1. LICENSE GRANT / PURCHASE ORDERS
During the Term (as defined in Section 2.1) and subject to the
terms and conditions of this Agreement (as defined below), Cynet shall provide
to Customer (as defined in the applicable Purchase Order) a limited,
non-exclusive, non-transferable license to use and access (i) the Cynet 360
solution (the “Services”)
for Customer applications, hardware, firmware, computer systems (virtual or
standalone), data, user accounts, network environment (the “Systems”) (as that term is defined in Section 3.1) set
forth in a Purchase Order, (ii) any online information, product descriptions,
technical specifications, manuals and materials made available to the Customer,
relating to the use of the Services (the “Documentation”), or (iii) any training
materials and handouts provided to Customer, including, but not limited to,
documents, data, drawings, models, code, applications and reports, and
associated software and materials, including any modifications or improvements
thereof, that may include third party materials licensed to Cynet (the “Materials”), each as
described in an applicable Purchase Order. For the purposes of this
Agreement, a “Purchase
Order” shall be a duly executed quote with corresponding
purchase order, statement of work, order form or Purchase Order, etc. A Purchase
Order is an integral part of this Agreement. The license grant in this Section
1 for the Materials is provided solely for Customer’s internal use to further
expand and improve the knowledge base of its employees who have a need to know
such information, and expressly prohibits use of the Materials for production
or commercial purposes.
Unless otherwise specified in the Purchase Order, the terms of
this General Terms of Contract for Services will govern the Purchase Order
(together herein referred to as the “Agreement”).
This Agreement shall take precedence over any other agreements, contracts or
general terms that Customer may have entered into with Cynet.
2. TERM AND TERMINATION
2.1 Term.
This Agreement shall commence upon the Effective Date and shall continue for
one (1) year, or such longer period of time as set forth in such Purchase Order
(the “Initial Term”).
Unless otherwise specified in the Purchase Order, this Agreement shall
automatically renew for additional, successive one (1) year terms unless either
party notifies the other party in writing of its intent not to renew the
Agreement at least thirty (30) days prior to the end of the then current term.
The Initial Term and each renewal pursuant to this Section 2.1 shall together
be referred to herein as the “Term”.
2.2 Termination.
Either party may terminate this Agreement immediately if the other party fails
to cure a material breach within thirty (30) days after receipt of written
notice thereof.
2.3 Effect of Termination. Following
the termination or non-renewal of this Agreement, Cynet will cease providing the
Services and will ensure that all data from the Customer is deleted from the
system. Upon termination or non-renewal, Customer shall pay all undisputed
charges within thirty days of Customer’s receipt of invoice.
The
Cynet SOC commits to use reasonable commercial efforts to provide to the
Customer the following:
·
The Cynet SOC will be operational 24/7/365
days a year.
·
Cynet SOC staff will monitor for alerts
from the Customer’s Cynet 360 installation. SOC staff will contact the
Customer’s points of contact via approved communication channels, based on the
Alert Severity Matrix below.
·
Cynet SOC staff will be available to the
Customer to provide recommended remediation steps for the detected threat
·
The SOC response will be via email and a
call to the Customer contact as follows:
|
Severity |
Response Time |
|
Critical |
Within 2 hours |
|
High |
Within 4 hours |
|
Medium |
Within 6 hours |
|
Low |
Within 12 hours |
·
Provide Cynet with points of contact in
the event of a threat detection
·
Reasonable availability
of customer representatives when the SOC has detected a security incident
3.3 Exclusions. Cynet
shall not be responsible for any failure or deficiency of Services availability
to the extent caused by or associated with: (i) a Force Majeure Event (as
defined in Section 11.8); (ii) regularly scheduled or emergency maintenance and
upgrades (including, but not limited to the system upgrades described in
Section 3.2 above); (iii) any causes attributable to Customer or its contractors,
(iv) software or hardware not provided or controlled by Cynet; and (v) outages
elsewhere on the Internet, including but not limited to interruptions at any
Customer or third party data center or internet service provider that hinder
Customer’s access to the Services.
4. PROPRIETARY RIGHTS
4.1 Services.
Customer hereby grants Cynet the right to access, monitor, and assess the
Customer Systems for the purpose of performing the Services on behalf of
Customer. Customer acknowledges and agrees that Cynet’s access and
performance of Services, is not subject to any “Terms of Use” or other terms or
conditions that may be posted on, linked or otherwise provided with the
Customer Systems. Customer represents that it is either the owner of the all
Systems or has the authority to permit Cynet to provide the Services for the
Systems. Customer shall provide Cynet adequate written evidence thereof
upon Cynet’s request. In the event any of the Systems are owned by a third
party, Customer shall indemnify Cynet for any claims against Cynet that arise
from Cynet accessing such Systems to provide the Services.
4.2 Restrictions.
Customer shall not: (a) copy or otherwise reproduce, whether in whole or in part,
the Services (or software associated therewith), Documentation, Training or
Training Materials; (b) modify or create any derivative work of the Services
(or software associated therewith), Documentation, Training or Training
Materials; (c) sell, rent, loan, license, sublicense, distribute, assign or
otherwise transfer the Services (or software associated therewith),
Documentation, Training or Training Materials; (d) cause or permit the
disassembly, decompilation or reverse engineering of the Services (or software
associated therewith), Documentation, Training or Training Materials or
otherwise attempt to gain access to the source code of the Services (or
software associated therewith); or (e) cause or permit any third party to do
any of the foregoing.
4.3 Reservation of Rights.
Each party reserves all rights not expressly granted in this Agreement and no
licenses are granted by either party to the other party under this Agreement
except as expressly stated in this paragraph, whether by implication, estoppel
or otherwise. Cynet or its licensors own and retain all right, title and
interest (including all intellectual property rights) in and to the Services,
Documentation, and associated software, including any modifications or
improvements thereof. Subject to the terms of the Agreement, Customer
shall own all right, title and interest to all data reports that contain the
results of the monitoring and discovery performed by the Services (the “Reports”).
5. CUSTOMER RESPONSIBILITIES.
Customer acknowledges and agrees that (i) it is Customer’s sole responsibility
(at its discretion) to update and maintain the Systems, including without
limitation, fixing any security vulnerability revealed by the Services and
Reports, (ii) the Reports and Services are not guaranteed by Cynet to identify
and/or contain any and/or all vulnerabilities, incidents, issues of concern,
indicators of compromise, malware, risk to confidentiality of information,
Advanced Persistent Threats, or activity and (iii) it is Customer’s sole
responsibility to test, vet and confirm that any remedial measures contained in
the Reports are appropriate for Customer’s purposes. Customer further
acknowledges and agrees that Customer’s use of the Services does not render or
guarantee that the Systems will be invulnerable or free from unauthorized
access, use, or disclosure of information. Customer further acknowledges and
agrees that Customer’s use of the Services starts on the Effective Date and the
Customer is responsible for providing all configuration data (host names, user
accounts, etc.) needed to perform the Services. Failure to provide
configuration data does not release Customer from any responsibility in the
Agreement. Customer acknowledges and agrees that Customer’s and its
users’ use of the Services may be dependent upon access to telecommunications
and Internet services. Customer shall be solely responsible for acquiring
and maintaining all telecommunications and Internet services and other hardware
and software required for its access and use of the Services, including,
without limitation, any and all costs, fees, expenses, and taxes of any kind
related to the foregoing. Cynet shall not be responsible for any loss or
corruption of data, lost communications, or any other loss or damage of any
kind arising from any such telecommunications and Internet services.
6. PAYMENT TERMS. Cynet
will invoice the Customer for the fees set forth in an applicable Purchase
Order immediately following the effective date of such Purchase Order and
Customer shall pay the fees as set forth on such Purchase Order within thirty
days of Customer’s receipt of invoice.
7. LIMITATION OF LIABILITY. IN NO
EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY OR ANY THIRD
PARTY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, EXEMPLARY OR
CONSEQUENTIAL DAMAGES OR ANY LOST OPPORTUNITY, DATA OR PROFITS, OR THE COSTS OF
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, ARISING OUT OF THIS AGREEMENT, OR
ANY EXHIBIT, PURCHASE ORDER, SCHEDULE OR ADDENDUM THERETO, UNDER ANY CAUSE OF
ACTION OR THEORY OF LIABILITY (INCLUDING NEGLIGENCE OR OTHER TORT), WHETHER OR
NOT A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. TO THE
MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY’S AGGREGATE
LIABILITY HEREUNDER FOR ANY CAUSE OF ACTION OR THEORY OF LIABILITY EXCEED THE
AMOUNTS PAID BY CUSTOMER TO CYNET HEREUNDER DURING THE PRECEDING TWELVE (12)
MONTH PERIOD PRIOR TO THE DATE THE CAUSE OF ACTION AROSE. THESE
LIMITATIONS ARE AN ESSENTIAL BASIS OF THE BARGAIN AND SHALL APPLY
NOTWITHSTANDING ANY FAILURE OF THE ESSENTIAL PURPOSE OF ANY REMEDY.
8. CONFIDENTIALITY
8.1 Definition of Confidential
Information. By virtue of this Agreement, the parties may
have access to each other’s Confidential Information. The party disclosing Confidential Information (as defined below)
hereunder is referred to herein as the “Disclosing Party”. The party receiving
such Confidential Information is referred to herein as the “Receiving Party”. “Confidential
Information,” as used in this Agreement, means any written,
machine-reproducible and/or visual materials that are clearly labeled as
proprietary, confidential, or with words of similar meaning, and all
information that is orally or visually disclosed, if not expressly designated,
if it is identified as proprietary or confidential at the time of its
disclosure or in a writing provided to the receiving party within thirty (30)
days after disclosure. Confidential Information does not include
information that: (a) is now, or hereafter becomes, through no act or failure
to act on the part of the receiving party, generally known or available to the
public; (b) was acquired by the receiving party before receiving such
information from the disclosing party and without restriction as to use or
disclosure; (c) is hereafter rightfully furnished to the receiving party by a
third party, without restriction as to use or disclosure; or (d) is information
which the receiving party can document was independently developed by the
receiving party without use of the disclosing party’s Confidential Information.
8.2
Use of Confidential Information. Neither party shall
disclose any of the other party’s Confidential Information to any third party
or use such Confidential Information for any purpose other than to (i) perform
its obligations or exercise its rights under this Agreement; or (ii) as
otherwise required by law. Each party shall use the same measures to protect
the Confidential Information of the other party as it uses with respect to its
own confidential information of like importance, but in no event shall it use
less than reasonable care, including, instructing its employees, vendors,
agents, consultants and independent contractors of the foregoing and requiring
them to be bound by appropriate confidentiality agreements. If a party is
required to disclose by law the Confidential Information of the other party, the
Disclosing Party shall provide
the other party with prompt notice of such request(s) so that it may seek an appropriate
protective order and/or waive compliance with the provisions of this Agreement.
Cynet reserves the right to disclose the terms and conditions of
this Agreement, provided the recipient agrees to maintain the confidentiality
of the information disclosed at a standard not less than required herein, (a)
to accountants, banks and financing sources and their advisors for the purpose
of securing financing; and (b) in connection with an actual or proposed merger
or acquisition or similar transaction. Upon termination or expiration of
this Agreement the receiving party will promptly return to the disclosing party
or destroy, at the disclosing party’s option, all tangible items containing or
consisting of the disclosing party’s Confidential Information, if return or
destruction is feasible. If return or destruction of the disclosing party’s
Confidential Information is not feasible, the receiving party’s obligation to
continue to maintain the confidentiality of the Confidential Information
continues for as long as the receiving party has the Confidential Information.
Notwithstanding the foregoing, the parties’ obligation to continue to maintain
the confidentiality of the Confidential Information does not terminate or
expire.
9. LIMITED WARRANTIES.
9.1 Conformance with Documentation.
Cynet warrants that the Services will substantially conform in all material
respects in accordance with the Documentation. Customer will provide
prompt written notice of any non-conformity and provide Cynet a reasonable opportunity,
not to exceed thirty (30) days, to remedy such non-conformity. Cynet may
modify the Documentation in its sole discretion, provided the functionality or
security threshold of the Services will not be materially degraded during the
Term.
9.2 Service Availability. Cynet
warrants that the Services will meet the requirements set forth in Section 3.1.
9.3 No Viruses. Cynet
warrants that the Services do not contain any computer code that is intended to
(i) disrupt, disable, harm, or otherwise impede in any manner, the
operation of Customer’s software, firmware, hardware, computer systems or
network (sometimes referred to as “viruses” or “worms”), (ii) permit
unauthorized access to Customer’s network and computer systems (sometimes
referred to as “traps”, “access codes” or “trap door” devices), or any other
similar harmful, malicious or hidden procedures, routines or mechanisms which
could cause such programs to cease functioning or to damage or corrupt data,
storage media, programs, equipment or communications, or otherwise interfere
with Customer’s operations.
9.4 Warranty Disclaimer. EXCEPT AS
PROVIDED IN THIS SECTION 9, CYNET PROVIDES THE SERVICES “AS IS” AND MAKES NO
WARRANTIES, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, WITH RESPECT TO THE SERVICES,
TRAINING, REPORTS, DOCUMENTATION, TRAINING MATERIALS OR ANY OTHER RELATED DATA,
AND SPECIFICALLY DISCLAIMS ANY WARRANTY OF AVAILABILITY, ACCURACY, RELIABILITY,
USEFULNESS, ANY IMPLIED WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, TITLE OR
FITNESS FOR A PARTICULAR PURPOSE AND ANY CONDITION OR WARRANTY ARISING FROM
COURSE OF PERFORMANCE, DEALING OR USAGE OF TRADE. SOME JURISDICTIONS DO
NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES IN CERTAIN CIRCUMSTANCES.
ACCORDINGLY, SOME OF THE LIMITATIONS SET FORTH ABOVE MAY NOT APPLY. THE FACT
THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THE TRAINING OR TRAINING
MATERIALS AS A CITATION AND/OR AS A POTENTIAL SOURCE FOR FURTHER INFORMATION
DOES NOT MEAN THAT CYNET ENDORSES THE INFORMATION SUCH ORGANIZATION OR WEBSITE
MAY PROVIDE OR THE RECOMMENDATIONS IT MAY MAKE.
10. INTELLECTUAL PROPERTY
INDEMNIFICATION
10.1 Subject to the terms
of this Section 10, Cynet shall, at its sole cost and expense, defend (or at
its sole option settle), indemnify and hold harmless Customer and the
directors, officers, employees and agents of the foregoing (“Customer Indemnitees”)
from and against any third party claim that the Services, when used in
accordance with this Agreement, infringe any United States patent, copyright or
trademark of a third party (a “Claim”).
10.2 Cynet’s obligations of
indemnification shall be subject to the following: (a) Customer shall notify
Cynet of any such Claim promptly after it obtains knowledge of such Claim, (b)
Customer shall provide Cynet with reasonable assistance, information, and
cooperation in defending the lawsuit or proceeding, at Cynet’s sole cost and
expense, (c) Customer shall give Cynet full control and sole authority over the
defense and settlement of such Claim, provided settlement fully releases the
Customer Indemnitees and is solely for monetary damages and does not admit any
liability on behalf of the Customer. Notwithstanding the following,
Customer may join in defense and settlement discussions directly or through
counsel of Customer’s choice at Customer’s own cost and expense.
10.3 Following notice of
a Claim or upon any facts which in Cynet’s sole opinion are likely to give rise
to such Claim, Cynet shall in its sole discretion and at its sole option elect
to (a) procure for Customer the right to continue to use the Services, at no
additional cost to Customer or Customer Indemnitees, (b) replace the Services
so that it becomes non-infringing but functionally equivalent, (c) modify the
Services to avoid the alleged infringement but in a manner so that it remains
functionally equivalent, or (d) terminate this Agreement and provide a refund
to Customer of all amounts prepaid by Customer to Cynet for Services that have
not yet been provided.
10.4 Notwithstanding anything
contrary contained herein, Cynet shall have no obligation to indemnify, defend
or hold harmless the Customer hereunder to the extent a Claim is caused by or
results from: (a) Customer’s combination or use of the Services with software,
services or products developed by Customer or other third parties, unless
specifically contemplated by this Agreement, (b) modification of the Services
by anyone other than Cynet or its agents without Cynet’s express approval, (c)
Customer’s continued allegedly infringing activity after being notified thereof
or after being provided modifications that would have avoided the alleged
infringement, (d) Customer’s use of the Services in a manner not contemplated
by this Agreement, the Documentation or the Training Materials, or (e)
Customer’s negligence, recklessness or intentional misconduct or its failure to
abide by all laws, rules, regulations or orders applicable to the Services.
11. GENERAL
11.1 Entire Agreement. This
Agreement constitutes the entire understanding and agreement of the parties
hereto with respect to the subject matter hereof and supersedes all prior and
contemporaneous agreements, representations and understandings between the
parties regarding the subject matter hereof, including any terms contained in any
purchase order or invoice issued by either party in connection with any
transaction covered by this Agreement are null and void. Where there is a
conflict between a Purchase Order and this Agreement, the terms contained in a Purchase
Order will take precedence relating to the matter for which there was a
conflict. All headings herein are not to be considered in the
construction or interpretation of any provision of this Agreement.
11.2 Amendment and Waiver. Any term
or provision of this Agreement may be amended in writing by both parties to
this Agreement. The observance of any term of this Agreement may be
waived only by a writing signed by both parties.
11.3 Severability. If any
provision of this Agreement is found to be invalid or unenforceable, such
provision shall be severed from the Agreement and the remainder of this
Agreement shall be interpreted so as best to reasonably affect the intent of
the parties hereto.
11.4 Independent Contractors. The
parties are independent contractors, and neither party will have the power to
bind the other or to incur obligations on the other’s behalf without such other
party’s prior written consent.
11.5 Governing Law. This
Agreement shall be governed by the laws of the State of Israel, without
reference to its conflict of laws principles. The parties consent to
exclusive jurisdiction and venue in and for Tel Aviv, Israel.
11.6 Injunctive Relief. Each
party reserves the right to seek injunctive relief due to the other party’s
actual or threatened breach of this Agreement.
11.7 Force Majeure. Neither
party shall be responsible for any non-performance or delay (except for delay
in payment) attributable in whole or in part to any cause beyond its reasonable
control (a “Force Majeure
Event”), including but not limited to acts of God, government
actions including changes in applicable law, war, civil disturbance, sabotage,
terrorist acts, failure or delay in provision of services by subcontractors or
the other party’s fault or negligence.
11.8 Assignment. Neither
party may assign this Agreement without the prior written consent of the other
party, except that either party may assign this Agreement to any successor to
substantially all of its business or assets to which this Agreement relates, upon
written notice to the other party, provided that in such case the other party
may terminate this Agreement within thirty (30) days of receipt of the notice
of assignment. This Agreement shall inure to the benefit of and be binding on
the respective successors and assigns of the parties.
11.9 Notice. Any
notice required under this Agreement shall be in writing and shall be delivered
by hand or by overnight express mail to the contact name and address set forth
on a Purchase Order, or as otherwise described in this Agreement.
11.10 Survival. The
following provisions shall survive the termination or expiration of this
Agreement: Sections 4.2, 4.3, 6, 7, 8, 9, 10 and 11.
11.11 Counterparts and Electronic Signatures. This Agreement and any Purchase Orders may be executed in one or more counterparts, each of which shall constitute one and the same instrument. For the purpose of executing this Agreement and all Purchase Orders under this Agreement, the parties hereto agree that .pdf signatures sent via email shall serve as original signatures.