

If Customer provides Personal Data to AttackIQ under this Agreement, then AttackIQ shall comply with U.S. and European Union federal, national and state laws related to data privacy in effect during the Term of this Agreement where the Personal Data data subject resides, including to the extent applicable, the California Consumer Privacy Act of 2018, Title 1.81.5 (commencing with Section 1798.100) to Part 4 of Division 3 of the Civil Code (“CCPA”) and the laws of the European Union member states under the General Data Protection Regulation (“GDPR”). AttackIQ and its subprocessors are expressly prohibited from: (i) selling Personal Data for monetary or other valuable consideration; (ii) sharing, collecting, retaining, using, or disclosing Customer Personal Data for any purpose, other than the express purpose of providing the Flex Report or Ready! Report to Customer. AttackIQ acknowledges and confirms that it does not receive any Personal Data as consideration for any services or products that it provides to Customer under this Agreement.

Section 4—Additional Proprietary Rights, License Grants.

4.1 Proprietary Rights.

The Agent and Documentation are the exclusive property of AttackIQ and constitute valuable intellectual property and proprietary materials of AttackIQ. Subject to the limited rights expressly granted in this Agreement, AttackIQ reserves all right, title and interest in and to Agent and Documentation and all derivative works thereof, including all Intellectual Property Rights. No rights are granted to Customer except as expressly set forth in this Agreement.

4.2 Customer Data.

As between the Parties, the Customer Data is the exclusive property of Customer and constitute valuable intellectual property and proprietary materials of Customer. Subject to the limited rights expressly granted in this Agreement, Customer reserves all right, title and interest in and to the Customer Data and Personal Data, including all Intellectual Property Rights. No rights are granted to AttackIQ except as expressly set forth in this Agreement. Subject to the terms of the Agreement, Customer hereby grants to AttackIQ a non-exclusive, royalty-free, worldwide license to use, copy, modify, perform and display the Customer Data during the Term, solely for the purpose of providing the Flex Report or Ready! Report, or both, to Customer.

4.3 Feedback.

Customer hereby grants to AttackIQ a non-exclusive, royalty-free, irrevocable, perpetual, worldwide, license to use suggestions, comments, improvements, ideas or other feedback or materials provided by Customer (the “Feedback”) for AttackIQ’s business purposes. AttackIQ will exclusively own any improvements or modifications to AttackIQ’s proprietary intellectual property based on or derived from any Feedback including all Intellectual Property Rights in and to the improvements and modifications.

4.4 Trademarks.

AttackIQ owns all right, title and interest in and to the AttackIQ Marks and any goodwill arising out of the use of the AttackIQ Marks will remain with and belong to AttackIQ. Customer may not copy, imitate or use the AttackIQ Marks without the prior written consent of AttackIQ. Customer shall not remove or destroy any proprietary, trademark or copyright markings or notices placed upon or contained within the Flex Report or Ready! Report. Customer will not in any way dispute, challenge or contend the validity of the AttackIQ Marks or any trademark, service mark or copyright registration owned by AttackIQ.

4.5 Compiled Data.

AttackIQ may compile statistical information concerning the existence of generic security vulnerabilities and other security risks obtained as a result of preparing the Flex Report or Ready! Report that are not specific to Customer or its clients (“Compiled Data”) and may use the Compiled Data to analyze security threat trends and patterns. For clarity, the Compiled Data shall not include any Customer Confidential Information, any references to Customer or its clients or any other information that would identify Customer or its clients.

Section 5—Payments.

5.1 Flex.

a) Credit Account. Customer must purchase sufficient credits, in advance, in order to receive each Flex Report.  Customer’s current credit balance is displayed in Customer’s Flex portal credit account (the “Credit Account”).  Credits displayed in the Credit Account are non-refundable and expire on the first anniversary of the date of purchase of the credits.

b) Amount; Payment. In exchange for the right to obtain the Flex Report, Customer agrees to pay the amounts specified for the type of report selected by Customer, by deducting the appropriate amount from Customer’s Credit Account (the “Flex Fee”).

5.2 Ready!

a) Amount. In exchange for the right to obtain the Ready! Report, Customer agrees to pay the amounts specified in the applicable Quote (the “Ready! Fee” and together with the Flex Fee, the “Fee”).

b) Payment. The Ready! Fee is payable in full, in advance for the Term, unless the Quote provides otherwise. AttackIQ may impose interest on late payments of undisputed invoices at the lower of 1.5% per month, or the maximum rate allowable by applicable law. All invoices are payable net thirty (30) days from date of invoice in United States Dollars. Except as explicitly provided in this Agreement, all payments are non-refundable.

5.3 Taxes.

The Fee does not include taxes and Customer shall be responsible for all such taxes, levies or duties associated with this Agreement, other than taxes based on AttackIQ’s net income; except that if Ready! is taxable in the jurisdiction where Customer is located, and if AttackIQ is registered in this jurisdiction to collect sales tax, then AttackIQ will include Customer’s sales tax on the invoice. Customer’s payment of the Fee is not contingent on the delivery of future functionality.

5.4 Ready! Invoice Disputes.

Customer must notify AttackIQ of any Ready! invoice dispute within thirty (30) days of the date of the applicable invoice and shall cooperate with AttackIQ in good faith in resolving any such dispute. If the Parties are unable to resolve such dispute within thirty (30) days after Customer’s notice of the dispute each Party shall have the right to seek any remedies it may have under this Agreement, at law or in equity. For clarity, any undisputed amount must be paid in full. AttackIQ may accept any payment in any amount without prejudice to AttackIQ’s right to recover the balance of any amount due or to pursue any other right or remedy. Customer shall pay all of AttackIQ’s reasonable fees, costs and expenses (including reasonable attorneys’ fees) if legal action is required to collect outstanding undisputed balances.

Section 6—Term and Termination.

6.1 Term.

This Agreement commences on the date it is accepted by Customer and continues until it is terminated pursuant to this Section 6 (the “Term”).

6.2 Termination for Material Breach.

If either Party materially breaches any term of this Agreement and fails to cure such breach within thirty (30) days after written notice by the non-breaching Party (fifteen (15) days in the case of non-payment), then the non-breaching Party may terminate this Agreement immediately upon notice.

6.3 Effect of Termination.

a) In General. In the event of any termination or expiration of this Agreement: (i) all of Customer’s rights under this Agreement will immediately terminate; (ii) the licenses granted in this Agreement will terminate; (iii) AttackIQ will immediately cease preparing the Flex Report and Ready! Report; and (v) unless this Agreement has been terminated by Customer due to the material breach of AttackIQ, Customer shall pay the Ready! Fee in full.

b) Deletion of Customer Data. In the event of any termination or expiration of this Agreement AttackIQ will delete the Customer Data stored by AttackIQ without undue delay.

c) Survival. Provisions of this Agreement that by their nature are intended to survive, will continue to apply in accordance with their terms including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, limitations of liability and the miscellaneous provisions of the Section entitled Miscellaneous.

6.4 Remedy.

If Customer terminates this Agreement due to material breach by AttackIQ under Subsection 6.2, then AttackIQ shall refund any pre-paid Ready! Fees on a pro rata basis for the remaining Term within thirty (30) days of Customer’s termination.

Section 7—Confidential Information.

7.1 Confidentiality Generally.

If the Parties have entered into a Non-Disclosure Agreement (“NDA”), this Agreement incorporates the NDA. If the Parties have not signed an NDA, then the Recipient will protect Confidential Information of the Discloser against any unauthorized use or disclosure to the same extent that the Recipient protects its own Confidential Information of a similar nature against unauthorized use or disclosure, but in no event will use less than a reasonable standard of care to protect such Confidential Information; provided that the Confidential Information of the Discloser is conspicuously marked or otherwise identified as confidential or proprietary upon receipt by the Recipient or the Recipient otherwise knows or has reason to know that the same is Confidential Information of the Discloser. All Customer Data and Personal Data is the Confidential Information of Customer. The Recipient will use any Confidential Information of the Discloser solely for the purposes for which it is provided by the Discloser.

7.2 Exceptions.

This Section 7 will not be interpreted or construed to prohibit: (a) any use or disclosure which is necessary or appropriate in connection with the Recipient’s performance of its obligations or exercise of its rights under this Agreement; (b) any use or disclosure required by applicable law (for example, pursuant to applicable securities laws or legal process), provided that the Recipient uses reasonable efforts to give the Discloser reasonable advance notice thereof (to afford the Discloser an opportunity to intervene and seek an order or other appropriate relief for the protection of its Confidential Information from any unauthorized use or disclosure); or (c) any use or disclosure made with the written consent of the Discloser.

Section 8—Limited Warranties and Remedies.

8.1 Mutual Warranties.

Each Party hereby represents and warrants to the other Party that (a) the individual executing this Agreement on behalf of such Party is duly authorized to execute this Agreement on its behalf, and (b) this Agreement is a valid and binding obligation of such Party and enforceable against such Party in accordance with its terms.

8.2 Disclaimers.

AttackIQ does not provide any warranties regarding the FLEX REPORT OR READY! Report. EXCEPT AS EXPRESSLY PROVIDED IN THIS SECTION 8, ATTACKIQ MAKES NO WARRANTY OR GUARANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND SPECIFICALLY DISCLAIMS ALL OTHER WARRANTIES, WHETHER IMPLIED OR STATUTORY, INCLUDING ANY IMPLIED WARRANTY OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. CUSTOMER ACKNOWLEDGES THAT THE DISCLAIMERS IN THIS SECTION 8 ARE A MATERIAL PART OF THIS AGREEMENT, AND ATTACKIQ WOULD NOT HAVE ENTERED INTO THIS AGREEMENT BUT FOR SUCH DISCLAIMERS.

Section 9.—Indemnification.

9.1 IP Indemnification

a) Subject to Subsection 9.2 (Process), AttackIQ will, at its expense, either defend Customer from or settle any claim, suit or proceeding (“Claim”) brought by a third party against Customer alleging that Customer’s use of the portions of the Flex Report or Ready! Report provided by AttackIQ in accordance with this Agreement infringes or misappropriates such third party’s copyright, trademark or trade secret intellectual property rights.

b) AttackIQ will indemnify Customer from and pay: (i) all damages, costs and attorneys’ fees finally awarded against Customer in a Claim under Subsection 9.1(a); (ii) all out-of-pocket costs (including reasonable attorneys’ fees) reasonably incurred by Customer in connection with the defense of a Claim under Subsection 9.1(a) (other than attorneys’ fees and costs incurred without AttackIQ’s consent after AttackIQ has accepted defense of the Claim); and (iii) all amounts that AttackIQ agrees to pay to any third party to settle a Claim under Subsection 9.1(a). Further, should the Flex Report or Ready! Report become, or in AttackIQ’s opinion is likely to become, the subject of a claim of infringement or misappropriation AttackIQ may, at its option and expense: (x) obtain the right for Customer to continue to use the Flex Report or Ready! Report, (y) modify the Flex Report or Ready! Report so as to make it non-infringing and substantially comparable or (z) terminate this Agreement by providing notice to Customer and provide Customer with a refund of any pre-paid Fees for the infringing portion of the Flex Report or Ready! Report.

c) AttackIQ’s indemnity obligation will not apply to the extent any infringement or misappropriation arises as a result of: (i) Customer Data included in the Flex Report or Ready! Report, (ii) use of the Flex Report or Ready! Report in violation of the Agreement, (iii) modification of the Flex Report or Ready! Report by any party other than AttackIQ, or (iv) Client’s use of a superceded version of a Flex Report or Ready! Report, if the infringement could have been avoided by using the latest version of the Flex Report or Ready! Report.

9.2 Process.

Customer will promptly notify AttackIQ of any claim subject to this Section 9, but Customer’s failure to promptly notify AttackIQ will only affect AttackIQ’s obligations under this Section 9 to the extent that such failure prejudices AttackIQ’s ability to defend the Claim. AttackIQ may: (a) use counsel of its own choosing to defend against any Claim; and (b) settle the Claim as AttackIQ deems appropriate (except that AttackIQ may not settle any Claim unless the settlement unconditionally releases Customer of all liability related to the Claim). Customer shall provide AttackIQ, at AttackIQ’s expense, with all assistance, information and authority reasonably required for the defense and settlement of the Claim

Section 10—Limitations of Liability.

10.1 By Type.

EXCEPT FOR EITHER PARTY’S BREACH OF SECTION 7 (CONFIDENTIAL INFORMATION) OR ATTACKIQ’S OBLIGATIONS UNDER SECTION 9 (INDEMNIFICATION), IN NO EVENT WILL A PARTY HAVE ANY LIABILITY TO THE OTHER PARTY or any third party FOR ANY consequential, INDIRECT, SPECIAL, INCIDENTAL, REMOTE, SPECULATIVE, COVER, PUNITIVE or exemplary DAMAGES, (including loss of use, data, business or profits) regardless of the theory of liability or whether the liable Party HAS BEEN ADVISED OF THE POSSIBILITY OF THESE TYPES OF DAMAGES.

10.2 By Amount Generally.

EXCEPT FOR EITHER PARTY’S BREACH OF SECTION 7 (CONFIDENTIAL INFORMATION) IN NO EVENT will either Party be liable for aggregate damages in excess of the GREATER OF (A) $50,000 AND (B) THE fees PAID OR PAYABLE BY CUSTOMER TO ATTACKIQ UNDER THIS AGREEMENT, regardless of the theory of liability or whether the liable Party HAS BEEN ADVISED OF THE POSSIBILITY OF such DAMAGES.

10.3 Exclusions.

No limitation of liability in this Agreement, whether through the exclusion of certain types of damages, a cap on the amount of damages, or other limitation, applies to either Party’s liability for violation of the other party’s intellectual property rights, gross negligence, intentional misconduct, death or personal injury.

10.4 Allocation of Risk.

The Parties agree that the limitations specified in this Section 10 will survive and apply even if any limited remedy specified in this Agreement is found to have failed of its essential purpose. Each Party acknowledges that the foregoing limitations are an essential element of this Agreement and a reasonable allocation of risk between the Parties and that in the absence of such limitations the pricing and other terms set forth in this Agreement would be substantially different.

Section 11.—Disputes.

11.1 Informal Dispute Resolution.

If a dispute arises between the Parties, then the Parties will use reasonable efforts to resolve the dispute through negotiation. If such negotiations result in an agreement in principle to settle the dispute, the Parties shall cause a written settlement agreement to be prepared, signed and dated, whereupon the dispute shall be deemed settled, and not subject to further dispute resolution.

11.2 Unresolved Disputes; Waiver of Jury Trial.

Upon the Parties’ mutual written agreement, any dispute under this Agreement may be submitted for resolution to mediation to occur at a mutually agreed upon location. The Parties reserve all rights to adjudicate any dispute not submitted to mediation hereunder, in any court of competent jurisdiction located in in Santa Clara County, State of California, USA; provided, however, that each Party hereby waives the right to a trial by jury in any such action.

11.3 Exception for Injunctive Relief.

The Parties acknowledge that any breach of the confidentiality provisions or the unauthorized use of a Party’s intellectual property may result in serious and irreparable injury to the aggrieved Party for which damages may not adequately compensate the aggrieved Party. The Parties agree, therefore, that, in addition to the dispute resolution process described above and any other remedy that the aggrieved Party may have, it shall be entitled to seek equitable injunctive relief without being required to post a bond or other surety or to prove either actual damages or that damages would be an inadequate remedy.

Section 12—Miscellaneous.

12.1 Logo Use.

AttackIQ may use Customer’s name and logo in listings of AttackIQ’s customers on the website located at www.AttackIQ.com and in other public statements or disclosures for the purposes of marketing the AttackIQ Solution. Customer may request that AttackIQ cease or modify any use of Customer’s name or logo that is misleading or tends to dilute Customer’s brand.

12.2 Force Majeure.

AttackIQ shall not be responsible for any failure to perform under this Agreement which is due to causes beyond its control including, without limitation, problems with the Internet or Customer’s hardware or software, third-party interference, network failure, wars, civil disturbance, court order, legislative or regulatory action, catastrophic weather conditions, pandemic, power or utility failure, or acts of God.

12.3 Independent Contractors.

Each Party is an independent contractor and not a partner or agent of the other. This Agreement will not be interpreted or construed as creating or evidencing any partnership or agency between the Parties or as imposing any partnership or agency obligations or liability upon either Party. Further, neither Party is authorized to, and will not, enter into or incur any agreement, contract, commitment, obligation or liability in the name of or otherwise on behalf of the other Party.

12.4 No Third-Party Beneficiaries.

This Agreement does not create any third-party beneficiary rights in any individual or entity that is not a Party to this Agreement.

12.5 Assignment.

Except as set forth in this Subsection, neither Party shall assign, delegate, or otherwise transfer this Agreement or any of its rights or obligations to a third party without the other Party’s prior written consent. Either Party may assign, without such consent but upon written notice, its rights and obligations under this Agreement to: (i) its corporate affiliate; or (ii) any entity that acquires all or substantially all of its capital stock or its assets related to this Agreement, through purchase, merger, consolidation, or otherwise. Any other attempted assignment shall be void. Subject to the foregoing, this Agreement will be fully binding upon, inure to the benefit of and be enforceable by any permitted assignee.

12.6 Applicable Law.

This Agreement will be interpreted, construed and enforced in all respects in accordance with the laws of the State of California, U.S.A., as applied to agreements entered into and to be performed entirely within California between California residents, without regard to conflicts of law principles. In such case, the sole and exclusive personal jurisdiction and venue for any legal proceedings in connection with this Agreement shall be in the California State Courts located in Santa Clara County and the U.S. District Court for the Northern District of California. The Parties waive any objections related to such jurisdictions and venues. The 1980 UN Convention on Contracts for the International Sale of Goods or its successor will not apply to this Agreement.

12.7 Notice.

Ordinary day-to-day operational communications may be conducted by email or telephone communications. Any other notices required by this Agreement will be in writing and given by personal delivery, by pre-paid first-class mail or by overnight courier to the address provided by Customer in Customer’s account setting or specified on the Ready! Quote (or such other address as may be specified in writing in accordance with this Subsection).

12.8 Additional Definitions.

“AttackIQ Marks” means any trademarks, service marks, service or trade names, logos, and other designations of AttackIQ.

“Confidential Information” means any information that is proprietary or confidential to the Discloser or that the Discloser is obligated to keep confidential (e.g., pursuant to a contractual or other obligation owing to a third party). Confidential Information may be of a technical, business or other nature (including, but not limited to, information which relates to the Discloser’s technology, software documentation, research, development, products, services, pricing of products and services, customers, employees, contractors, marketing plans, finances, contracts, legal affairs, or business affairs). However, Confidential Information does not include any information that: (a) was known to the Recipient prior to receiving the same from the Discloser in connection with this Agreement; (b) is independently developed by the Recipient; (c) is acquired by the Recipient from another source without restriction as to use or disclosure; or (d) is or becomes part of the public domain through no fault or action of the Recipient. All Customer Data and Personal Data is the Confidential Information of Customer.

“Customer Data” means: (a) data, including Personal Data, Customer provides to AttackIQ under this Agreement and (b) the contents of the Flex Report and Ready! Report that are specific to Customer, including information regarding Customer’s network security vulnerabilities and security threats.

“Discloser” means a Party that discloses any of its Confidential Information to the other Party.

“Documentation” means the documentation describing Flex or Ready! provided by AttackIQ to its Flex or Ready! customers.

“Intellectual Property Rights” means any patent, copyright, trademark, service mark, trade name, trade secret, know-how, moral right or other intellectual property right under the laws of any jurisdiction, whether registered, unregistered, statutory, common law or otherwise (including any rights to sue, recover damages or obtain relief for any past infringement, and any rights under any application, assignment, license, legal opinion or search).

“Party” means AttackIQ or Customer.

“Personal Data” means any information provided by Customer to AttackIQ used to identify a specific natural person, either alone or when combined with other information that is linkable by AttackIQ to a specific natural person. Personal Data also includes other information provided by Customer to AttackIQ about a specific natural person where the data protection laws in effect in the region where such person resides define this information as Personal Data.

“Purpose” means the limited purpose of evaluating and validating the effectiveness of Customer’s own computer network security infrastructure in connection with Customer’s ordinary, internal business operations.

“Recipient” means a Party that receives any Confidential Information of the other Party.

“User” means Customer’s current employees, independent contractors, agents and consultants who are authorized or permitted by Customer to access the Flex Report or Ready! Report on behalf of Customer.

12.9 Entire Agreement.

This Agreement, including any attachments and exhibits constitutes the complete and exclusive statement of all mutual understandings between the Parties with respect to the subject matter hereof, superseding all prior or contemporaneous proposals, communications and understandings, oral or written. No modification, amendment, or waiver of any provision of this Agreement will be effective unless it exists in writing and is signed by the Party against whom the modification, amendment, or waiver is to be asserted. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision will be deemed null and void, and the remaining provisions of this Agreement will remain in effect.