Application Vulnerability Assessment Sample Clauses

Application Vulnerability Assessment. Supplier will comply with this Section 15.7 if Supplier is providing Accenture with access to or the use of any software, including software-as-a-service or cloud-based software. Supplier will perform an application security vulnerability assessment prior to any new release. The test must cover all application and/or software vulnerabilities defined by the OWASP or those listed in the SANS Top Cyber Security Risks or its successor current at the time of the test. Supplier will ensure all high-risk vulnerabilities are resolved prior to release. Supplier will provide a summary of the test results including any open remediation points upon request. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days
AutoNDA by SimpleDocs
Application Vulnerability Assessment. Jamf will perform an application security vulnerability assessment prior to any new public release. Jamf will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days of discovery.
Application Vulnerability Assessment. Contractor shall perform a non-intrusive vulnerability assessment on web applications and web services; scan the web applications and web services without credentials to identify vulnerabilities related to the OWASP top 10 vulnerabilities and SANS top 25 programming errors; scan the web applications and web services with credentials to identify vulnerabilities related to the OWASP top 10 vulnerabilities and SANS top 25 programming errors. The initial web applications and web services assessment should be a xxxx box approach with the chosen Contractor only having knowledge of the IP information, but having no other knowledge with the web application. The chosen Contractor should perform a non-intrusive vulnerability assessment to discover if access can be discovered, programming flaws, data leakage, and information that could allow an intruder to attack the web applications. The second part of the web applications and web services assessment included a provide role(s) with access to the application(s). The vulnerability assessment of the chosen Contractor will be a non-intrusive security test. A walk through of the application will be very limited and will be at a high level to allow the chosen Contractor to review the application at first glance as a discovery. The high level walk through will include all IPs and URLs only. The application(s) vulnerability assessment should address at the very minimum: • Injection • Broken Authentication and Session Management • Cross-Site Scripting (XSS) • Insecure Direct Object References • Security Misconfiguration • Sensitive Data Exposure • Missing Function Level Access • Cross-Site Request Forgery (CSRF) • Using Known Vulnerable Components • Invalidated Redirects and Forwards The cabinet shall have a copy of the application vulnerability assessment within 14 working days of its execution. The Contractor will provide a mediation plan which meets risk assignment and in agreement with the Commonwealth.
Application Vulnerability Assessment. Supplier will comply with this Section 15.7 if Supplier is providing Innotec with access to or the use of any software, including software-as-a-service or cloud-based software. Supplier will perform an application security vulnerability assessment prior to any new release. The test must cover all application and/or software vulnerabilities defined by the OWASP or those listed in the SANS Top Cyber Security Risks or its successor current at the time of the test. Supplier will ensure all high-risk vulnerabilities are resolved prior to release. Supplier will provide a summary of the test results including any open
Application Vulnerability Assessment. Provider will perform application security vulnerability assessments prior to any release and on a recurring basis. The assessments must cover all web application, mobile application, stand-alone application, embedded software, and firmware vulnerabilities defined by the Open Web Application Security Project (OWASP) or those listed in the SANS Top 25 Software Errors or its successor current at the time of the test. Provider will ensure all critical and high-risk vulnerabilities are remediated prior to release. On a recurring basis, Provider shall ensure that emergency/critical vulnerabilities are addressed urgently and as soon as practicable within fourteen (14) days; high-risk vulnerabilities are addressed within thirty (30) days; and medium-risk vulnerabilities are addressed within ninety (90) days. This applies to web application, mobile application, stand-alone application, embedded software, and firmware development as appropriate to the Agreement. In the event that Provider Services include application vulnerability management for applications owned by Accenture or its client, Provider shall document and implement an application vulnerability assessment and remediation plan that is to be approved by Accenture.
Application Vulnerability Assessment. Supplier will comply with this Clause 15.7 if Supplier is providing Accenture with access to or the use of any software, including software-as-a-service or cloud-based software. Supplier will perform an application security vulnerability assessment prior to any new release. The test must cover all application and/or software vulnerabilities defined by the OWASP or those listed in the SANS Top Cyber Security Risks or its successor current at the time of the test. Supplier will ensure all high-risk vulnerabilities are resolved prior to release. Supplier will provide a summary of the test results including any open remediation points upon request. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days. data, xxx kekayaan intelektual Accenture atau kliennya atau Supplier lain, yang dikumpulkan, disimpan, di-hosting, diproses, diterima, xxx/atau dihasilkan oleh Supplier sehubungan dengan penyediaan Hasil Kerja kepada Accenture, termasuk Data Pribadi Accenture.
Application Vulnerability Assessment. Supplier will comply with this Section
AutoNDA by SimpleDocs

Related to Application Vulnerability Assessment

  • Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.

  • Risk Assessment An assessment of any risks inherent in the work requirements and actions to mitigate these risks.

  • Data Protection Impact Assessment If, pursuant to Data Protection Law, Customer (or its Controllers) are required to perform a data protection impact assessment or prior consultation with a regulator, at Customer’s request, SAP will provide such documents as are generally available for the Cloud Service (for example, this DPA, the Agreement, audit reports or certifications). Any additional assistance shall be mutually agreed between the Parties.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!