Vulnerability Testing. The Contractor shall run quarterly vulnerability assessments and promptly report results to the State. Contractor shall remediate all critical issues within 90 days, all medium issues within 120 days and low issues within 180 days. Contractor shall obtain written State approval for any exceptions. Once remediation is complete, Contractor shall re-perform the test.
Vulnerability Testing. Copper has obtained third-party vulnerability testing of its application. Upon Customer’s written request, Copper will provide Customer with a report that summarizes the results of the vulnerability testing (a “Report”). Customer will treat Reports as Copper’s Confidential Information for purposes of the Agreement.
Vulnerability Testing. Atlassian conducts internal vulnerability testing, as described here. This includes our bug bounty program. We make the results of these internal tests publicly available and commit to making bug fixes in line with our Security Bug Fix Policy. b) Customer may, either itself or through an independent third party (who has entered into confidentiality obligations with Atlassian), perform its own vulnerability testing of its Cloud Products in accordance with the Security Test Rules. Customer may report any vulnerabilities impacting the Cloud Products to Atlassian in accordance with the procedures set forth in the Security Test Rules. c) Atlassian will use commercially reasonable efforts to address identified security vulnerabilities in our Cloud Products and our infrastructure in accordance with the Security Bug Fix Policy. The parties acknowledge that Atlassian may update the Security Bug Fix Policy from time to time in its discretion, provided such updates do not result in a material derogation of the Security Bug Fix Policy. Measures for user identification and authorisation Atlassian cloud users can authenticate using username and password, or external IdPs (incl. via XXXX, Google, Microsoft and Apple). All credentials are hosted in the application database, which is encrypted at rest. Passwords are stored using a secure hash + salt algorithm. Administrators are able to configure and enforce password complexity requirements for managed accounts via Atlassian Access: xxxxx://xxxxxxx.xxxxxxxxx.xxx/security-and-access-policies/docs/manage-your-password-policy/. Administrators are also able to enforce SSO via Atlassian Access. Measures for the protection of data during transmission See the item above titled “Measures of pseudonymisation and encryption of data“ Measures for the protection of data during storage Data Hosting Facilities Atlassian will, no less frequently than annually, request assurances (e.g., in the form of an independent third party audit report and vendor security evaluations) from its data hosting providers that store or process Customer Data that: a) such data hosting provider’s facilities are secured in an access-controlled location and protected from unauthorized access, damage, and interference; b) such data hosting provider’s facilities employ physical security appropriate to the classification of the assets and information being managed; and
Vulnerability Testing. Vendor agrees to perform vulnerability assessments at least on a quarterly basis.
Vulnerability Testing. No attempt to probe, scan, penetrate or test the vulnerability of a Crowe system or network or to breach Xxxxx’x security or authentication measures, whether by passive or intrusive techniques, may be done without Xxxxx'x express written consent.
Vulnerability Testing. Customer may not perform any kind of vulnerability testing, penetration testing, or network scans, whether by passive or intrusive techniques, to test the vulnerability of any Revvity system or Revvity’s network without Revvity’s express written consent. Reporting Violations of the Acceptable Use Policy. Revvity accepts reports of alleged violations of this AUP via email. Reports of alleged violations must be verified and must include the name and contact information of the complaining party, the IP address or website allegedly in violation, and a description of the alleged violation. Unless otherwise required by law, such as the DMCA, Revvity owes no duty to third parties reporting alleged violations. Revvity will review all verified third-party reports and will take such actions as it deems appropriate in its reasonable discretion. Revvity will comply with and respond to valid (as Revvity determines in its reasonable discretion) subpoenas, warrants, or court orders. If permitted by applicable law or regulation, Revvity may forward such subpoenas, warrants, or orders to Customer and Customer may respond; however, Revvity reserves the right to respond to any such subpoena, warrant or order if it is the named party in such subpoena, warrant, or order. Violations and Revvity’s Rights. Revvity reserves the right, but does not assume the obligation, to investigate any violation of this AUP. Revvity will act as the sole arbiter as to what constitutes a violation of this AUP. At any time after a violation has occurred, and during the time that any violation is being investigated, Revvity reserves the right to suspend, restrict, or terminate any Services at any time, including without limitation the “blackholing” or “suspension” of suspected IP addresses or hosts, without liability to Customer, in accordance with the terms of the Agreement.
Vulnerability Testing. The Contractor shall run vulnerability assessments of its software and provide security patches as part of its release schedule as part of its maintenance program test.
Vulnerability Testing. You may not attempt to probe, scan, penetrate or test the vulnerability of a Novus system or network or to breach Novus’ security or authentication measures, whether by passive or intrusive techniques, without Novus’s express written consent.
Vulnerability Testing. Company will engage a third party annually to perform manual and/or automated vulnerability testing, as appropriate, on relevant networks, systems and servers used to store and/or access Member Data.
Vulnerability Testing. CLIENT shall not attempt to probe, scan, penetrate or test the vulnerability of an SCPI system or network or to breach its security or authentication measures, whether by passive or intrusive techniques without SCPI’s prior written consent.