VALUE-ADDED DISTRIBUTOR AGREEMENT
This Value-Added Distributor Agreement (this "Agreement"), effective as
of October 1, 1999, is made between Infrastructure Defense, Inc. ("iDEFENSE"), a
Delaware corporation and HomeCom Communications, Inc.
("HomeCom"), a Delaware corporation.
RECITALS
A. Pursuant to the terms of the Asset Purchase Agreement dated of even date
herewith by and between iDEFENSE and HomeCom, HomeCom will sell to iDEFENSE all
of the business and assets of HomeCom's internet security division (the
"Division").
B. After closing of this sale, iDEFENSE will be in the business of providing
risk management consulting services with respect to security of electronic
systems and networks.
C. HomeCom wishes to have certain rights to market and distribute iDEFENSE's
consulting services to HomeCom's core financial services customers and to engage
iDEFENSE as its exclusive subcontractor and provider of such consulting
services.
AGREEMENT
NOW THEREFORE in consideration of the mutual promises, covenants and
obligations contained herein, the receipt and sufficiency of which are hereby
acknowledged, the parties agree as follows:
1. DEFINITIONS.
1.1 "COMPETING SERVICES" means any software or services which
compete with the Services or Materials and other services offered or under
active development by iDEFENSE, including but not limited to any products,
reports and consulting and other services relating to electronic infrastructure
or internet security, the protection of electronic infrastructures from
strategic and other threats and vulnerabilities, threat analysis and reduction,
asset protection, provision of single and multi-industry cyberthreat
intelligence, enterprise risk assessment, security policy consulting, monitoring
and management services, certification services designed to establish a common
global language to assess intercompany cyberthreats and vulnerabilities across
the world, risk management consulting, intelligence gathering and the provision
of infrastructure solutions addressing cyberthreats and related risks.
1.2 "END USER" means a customer of iDEFENSE who uses
iDEFENSE's consulting services as a result of HomeCom's referral and marketing
efforts.
1.3 "INTELLECTUAL PROPERTY RIGHTS" means patent rights,
copyright rights (including, but not limited to, rights in audiovisual works and
moral rights), trademarks, service marks, trade secret rights, and any other
intellectual property rights.
1.4 "MARKS" shall mean all trademarks, service marks, trade
names, logos or other identifying information of iDEFENSE.
1.5 "MATERIALS" means any iAlert Reports, other reports,
analyses, recommendations, audits, software or other materials provided to the
End User by iDEFENSE in connection with the Services.
1.6 "SERVICES" means the risk management consulting, software
implementation and other services provided by iDEFENSE relating to electronic
infrastructure or internet security, the protection of electronic
infrastructures from strategic and other threats and vulnerabilities, threat
analysis and reduction, asset protection, provision of single and multi-industry
cyberthreat intelligence, enterprise risk assessment, security policy
consulting, monitoring and management services, certification services designed
to establish a common global language to assess intercompany cyberthreats and
vulnerabilities across the world, risk management consulting, intelligence
gathering and the provision of infrastructure solutions addressing cyberthreats
and related risks.
1.7 All other capitalized terms will have the meaning
given in the text of this Agreement.
2. LICENSES.
2.1 AUTHORIZATION OF DISTRIBUTOR. Subject to the terms of this
Agreement, iDEFENSE appoints HomeCom as a distributor of iDEFENSE's Services and
Materials to End Users during the term of this Agreement. HomeCom's rights in
the Services and Materials will be limited to those expressly granted in this
Agreement.
2.2 PREFERRED PROVIDER OF THE SERVICES AND MATERIALS. iDEFENSE
shall be HomeCom's preferred provider of the Services and Materials. If any
HomeCom End User or other client is interested in services or reports like the
Services or Materials offered by iDEFENSE, HomeCom will first offer iDEFENSE the
opportunity to explore and provide a proposal to HomeCom's End User or other
client. If iDEFENSE fails to respond to the opportunity or provide a statement
of work proposal within three (3) business days of receipt of HomeCom's notice
of the opportunity or any later deadline specified by HomeCom, then HomeCom may
engage another provider to provide Competing Services to that End User or
client. iDEFENSE's failure to attend the first meeting with the potential End
User to discuss the risk management consulting services after receiving
reasonable notice of this meeting will also be deemed to permit HomeCom to
retain another provider of Competing Services. HomeCom will not enter into any
reseller, distribution or other agreement to engage regularly any other provider
of Competing Services. iDEFENSE reserves the right to provide its Services and
Materials directly to end users or through other value-added distributors,
resellers or distribution channels. HomeCom may also engage another provider of
Competing Services if the End User has specifically requested that such other
provider be engaged. HomeCom shall not recommend or otherwise encourage its End
Users to specify a provider other than iDEFENSE.
3. END USER AGREEMENT. The Services or Materials will be provided to an
End User pursuant to End User agreement(s) either (i) between the End User and
iDEFENSE or (ii) between the End User and HomeCom, which agreement has been
reviewed and approved by iDEFENSE. If after a reasonable amount of time HomeCom
or the End User and iDEFENSE determine in good faith that they will be unable to
agree on the terms on the End User agreement under which iDEFENSE will perform
the Services, HomeCom may engage another provider of Competing Services to
service that End User without violating the provisions of Section 2.2.
2
4. PAYMENTS.
4.1 FEES. iDEFENSE will price its Services and Materials
offered to End Users based on the Service and price schedules set forth as
Exhibit B. iDEFENSE may amend and modify Exhibit B at its discretion from time
to time upon thirty (30) days' notice to HomeCom.
4.2 DISCOUNT/COMMISSION. All fees payable by the End Users for
the Services and Materials will be payable directly to iDEFENSE. iDEFENSE will
pay HomeCom a discount/commission on such fees based on the schedules set forth
in Exhibit A. No discount/commission is payable to HomeCom on amounts payable by
End Users to reimburse iDEFENSE for out-of-pocket and other expenses and taxes
incurred in providing the Services and Materials. The discount/commissions are
calculated based on all consulting and other fees payable by the End User for
iDEFENSE's Services and Materials less discounts, rebates, returns and other
deductions and excluding all reimbursements for expenses and taxes.
4.2 TAXES. All amounts payable under this Agreement are
exclusive of all sales, use, value-added, excise, customs duties, assessments
and other taxes and duties. HomeCom or its End User will pay all taxes and
duties assessed in connection with this Agreement and its performance, except
for taxes payable on iDEFENSE's net income. HomeCom will promptly reimburse
iDEFENSE for any and all taxes or duties (other than taxes on iDEFENSE's net
income) that iDEFENSE may be required to pay in connection with this Agreement
or its performance.
5. MARKETING, PRE-SALES AND SALES RESPONSIBILITIES.
5.1 PRE-SALES AND SALES ASSISTANCE. HomeCom will be
responsible for making initial marketing contacts, arranging meetings,
presenting proposals, identifying services needed by potential End Users and
otherwise handling preliminary sales efforts. At such time as the potential End
User expresses interest in engaging HomeCom to provide risk management
consulting services, HomeCom will notify iDEFENSE and will provide iDEFENSE with
a job quote based on information from the End User regarding the scope of the
proposed work, systems covered and other information necessary for iDEFENSE to
estimate the price and other terms for the work. Upon notice of any opportunity
pursuant to Section 2.2, iDEFENSE will promptly appoint a security consultant to
attend the first meeting (by phone or in person) with the potential End User and
to lead iDEFENSE's efforts to close the sale and provide the Services and
Materials. iDEFENSE will use all reasonable efforts to participate in any
further discussions, negotiations, presentations, meetings, conferences or other
interactions with the End User regarding the risk management consulting
services, provided that HomeCom provides reasonable notice of such interactions.
HomeCom will obtain iDEFENSE's prior approval of any written (whether hard copy
or electronic) proposals or other documents regarding the risk management
consulting services to be provided by iDEFENSE before such documents are
provided to the End User. iDEFENSE shall also have the right to prepare the
statement of work, requirements documents and other materials that will describe
the scope and nature of the Services and Materials to be provided by iDEFENSE.
iDEFENSE will not be obligated to provide any Services or Materials if it has
not approved and consented to such engagement and the fees and payment
arrangements therefor in advance.
5.2 HOMECOM'S MARKETING EFFORTS. HomeCom will actively and
consistently market, distribute, and obtain End Users for the Services. In the
first twelve months of this Agreement, HomeCom will enter into End User
agreements which result in iDEFENSE
3
receiving aggregate consulting fees (less discounts, rebates, returns and other
deductions and not including expense reimbursements and taxes owed) of $50,000.
At least thirty (30) days prior to the completion of each successive twelve
month period, HomeCom and iDEFENSE will agree to marketing and sales goals for
the following twelve month period. HomeCom agrees to (i) conduct business in a
professional manner that reflects favorably on the services, products, goodwill
and reputation of iDEFENSE; (ii) avoid deceptive, misleading or unethical
practices which are or might be detrimental to iDEFENSE; (iii) refrain from
making any false or misleading representations about iDEFENSE or the Services
and Materials, including any representations, warranties or guarantees with
respect to the specifications, features or capabilities of the Services and
Materials that are inconsistent with the literature distributed by iDEFENSE,
(iv) retain all End User-related records for three (3) years after the date of
distribution of any Services or Materials, and assist iDEFENSE, upon request, in
maintaining contacts with the End User in order to distribute Service
information, sell or license other iDEFENSE products or services, discover
unauthorized marketing or infringing acts, or any other reasonable business
purposes of iDEFENSE; and (v) promptly report to iDEFENSE, in writing, all
suspected and actual problems with the Services and Materials of which it
becomes aware.
5.3 STANDARD MARKETING MATERIALS. iDEFENSE will make available
to HomeCom standard technical materials, brochures, service and report
descriptions, and other sales collateral for its Services as such materials
become generally available. If any sales collateral, advertisements or other
promotional or marketing material used by HomeCom makes any statement as to the
specifications, features, nature or capabilities of the Services or Materials
beyond the information provided to HomeCom by iDEFENSE, HomeCom will first
obtain the written approval of iDEFENSE prior to publishing such advertisement
or material. iDEFENSE will provide training to HomeCom and its sales personnel
and contractors as reasonably requested by HomeCom to enable such personnel to
more effectively market the Services and Materials.
5.4 COSTS RELATED TO PRE-SALES AND SALES ACTIVITY. Unless
otherwise agreed to by the parties, each of iDEFENSE and HomeCom will be
responsible for its own costs incurred in pre-sales, marketing and sales
activity related to the Services and Materials.
6. CONFIDENTIALITY.
6.1 OBLIGATIONS. During the term of this Agreement and from
three years after termination hereof, each party agrees that (i) that it will
not disclose to any third party or use any Proprietary Information (as defined
in Section 6.2) of the other party except for the purposes of fulfilling its
obligations hereunder and as expressly permitted in this Agreement; (ii) it will
take all reasonable measures to maintain the confidentiality of all Proprietary
Information in its possession or control, which will in no event be less than
the measures it uses to maintain the confidentiality of its own information of
similar importance; (iii) it will not disassemble, decompile, or reverse
engineer any software provided to it from time to time by the other party, (iv)
it will not copy or otherwise reproduce any Proprietary Information, in whole or
in part, except for the purposes permitted under clause (i) above without the
disclosing party's authorization; (v) it will disclose the Proprietary
Information to those employees, representatives and agents with a need to know
who have agreed to comply with these confidentiality obligations; and (vi) it
will assist the disclosing party in identifying and preventing any unauthorized
use or disclosure of Proprietary Information, including but not limited to
advising the disclosing party immediately of the circumstances surrounding the
unauthorized use of the Proprietary Information by any person or entity, and
cooperating with the disclosing party in seeking injunctive or other equitable
relief against any such person or entity.
4
6.2 DEFINITION OF PROPRIETARY INFORMATION. "Proprietary
Information" shall mean this Agreement and all information a party discloses to
the other which has been either (i) characterized in writing as confidential at
the time of its disclosure or (ii) orally characterized as confidential at the
time of disclosure, except for information which the receiving party can
demonstrate: (a) is previously rightfully known to the receiving party without
restriction on disclosure; (b) is or becomes, from no act or failure to act on
the part of the receiving party, generally known in the relevant industry or
public domain; (c) is disclosed to the receiving party by a third party as a
matter of right and without restriction on disclosure; (d) is independently
developed by the receiving party without access to the Proprietary Information
of the disclosing party or without access to confidential or proprietary
information of the Division prior to its sale to iDEFENSE.
6.3 EFFECT OF LEGAL COMPULSION TO DISCLOSE. If a receiving
party is legally compelled to disclose any of the disclosing party's Proprietary
Information, then, prior to such disclosure, the receiving party will notify the
disclosing party of the legal compulsion in order to permit the disclosing party
to seek relief from such disclosure and/or use of the Proprietary Information.
If the receiving party remains legally compelled, the receiving party shall
disclose the Proprietary Information only to the extent necessary to comply with
the applicable legal requirements.
6.4 INJUNCTIVE RELIEF. The receiving party acknowledges that
the Proprietary Information is valuable and its disclosure would cause
substantial harm to the disclosing party that could not be remedied by the
payment of damages alone. Accordingly, the disclosing party will be entitled to
preliminary and permanent injunctive relief and other equitable relief for any
actual or threatened breach of this Section 6, without being required to post
bond or prove that monetary damages are inadequate.
7. PROPRIETARY RIGHTS.
7.1 IDEFENSE'S OWNERSHIP. The Services, Materials and all
business requirements, statements of work, functional and technical
specifications, marketing proposals and other materials developed by iDEFENSE in
connection with providing the Services or Materials to an End User will remain
the sole and exclusive property of iDEFENSE unless otherwise set forth in the
applicable End User Agreement. iDEFENSE's rights under this Section 7.1 will
include, but not be limited to: (i) all copies of the Materials, in whole and in
part; (ii) all Intellectual Property Rights in the Services and Materials; and
(iii) all modifications to, and derivative works based upon, the Services or
Materials. HomeCom will not delete or in any manner alter the Intellectual
Property Rights notices of iDEFENSE and its suppliers, if any, appearing on any
Materials delivered to HomeCom. As a condition of the license rights granted to
HomeCom in this Agreement, HomeCom will reproduce and display such notices on
each copy it makes of any Materials.
7.2 HOMECOM'S DUTIES. HomeCom will use its reasonable efforts
to protect iDEFENSE's Intellectual Property Rights in the Services and Materials
and will report promptly to iDEFENSE any infringement of such rights of which
HomeCom becomes aware. iDEFENSE reserves the sole and exclusive right at its
discretion to assert claims against third parties for infringement or
misappropriation of its Intellectual Property Rights.
7.3 TRADEMARKS. Subject to the terms and conditions of this
Agreement and during the term hereof, iDEFENSE grants HomeCom a non-exclusive,
non-transferable, limited license for the term of this Agreement to use the
Marks in HomeCom's marketing of the Services and Materials, provided that such
use is in accordance with iDEFENSE's trademark usage
5
guidelines then in effect. Such use must reference the Marks as being owned by
iDEFENSE. Nothing in this Agreement grants HomeCom ownership or any rights in or
to use the Marks, except in accordance with this license. iDEFENSE will have the
exclusive right to own, use, hold, apply for registration for, and register the
Marks during the term of, and after the expiration or termination of, this
Agreement; HomeCom will neither take nor authorize any activity inconsistent
with such exclusive right.
8. IDEFENSE'S STANDARD DISCLAIMERS, LIMITATIONS OF LIABILITY AND
INDEMNITY. HomeCom acknowledges that iDEFENSE's standard disclaimers,
limitations of liability and indemnity provisions are as set forth below and
will inform its End Users of such standard provisions and use its best efforts
to include such provisions in any End User agreement between HomeCom and
iDEFENSE to provide Services or Materials for a particular End User or in any
agreement between iDEFENSE and the End User.
STANDARD DISCLAIMER OF WARRANTIES. All Services and Materials provided
by iDEFENSE under this Agreement are provided on an "as is" basis
without warranty of any kind, either express or implied, including but
not limited to any warranties of title or non-infringement or the
implied warranties or merchantability and fitness for a particular
purpose. In particular, iDEFENSE makes no representations or warranties
(i) concerning the accuracy, completeness, or reliability of any
Services, Materials or other information provided under this Agreement,
or (ii) that the content of the Services, Materials or other
information are appropriate, authorized, or lawful in all countries,
states, or other jurisdictions; or (iii) that the Services and/or
Materials provided will avert, detect or prevent security breaches,
losses, intrusions or other occurrences and/or the consequences
therefrom that the Services and/or Materials are designed or intended
to avert, detect or prevent or (iv) that any electronic files or
transmissions provided by iDEFENSE will be free from errors, viruses or
other harmful elements; or (v) concerning the results which will be
obtained from the use of the Services, Materials or other information.
LIMITATIONS OF LIABILITY.
TOTAL LIABILITY. iDEFENSE's aggregate liability under this Agreement,
whether for negligence, breach of contract, misrepresentation or
otherwise, shall in respect of a single occurrence or a series of
occurrences in no circumstances exceed the fees paid for the particular
Services or Materials provided by iDEFENSE that gave rise to the
liability. End User agrees that (i) the limitations contained in this
Section are reasonable given, among other things, the fees paid to
iDEFENSE for the Services and Materials, and (ii) these limitations
reflect a reasonable allocation of risk between iDEFENSE and End User.
EXCLUSION OF DAMAGES. In no event will iDEFENSE be liable for any
special, incidental, or consequential damages, whether based on breach
of contract, tort (including negligence), product liability, or
otherwise, and whether or not iDEFENSE has been advised of the
possibility of such damage.
SOLE AND EXCLUSIVE REMEDY. End User's exclusive remedies with respect
to any and all liabilities, losses, costs or damages resulting from any
cause whatsoever, including but not limited to iDEFENSE's breach of
contract or negligence, shall be to receive an amount equal to the
actual damages suffered by End User directly caused by iDEFENSE
(subject to the maximum limitation set forth above) and to require
iDEFENSE to re-perform the Services.
6
LIABILITY FOR LOST DATA. iDEFENSE shall not be responsible for the
repair of damage to or the replacement or restoration of, any software
or data files resulting from accident, transportation, neglect or
misuse; intentional acts by persons or entities other than iDEFENSE,
failure of electrical power, air conditioning or humidity control, or
other causes beyond its control. End User shall be responsible for
regularly backing up all software and data on their systems and
network. If any act or omission of iDEFENSE directly causes any loss or
damage to End User's software or data, iDEFENSE's sole obligation and
End User's sole remedy shall be iDEFENSE's provision of reasonable
assistance to restore the lost software and data from the most recent
backup copy maintained by End User. iDEFENSE shall have no obligation
with respect to lost software or data under any other circumstances or
to recover, restore or re-enter any other software, data, information
or records.
FAILURE OF ESSENTIAL PURPOSE. The parties have agreed that the
limitations specified in this Section will survive and apply even if
any limited remedy specified in this Agreement is found to have failed
of its essential purpose.
9. INDEMNITIES.
9.1 GENERAL INDEMNITY FROM HOMECOM. HomeCom agrees to defend,
indemnify and hold harmless iDEFENSE against any third party claims against
iDEFENSE for loss, damage, liability, suits, proceedings or expense (including
but not limited to attorneys' fees and other costs of investigation or defense)
arising out of any breach of this Agreement, misrepresentation, fraud, gross
negligence or willful misconduct by HomeCom or its employees, agents or
representatives.
9.2 GENERAL INDEMNITY FROM IDEFENSE. iDEFENSE agrees to
defend, indemnify and hold harmless HomeCom against any third party claims
against HomeCom for loss, damage, liability, suits, proceedings or expense
(including but not limited to attorneys' fees and other costs of investigation
or defense) arising out of any breach of this Agreement, misrepresentation,
fraud, gross negligence or willful misconduct by iDEFENSE or its employees,
agents or representatives.
9.3 INFRINGEMENT INDEMNITY. iDEFENSE agrees to defend,
indemnify and hold harmless HomeCom against any third party claims against
HomeCom for loss, damage, liability, suits, proceedings or expense (including
but not limited to attorneys' fees and other costs of investigation or defense)
to the extent the third party claim alleges that the use of the Services or
Materials by HomeCom infringes any U.S. copyright or any U.S. patent issued as
of the date of this Agreement. iDEFENSE will have no obligation under this
Section as to any action, proceeding, or claim unless: (i) iDEFENSE is notified
of it promptly; (ii) iDEFENSE has sole control of its defense and settlement;
and (iii HomeCom provides iDEFENSE with reasonable assistance in its defense and
settlement. iDEFENSE will have no obligations under this Section 10.2 with
respect to infringement or misappropriation arising from (i) modifications to
the Services or Materials that were not authorized by iDEFENSE, (ii) the use of
the Services or Materials in combination with products, systems, software or
materials not contemplated by iDEFENSE when it provided the Services or
Materials or (iii) furnishing to HomeCom of any information, service, or
applications assistance requested by HomeCom which results in a HomeCom-specific
product or application.
10. TERM AND TERMINATION.
7
10.1 TERM. The term of this Agreement will begin as of October
1, 1999 and will continue for a period of three years unless it is terminated
earlier in accordance with the provisions hereof. This Agreement shall
automatically renew for additional one-year terms unless either party notifies
the other of its desire not to renew at least 30 days prior to the end of the
current term.
10.2 EVENTS OF TERMINATION. Either party will have the right
to terminate this Agreement if: (i) the other party breaches any material term
or condition of this Agreement, and fails to cure such breach within 30 days
after written notice; (ii) the other party becomes the subject of a voluntary
petition in bankruptcy or any voluntary proceeding relating to insolvency,
receivership, liquidation, or composition for the benefit of creditors; or (iii)
the other party becomes the subject of an involuntary petition in bankruptcy or
any involuntary proceeding relating to insolvency, receivership, liquidation, or
composition for the benefit of creditors, if such petition or proceeding is not
dismissed within 60 days of filing. If a change in control of HomeCom occurs
through a merger, such successor to HomeCom by merger shall have the option of
terminating this Agreement on thirty (30) days notice. HomeCom will provide
iDEFENSE with timely notice of any such merger transaction.
10.3 EFFECT OF TERMINATION. Upon termination or expiration of
this Agreement, iDEFENSE will pay HomeCom any discounts/commissions due and
payable for specific work performed prior to the date of termination and HomeCom
will immediately return to iDEFENSE or (at iDEFENSE's request) destroy all
copies of Proprietary Information in its possession or control and will
discontinue all advertising, reference to the Services and Materials or use of
iDEFENSE's Marks and an officer of HomeCom will certify to iDEFENSE in writing
that HomeCom has done so. Provided that HomeCom otherwise complies with the
Non-Solicitation And Non-Compete Agreement between the parties, after any
termination of this Agreement, HomeCom may engage other providers to provide
Competing Services to its End Users.
10.4 SURVIVAL. The rights and obligations of the parties
contained in Sections 5.4, 6, 7, 10.4, 12, and 14.2 and any other provision
which by its nature should survive will survive the termination or expiration of
this Agreement.
11 COMPLIANCE WITH LAW.
11.1 GENERAL. HomeCom shall obtain all licenses, permits and
approvals required by any government and shall comply with all applicable laws,
rules, policies and procedures and other laws and regulations, of any
governmental authority where the Services and Materials are to be distributed,
used or deployed.
11.2 EXPORT CONTROLS. This Agreement is subject to and
conditioned upon compliance with applicable export control laws and applicable
regulations thereunder. HomeCom agrees to comply fully with any such export laws
and to provide iDEFENSE with such documentation, assurances and access to
records as may be required to obtain licenses under any such laws.
12. DISPUTE RESOLUTION.
12.1 ESCALATION PROCEDURE. iDEFENSE and HomeCom hereby agree
that they will use all reasonable efforts to resolve any disputes arising out of
this Agreement in a co-operative and expeditious manner. If the primary point of
contact for iDEFENSE and HomeCom are unable to resolve a dispute, each party
will designate a more senior representative within its
8
organization and such representative shall have authority to negotiate and
resolve the dispute with the other parties designated representatives. If these
designated representatives are unable to resolve the dispute within 30 days of
its referral, the dispute may be referred to arbitration in accordance with
Section 14.2.
12.2 ARBITRATION. If the escalation process described in
Section 14.1 fails to resolve the dispute, then such dispute shall be referred
to binding arbitration under the Commercial Arbitration Rules of the American
Arbitration Association (the "Rules") by any party hereto in a location mutually
agreed by the parties to be held before arbitrator selected in accordance with
the Rules. The provisions of this Agreement shall control if they conflict with
the Rules. United States federal law shall govern the arbitrability of all
claims. Notwithstanding the failure of any party to participate in the
arbitration proceedings, the arbitrator may proceed to make an award and the
costs of the arbitration shall be borne equally by all parties to the
arbitration. The parties acknowledge and agree that the award of the arbitrator
shall be the exclusive remedy of the parties and shall be enforceable in a court
of competent jurisdiction. Notwithstanding the foregoing, the parties shall be
entitled to seek injunctive relief or other equitable remedies from any court of
competent jurisdiction.
13. FORCE MAJEURE. Neither party will be responsible for any failure to
perform due to causes beyond its reasonable control (each a "FORCE MAJEURE"),
including, but not limited to, acts of God, war, riot, embargoes, acts of civil
or military authorities, denial of or delays in processing of export license
applications, failure of a common carrier, delays or failures of access
involving the Internet, World Wide Web or similar services including network
traffic and configuration problems therewith fire, floods, earthquakes,
accidents, strikes, or fuel crises or the acts or omissions of the other party
or any End User, provided that such party gives prompt written notice thereof to
the other party. The time for performance will be extended for a period equal to
the duration of the Force Majeure. As soon as Force Majeure has ceased in its
effect, the parties shall start to continue complying with their affected
obligations.
14. GENERAL.
14.1 ASSIGNMENT AND SUBLICENSING. Subject to the right of
HomeCom's successor by merger to terminate this Agreement under Section 10.2,
this Agreement will bind and inure to the benefit of each party's permitted
successors and assigns. HomeCom may not assign or sublicense this Agreement, in
whole or in part, without iDEFENSE's written consent. Any attempt to assign or
sublicense this Agreement without such consent will be null and void.
14.2 GOVERNING LAW. This Agreement shall be governed by and
construed in accordance with the domestic laws of the State of Delaware, without
giving effect to any choice of law or conflict of law provision or rule (whether
of the State of Delaware or any other jurisdiction) that would cause the
application of the laws of any other jurisdiction other than the State of
Delaware. If either party employs attorneys to enforce any rights arising out of
or relating to this Agreement, the prevailing party shall be entitled to recover
reasonable attorney's fees.
14.3 SEVERABILITY. HomeCom and iDEFENSE agree and acknowledge
that the provisions of this Agreement shall be devisable and separate, so that,
if any provision or provisions of this Agreement are held to be unreasonable,
unlawful, or unenforceable, such holdings shall not impair or render invalid the
remaining provisions of this Agreement. If any provision hereof is held to be
too broad or unreasonable in duration, scope or character of restriction to be
enforced, such provisions shall be modified to the extent necessary so that any
provision or portion hereof shall be legally enforceable to the fullest extent
permitted by law, and the parties hereto expressly authorize any court of
competent jurisdiction to enforce any such provision or portion hereof so that
any and
9
all provisions or portions hereof shall be enforced by such court to the fullest
extent permitted by law.
14.4 NOTICES. All notices and other communications required or
permitted to be given in respect of this Agreement shall be sent by personal
delivery, nationally recognized overnight courier, facsimile or certified or
registered mail, to the parties at the addresses set forth on the signature
pages, or, in each case, at such other address or addresses as any party shall
hereafter specify by written notice to the others. All such notices, requests
and other communications will (i) if delivered personally to the address as
provided in this Section, be deemed given upon delivery, (ii) if delivered by
facsimile transmission to the facsimile number as provided for in this Section,
be deemed given upon receipt, (iii) if delivered by mail in the manner described
above to the address as provided in this Section, be deemed given on the earlier
of the fourth business day following mailing or upon receipt and (iv) if
delivered by overnight courier to the address as provided for in this Section,
be deemed given on the earlier of the first business day following the date sent
by such overnight courier or upon receipt.
14.5 INDEPENDENT CONTRACTORS. The parties to this Agreement
are independent contractors. There is no relationship of partnership, joint
venture, employment, franchise, or agency between the parties. Neither party
will have the power to bind the other or incur obligations on the other's behalf
without the other's prior written consent.
14.6 ENTIRE AGREEMENT. This Agreement and its exhibits and
the other agreements which are contemplated herein are the complete and
exclusive agreement between the parties with respect to the subject matter
hereof and supersede and replace any and all prior agreements, communications,
and understandings (both written and oral) regarding HomeCom's distribution of
the Services and Materials and the other subject matter hereof. This Agreement
may only be modified, or any rights under it waived, by a written document
executed by both parties, except that iDEFENSE may modify Exhibit B in its
discretion from time to time in accordance with Section 4.1. The terms and
conditions of this Agreement supersede those contained on any order form or
other document issued by HomeCom requesting delivery of the Services or
Materials.
14.7 REMEDIES. All rights and remedies conferred under this
Agreement or by any other instrument or law shall be cumulative and may be
exercised singularly or concurrently.
14.8 NONWAIVER. Failure by either party to enforce any term or
condition of this Agreement shall not be deemed a waiver of further enforcement
of that or any other term or condition.
14.9 AUTHORITY. Each party represents to the other that it has
due and proper authority to make and perform all duties and obligations set
forth and envisioned by this Agreement.
14.10 COUNTERPARTS. This Agreement may be executed in any
number of counterparts, each of which shall be deemed an original, but all of
which together shall constitute one and the same instrument.
10
The parties have caused this Agreement to be executed by their
duly-authorized representatives as of the 1st day of October, 1999.
INFRASTRUCTURE DEFENSE, INC. HOMECOM COMMUNICATIONS, INC.
By: By:
-------------------------------------------------- -------------------------------------------------
Name: Name:
----------------------------------------------- -----------------------------------------------
Title: Title:
---------------------------------------------- ----------------------------------------------
Date: Date:
----------------------------------------------- ----------------------------------------------
Address: Address:
-------------------------------------------- --------------------------------------------
Facsimile: Facsimile:
------------------------------------------ ------------------------------------------
11
EXHIBIT A
FEES
CUMULATIVE FEES PAYABLE BY END USERS FOR IDEFENSE'S
COMMISSION SERVICES AND MATERIALS DURING EACH TWELVE MONTH TERM
PERCENTAGE % ($X)
-------------------------------------------------------------------------------------
17.5% x LESS THAN $500,000
-------------------------------------------------------------------------------------
20% $500,001 LESS THAN OR EQUAL TO x LESS THAN OR EQUAL TO $999,999
-------------------------------------------------------------------------------------
25% x LESS THAN $1,000,000
At the beginning of each twelve-month term of this Agreement,
discounts/commissions will be paid at the rate of 17.5% on fees actually
received by iDEFENSE from End Users for the Services and Materials. Once fees
from End Users for iDEFENSE's Services and Materials reach a cumulative total of
$500,000 during that twelve month period, iDEFENSE will begin paying HomeCom
discounts/commissions at the rate of 20%. Once fees from End Users for
iDEFENSE's Services and Materials exceed a cumulative total of $1,000,000 during
that twelve month period, iDEFENSE will begin paying HomeCom
discounts/commissions at the rate of 25%. At the beginning of the next
twelve-month term, the discount/commission rate will be reset at 17.5% until the
cumulative total fees from End Users exceed $500,000 at which time the 20% rate
will apply until the fees then again exceed $1,000,000.
Within thirty (30) days after the end of each calendar quarter, iDEFENSE will
pay the discounts/commissions due to HomeCom based on fees (less discounts,
rebates, returns and other deductions and excluding all reimbursements for
expenses and taxes) actually received by iDEFENSE from HomeCom's End Users for
the Services and Materials during the preceding calendar quarter.
EXHIBIT B
SERVICES DESCRIPTIONS AND RELATED CHARGES
DESCRIPTION AND PRICING OF IALERT ENTERPRISE SERVICE
ENTERPRISE Reports
Daily iALERT Enterprise Reports provide government agencies and companies with
tailored daily monitoring and analysis of threats, vulnerabilities, and
incidents compiled from numerous sources to help protect your critical
electronic information, communications networks, and operational capabilities.
Reports are provided on each weekday, excluding federal holidays. Included in
the base price of $100K are 10 user seats and two hours of calls time with an
iDEFENSE analyst per month.
-------------------------- --------------------------------------------------------------------------------------
iALERT's Enterprise Service
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
a. Timeliness Daily
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
MONITORING - Indicator Matrix
&ANALYSIS - Overview and Analysis of Sector and Enterprise Status
- Sector Vulnerability Reports (based on Sector Critical Dependencies)
- Enterprise-specific threat and vulnerability reporting
- Incidents Reporting & Analysis
- Open Sources
- Special Sources
- Sources
- Specific Client Intelligence
- Relevant security, industry and sector news
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
DELIVERY Secure, subscriber-only Web site
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
PRICING $100,000 per year including 10 user seats and 2 hours of call time with an analyst
per month
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
ADDITIONAL USERS 1-25 = $1000 per seat
26-50 = $750 per seat
51-100 = $500 per seat
> 100 = $250 per seat
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
ADDITIONAL ANALYST CALLS
$300 an hour, in 15 minute increments
-------------------------- --------------------------------------------------------------------------------------
EXHIBIT B (continued)
SERVICES DESCRIPTIONS AND RELATED CHARGES
DESCRIPTION AND PRICING OF IALERT SECTOR SERVICE
SECTOR Reports
iDEFENSE's iALERT Sector Reports are daily reports summarizing cyberthreats,
vulnerabilities, and incidents at the sector level for the Financial Services;
Energy; Communications and Information Technology; Transportation; Health Care;
Manufacturing, Processing, and Distribution; and Government sectors. iALERT
Sector Reports cover such timely events as hacker and terrorist activity focused
at the sector as well as information technology infrastructure vulnerabilities.
Reports are provided daily for a base price of $50K PER SECTOR AND INCLUDE 10
user seats.
SECTORS INCLUDE:
FINANCIAL SERVICES. DEFINITION: INCLUDES BANKS, SAVINGS AND LOANS,
CREDIT UNIONS, LENDING INSTITUTIONS, SECURITIES BROKERAGES, TRANSACTION
CLEARING HOUSES, INSURANCE COMPANIES AND ALL RELEVANT REGULATORY
AUTHORITIES. This sector has perhaps done the most to protect itself
from attack, yet its principal vulnerability is the insider threat.
This sector's payment systems, securities and commodities exchanges,
and clearing and settlement organizations comprise the backbone of the
sector's infrastructure. LAUNCH DATE: JUNE 1, 1999.
GOVERNMENT. DEFINITION: INCLUDES GOVERNMENTAL AUTHORITIES PRIMARILY AT
THE FEDERAL LEVEL, HOWEVER, IT IS ALSO DESIRABLE TO HAVE COVERAGE OF
PERTINENT ISSUES AT LEVELS AND IN LOCATIONS IDENTIFIED BY RESPECTIVE
CLIENTS. Government's concern derives principally from its duty to
protect critical infrastructure at all levels of government--national,
state, and local--as well as from its responsibility to assure
government operations. Further, Government depends upon the private
sector to provide it with the technology and information it needs to
protect resources. LAUNCH DATE: SEPTEMBER 15, 1999.
ENERGY. DEFINITION: INCLUDES THE PRODUCTION, PROCESSING, AND
DISTRIBUTION OF ALL FORMS OF CONVENTIONAL AND NUCLEAR ENERGY, AS WELL
AS ALL RELEVANT REGULATORY AUTHORITIES. Prolonged disruption in the
flow of energy (electricity, oil, and gas) would seriously degrade the
performance and survival of the other infrastructure sectors. The
vulnerability of this sector to disruption is further conditioned by
widespread and increasing use of Supervisory Control and Data
Acquisition (SCADA) computer systems for remote control of
energy-transfer systems. LAUNCH DATE: OCTOBER 15, 1999.
COMMUNICATIONS AND INFORMATION TECHNOLOGY. DEFINITION: INCLUDES ALL
FORMS OF MASS MEDIA, TELECOMMUNICATIONS PRODUCTS AND SERVICES, AS WELL
AS COMPUTER SOFTWARE, HARDWARE, FIRMWARE AND ALL OTHER ELECTRONIC
COMPONENTS. FURTHER INCLUDES RELEVANT REGULATORY AUTHORITIES. The most
important vulnerability in this sector is increasing dependency on the
Public Switched Network (PSN), and on the Internet. These networks, in
turn, depend on electrical power for operations and on telephone lines
and fiber-optic cables that often run along transportation routes. The
more dependent we become on the PSN and the Internet, the more
vulnerable we are to damage of the physical plant. LAUNCH DATE:
NOVEMBER 15, 1999.
TRANSPORTATION. DEFINITION: INCLUDES ALL FORMS OF COMMERCIAL
TRANSPORTATION SUCH AS AIR, RAIL, MARITIME AND TRUCKING - INCLUDING ALL
RELEVANT REGULATORY AUTHORITIES. Physical plant vulnerabilities
characterize this sector, however IT-related vulnerabilities have
increased as the sector becomes more interconnected and
technology-dependent. For example, electronic data interchange,
just-in-time delivery systems, and automated dispatch and tracking
controls introduce significant dependencies and vulnerabilities to
classic, well-established physical distribution systems. LAUNCH DATE:
JANUARY 15, 2000.
HEALTH CARE. DEFINITION: INCLUDES ALL ELEMENTS OF THE MEDICAL,
PHARMACEUTICAL AND MEDICAL APPLIANCE INDUSTRY AS WELL AS ALL GOVERNMENT
PROGRAMS (US FEDERAL, STATE AND LOCAL) AND ALL RELEVANT REGULATORY
AUTHORITIES. The increasing size and accessibility of medical databases
has caused growing concern for the privacy of the public, the accuracy
and assuredness of the information, and the liabilities of those who
posses the information. Tele-medicine, a procedural and technological
breakthrough, is not without its vulnerabilities. The deployment of
sufficient safeguards is paramount if medical institutions are to
prevent breaches of patient confidentiality, and if they are to assure
the timeliness and accuracy of the transmission of critical emergency
medical data. LAUNCH DATE: FEBRUARY 15, 2000.
MANUFACTURING, PROCESSING, AND DISTRIBUTION. DEFINITION: INCLUDES ALL
FORMS OF LIGHT INDUSTRY AND DURABLE GOODS PRODUCTION AS WELL AS ALL
RELEVANT REGULATORY AUTHORITIES. Information technology and
computer-driven controls have become prevalent, and many companies
spend more on computers and automated controls than they spend on the
direct manufacturing process. Such dependence on computers, artificial
intelligence, robotics, and automated inventory and control systems,
and the sector's interconnected nature create vulnerabilities to
technological failure or attack. Major disruptions have consequences
for the industry in which the problem occurred, and have widespread
effects on other sectors that depend on its products. LAUNCH DATE:
MARCH 15, 2000
-------------------------- --------------------------------------------------------------------------------------
iALERT's Enterprise Service
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
b. Timeliness Daily
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
MONITORING - Overview of Sector Status
&ANALYSIS - General Sector Threats
- Incident Reporting & Analysis
- Open Sources
- Special Sources
- General ITI Vulnerabilities
- Sources
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
DELIVERY Fax or Secure Email. An access-controlled Web site will be available to clients in
early September.
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
PRICING $50,000 per year including 10 user seats
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
ADDITIONAL USERS 1-25 = $500 per seat
26-50 = $375 per seat
51-100 = $250 per seat
> 100 = $125 per seat
--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------
ANALYST CALLS $300 an hour, in 15 minute increments
-------------------------- --------------------------------------------------------------------------------------
