Penetration Testing. For Computershare systems that host or process Customer Confidential Information, Computershare shall at least annually engage at its own expense a third party service provider for penetration testing and provide Customer with an executive overview of such testing. The method of test scoring and issue ratings shall follow standard industry practice, such as the latest Common Vulnerability Scoring System (CVSS) published by the US National Institute of Standards and Technology (NIST). For any material findings (critical, priority, or high risk), Computershare shall within thirty (30) days from its receipt of penetration test results produce a remediation plan detailing the actions and dates by when these security issues shall be fully resolved. Computershare’s failure to prepare and schedule a remediation plan within sixty (60) days of the penetration test report represents sufficient grounds for Customer to terminate the Agreement for cause.
Penetration Testing. On at least an annual basis, Genesys will conduct a vulnerability assessment and penetration testing engagement with an independent qualified vendor. Issues identified during the engagement will be appropriately addressed within a reasonable time-frame commensurate with the identified risk level of the issue. Test results will be made available to Customer upon written request and will be subject to non-disclosure and confidentiality agreements.
Penetration Testing. In addition to regular internal testing HTL contracts third party security organisations, at least annually, to perform penetration testing to identify vulnerabilities and remediation steps that will help to increase the security of the HTL service.
Penetration Testing. Smartsheet uses external security experts to conduct penetration testing of certain Services, including the Subscription Service. Such testing will: (a) be performed at least annually; (b) be performed by independent third party security professionals at Smartsheet’s selection and expense; and (c) result in the generation of a penetration test report (“Pen Test Report”), which will be Smartsheet’s Confidential Information. Pen Test Reports will be made available to Customer upon written request no more than annually subject to the confidentiality obligations of the Agreement or a mutually-agreed non-disclosure agreement covering the Pen Test Report.
Penetration Testing. Sysdig, or an authorized third party on Sysdig’s behalf, conducts annual penetration testing of its SaaS Service to assess current threats and vulnerabilities. Each security concern is reviewed to determine if it is applicable, ranked based on risk, and assigned to the appropriate team for remediation.
Penetration Testing. Vendor shall test the security of its assets, systems and software used to store, process, transmit or maintain Confidential Information as frequently as necessary to confirm that system integrity and security are consistent with current leading industry accepted standards and practices. Vendor is responsible for and shall conduct penetration testing of its own products, assets, systems and software to identify and remediate vulnerabilities in its own environment and to communicate identified vulnerabilities and remediation steps to Customer based on current leading industry accepted penetration testing approaches. Vendor shall provide Customer with Vendor’s penetration test results as it relates to assets, systems and software used to store, process, transmit or maintain Confidential Information, including all relevant details regarding each vulnerability identified.
Penetration Testing. At least annually, Microsoft will conduct third party penetration testing against the Online Services, including evidence of data isolation among tenants in the multi-tenant Online Services. Upon request, Microsoft will provide Members with a summary report of the results of such penetration testing.
Penetration Testing. At least ***, Acxiom will engage *** a third party security services provider to perform perimeter vulnerability and penetration testing of Acxiom’s external systems and databases. Acxiom will provide to D&B the “Statement of Opinion” issued to Acxiom by such third party provider following each such vulnerability and/or penetration test series, which shall be provided to D&B promptly upon its receipt by Acxiom. Additionally, Acxiom will itself perform regular vulnerability testing on external and internal devices connected to the Acxiom network supporting D&B. At least once each calendar quarter, or more frequently as D&B may reasonably request, the parties will include in the agenda for the meetings described in Section 11.2(b)(iii) above: (a) discussion of testing methodologies used by Acxiom, (b) identification of any requirements to modify such testing methodologies, in order to meet industry standards for testing, along with associated timeline(s) for inclusion of such modifications into the testing, and (c) a summary of the most current *** vulnerability scanning results, including but not limited to discussing scan results for portions of Acxiom systems that are dedicated to supporting only D&B. ***
Penetration Testing. You acknowledge that penetration testing services are intended to probe and exploit system weaknesses which can cause damage to vulnerable systems. You agree that Palo Alto Networks shall not be liable for any resulting damage and You are advised to fully back up systems and data and take other measures it deems appropriate given the volatile nature of penetration testing.
Penetration Testing. (a) During the Term, Expedia, its Affiliates or a third-party auditor appointed by Expedia or any of its Affiliates may carry out penetration testing of any environment that is part of Decolar’s information technology systems, including associated data, interfaces, databases, middleware, operating systems, network and storage infrastructure, peripherals, as well as third party software (whether packaged or not), and hardware required to operate the foregoing to identify and analyze any potential security vulnerabilities, flaw or operational weaknesses and review Decolar’s information security, data protection, disaster recovery, business continuity and confidentiality policies, procedures and safeguards, provided that it coordinates the conduct of such testing with Decolar and uses reasonable efforts to minimize the disruption to Decolar as a result of such testing. Expedia shall be permitted to conduct four (4) penetration tests in any rolling twelve (12)-month period.