Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

API Security Addendum

In addition to any other terms and conditions applicable to Customer’s purchase of the Invicti Solution, these API Security terms (“Addendum”) shall apply if Customer purchases an API Security license from Invicti, as identified on an applicable Order Form. This Addendum shall be incorporated as part of the Subscription Services Agreement (“SSA”) referenced in the Order Form between Customer and Invicti, provided that if there is a conflict between this Addendum and the terms of the SSA with regard to the terms governing API Security, this Addendum shall prevail. Capitalized terms used herein but not otherwise defined shall have the meaning ascribed to them in the SSA.

1.    DEFINITIONS.

API” means application programming interface, that is to say a defined set of protocols and tools that enable software applications to communicate and interact with each other.

API Security Services” means services provided by Invicti to Customer relating to the use of the API Security Software, including the identification of Customer API endpoints, analysis of Customer API structures, and generation of a Customer API inventory, in accordance with the provisions of this Addendum and the Documentation.

API Security Software” means the Invicti proprietary software provided in executable code form through which the API Security Services will be provided, and any and all modified, updated, or enhanced versions thereof that Invicti may provide to Customer or its Users. The API Security Software may constitute the entirety of or part of the Invicti Solution that is offered to the Customer under an Order Form.

Customer API” means APIs which are known to and in active use by the Customer.

2.    API SECURITY SOFTWARE.

2.1. License Grant. Subject to Customer’s compliance with the terms and conditions of the Agreement, including payment of all applicable fees, Invicti hereby grants to Customer for its internal business purposes  a limited, non-sublicensable, non-exclusive, non-transferable, worldwide license, solely during the Subscription Term, as applicable and as set forth in the Order Form, to:

(A)    either:

(i)       install, execute and use, or permit Users to install, execute and use, in object code form only, the API Security Software on Customer-provided infrastructure; or

(ii)     access and use the API Security Software via Cloud Service; and

(B)    reproduce and use a reasonable number of copies of the Documentation for use with the Invicti Solution.

3.    SUPPLEMENTARY CUSTOMER RESPONSIBILITIES.

3.1. API Permissions. Customer represents and warrants to Invicti that: (i) Customer has provided all required notices, has obtained and will maintain all required licenses, permissions, and consents for any APIs; (ii) Customer will comply with any applicable terms of service governing the use of any APIs. Customer grants Invicti a perpetual, transferable, worldwide, fully paid, royalty free right and license to use Content relating to any Customer APIs in accordance with the rights and obligations set out in the Agreement.

3.2. Customer represents and warrants that all information provided to Invicti for the purpose of API Security Services is accurate, complete, and up-to-date. The Customer acknowledges that the effectiveness of the API Security Services is contingent upon the accuracy and completeness of the information provided.

3.3. Information; Audits. Customer will keep and maintain commercially reasonable written records and accounts regarding Customer’s use and distribution of the API Security Software and compliance with the Agreement. Invicti shall have the right, upon ten days’ written notice to Customer, to conduct an inspection and audit of all relevant facilities and records of Customer. Such audit shall be conducted during regular business hours at Customer’s offices and in such a manner so as not to interfere with Customer’s normal business activities. In no event shall audits be conducted hereunder more frequently than once every six months. The audit shall be conducted at Invicti’s expense; provided, however, that if the audit reveals that Customer has failed to comply with any material term of the Agreement, Customer shall pay all reasonable costs and expenses incurred by Invicti in conducting the audit.

4.    ADDITIONAL RESTRICTIONS. Except as expressly set forth in the Agreement, and to the maximum extent permitted by applicable law, Customer will not (and will not allow any third party to): (i) distribute, resell or make the API Security Software available to any third party; (ii) engage in any conduct which in the opinion of Invicti is prejudicial to business or to the marketing of the API Security Software generally; (vii) make or give any promises, warranties, guarantees, or representations concerning the API Security Software other than those contained in the Agreement; or (viii) use the API Security Software in any Target Environment it does not own. Customer’s failure to comply with any sub-section within this section, will constitute a material breach of the Agreement incapable of remedy and entitle Invicti to immediately terminate the Agreement without notice in addition to any other remedy available at law or equity.

5.    ADDITIONAL INVICTI OBLIGATIONS. Invicti agrees to: (i) provide Customer, without charge, online access to Documentation, Support, and any other information or assistance reasonably required for the success of the business; and (ii) provide Customer with such additional web-based sales training as reasonably requested by Customer and agreed by Invicti in writing.

6.    SURVIVAL. In addition to Section 8.5(C) of the SSA, the following provisions of this Addendum shall survive termination of the Agreement: 3.3 and 4.