NOTICE -- READ ALL OF THE TERMS AND CONDITIONS OF THIS END USER LICENSE AGREEMENT BEFORE DOWNLOADING, COPYING, INSTALLING OR USING THE SOFTWARE, CONTENT, DATA OR DOCUMENTATION (EACH AS DEFINED BELOW).
INSTALLING AND/OR USING THE SOFTWARE, SERVICE, CONTENT, DATA AND DOCUMENTATION (COLLECTIVELY, THE "PRODUCT") INDICATES YOUR ACCEPTANCE OF THESE TERMS AND CONDITIONS. IF YOU DO NOT ACCEPT THESE TERMS AND CONDITIONS, YOU MUST DELETE ANY SOFTWARE, CONTENT AND DATA FROM YOUR COMPUTER AND/OR ANY OTHER DATA STORAGE DEVICE. PLEASE NOTE THAT YOU MAY NOT USE, COPY, MODIFY OR TRANSFER THE PRODUCT, OR ANY COPY OR PORTION THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE AGREEMENT.
IMPORTANT -- READ CAREFULLY: By clicking on the "Yes" or other appropriate assent button to make and use copies of the Syhunt Vulnerability Assessment Software (the "Software"), access the Syhunt Vulnerability Assessment service via any computer (the "Service") and to use the vulnerability data (the "Data") and other content accessed therewith (the "Content"), you ("Licensee") agree to be and are hereby bound by the terms and conditions of this License Agreement (this "Agreement"). If applicable, Licensee must also agree to certain terms and conditions relating to Licensee's subscription to the Software, Service, Content and Data, as may be required by third-parties processing any fees on behalf of Syhunt (the "Third Party Subscription Terms"). If Licensee does not agree to the terms and conditions of this Agreement (and the Third Party Subscription Terms, if applicable), Licensee should not download, copy, install or use the Product and must promptly destroy any and all copies of the Software, Service, Content, Data and any accompanying documentation ("Documentation") made by Licensee.
I. SYHUNT'S SUBSCRIPTION TERMS. For purposes of this Agreement, the "Syhunt Site" shall mean the web site currently located at www.syhunt.com. “Target” Definition: a Target would be an Internet Protocol (IP), domain, subdomain or URL address, or a source code archive, that is tested by the Software.
A. For Trial Subscriptions. Syhunt does not charge a subscription fee for Licensee's trial use of the Product. Licensee shall however be subject to the terms and conditions of this Agreement and Licensee's use of the Product during the applicable trial period may be terminated by Syhunt in the event Licensee breaches any term of this Agreement.
At the end of the applicable trial period, Licensee shall have the option of subscribing to the Syhunt Vulnerability Assessment Professional Product (the "Professional Product") by visiting www.avangate.com, www.shareit.com or the Syhunt Site and providing relevant payment information. In the event Licensee does not purchase a subscription at the end of the applicable trial period, either (a) the Syhunt Vulnerability Assessment Professional Product will be disabled and Licensee will instead be provided with the Syhunt Vulnerability Assessment Free Product (the "Community Edition"), which Licensee will have the right to use subject to the terms below, if Licensee had a trial subscription of the Product, or (b) the Product will be disabled in its entirety if Licensee had a trial subscription of the Product.
B. For Syhunt Free Subscriptions. Syhunt does not charge a subscription fee for Licensee's use of the Syhunt Vulnerability Assessment Free Product, which offers limited content and functionality. Licensee's use of Syhunt Free shall subject to the terms and conditions of this Agreement.
C. For Annual or Perpetual Syhunt Vulnerability Assessment Professional Subscriptions. To subscribe to the Syhunt Vulnerability Assessment Professional Product from an authorized Syhunt reseller or the website currently located at www.avangate.com (the "Avangate Site") or www.shareit.com (the "Share-it Site"), Licensee agrees to pay Syhunt's authorized reseller or a payment processing partner, Avangate BV ("Avangate") or Share-it, Inc. ("Share-it"), the applicable subscription fee listed on the Avangate Site or Share-it Site, any applicable taxes and any other charges incurred on Licensee's user name and password. Subscription fees will be billed by Avangate or Share-it to Licensee at the beginning of Licensee's subscription. Syhunt reserves the right to increase its subscription fee or institute new fees at any time, upon reasonable notice posted in advance on the Syhunt Site depending on the global region. Licensee shall not be charged retroactively for any such increased or new fees but shall be billed the applicable increased or new fee upon renewal, if any.
D. Other Charges. In addition to the subscription fees and obligations set forth in Sections A through C above, Licensee is responsible for all charges associated with connecting to the Syhunt Site, including all telephone line access, telephone and computer equipment and any related service fees.
1. Money Back Guarantee. All fees are non-refundable except as otherwise set forth in this Agreement.
2. Renewal. If Licensee desires to renew Licensee's subscription to the Syhunt Vulnerability Assessment Professional Product, Licensee must visit either www.shareit.com or the Syhunt Site and provide relevant payment information. Share-it will not automatically charge Licensee for renewals. Syhunt will use reasonable efforts to send a reminder prior to the end of Licensee's current subscription period to the e-mail address Licensee provided in connection with Licensee's registration on the Share-it Site.
3. Technical Support In connection with your use of the Software, you may choose to access certain technical support features that may be offered, which may include web ticket support, e-mail support (any such technical support shall be referred to in this License Agreement as the “Technical Support”). Any such Technical Support shall be provided in Syhunt’s sole discretion without any guarantee or warranty of any kind. Technical Support inquiries are accepted at any time and will be answered during normal Syhunt business hours. Syhunt will attempt to respond to inquiries within the same business day. In the course of providing the Technical Support, Syhunt may determine that the technical issue is beyond the scope of the Technical Support.
4. Privacy and Data Protection From time to time, the Software may collect certain information from the computer on which it is installed, which may include:
Status information regarding installation and usage of the Software, including the name of the Target. This information indicates to Syhunt whether installation and usage of the Software was successfull. The status information may be collected by Syhunt for the purpose of evaluating and improving Syhunt’s product performance, crawling coverage and installation success rate, as well as performing Out-of-Band Application Security Testing (OAST). If you are a government agency, organization or information security consultant with extreme confidentiality requirements Syhunt may provide a special license with limited status information collection.
Information contained in a debug file that you may choose to send to Syhunt when the Software encounters a problem. The debug file includes extensive information regarding the status of both the Software and the Target. The information could contain personally identifiable information if such information is included as part of the scan session.
The IP address and/or Media Access Control (MAC) address and the Machine ID of the computer on which the Software is installed for license administration purposes.
Information may be transferred to Syhunt in Brazil or other countries that may have less protective data protection laws than the region in which you are situated (including the European Union) and may be accessible by Syhunt employees or contractors exclusively to be used in accordance with the purposes described above. For the same purposes the information may be shared with partners and vendors that process information on behalf of Syhunt. Syhunt has taken steps so that the collected information, if transferred, receives an adequate level of protection. Subject to applicable laws, Syhunt reserves the right to cooperate with any legal process and any law enforcement or other government inquiry related to your use of this Software. This means that Syhunt may provide documents and information relevant to a court subpoena or to a law enforcement or other government investigation.
5. Discontinuation of Product Syhunt reserves the right to discontinue the Software at any time, whether it is offered individually or as a part of a Software suite. If the Software is discontinued because it is made part of another Syhunt Software, then a license for the subsequent merged Software will be made available to you at no additional fee. If the Software is discontinued and not made part of another Syhunt Software, then you shall retain the right to use the Software in accordance with the terms of this Agreement. There is no guarantee, nor any obligation, to provide enhancements, updates and new versions of the Software, technical support and integration with Syhunt online services for a perpetual license if the Software is discontinued and not made part of another Syhunt Software or no longer supported by Syhunt.
6. Result Content The scan results displayed or returned by the Software in response to Licensee’s scan requests may contain information referring to or describing identified vulnerabilities, weaknesses, compromised data, and content collected from third-party Internet sources, APIs and open source databases (“Result Content”). Result Content may include security recommendations, source code portions, secret, non-public or otherwise sensitive information associated with Licensee’s own organization and registered Internet domains, devices, servers, applications and networks. Except as otherwise expressly provided in this Agreement, all Result Content is provided in good faith and without warranty of any kind, express or implied, and the Syhunt is not responsible for any Result Content or liability resulting from Licensee’s access or possession thereof. Although content is collected from sources that Syhunt believes to be reliable, Syhunt does not represent or warrant, whether expressly or impliedly, the accuracy, validity, adequacy, sequence, timeliness, quality, completeness or any other aspect of any of the content.
Licensee shall not, directly or indirectly use any Result Content: (a) in violation of any local, state, national or international laws, regulations or conventions; (b) for unethical activities; (c) for sale, re-sale, sub-license, commercial use, or redistribution of any kind, without Syhunt’s express, prior consent.
Syhunt does not guarantees that any or all instances of vulnerabilities or compromised data will be identified. By agreeing to the terms of this Agreement, the Licensee acknowledges that the Software cannot identify all the vulnerabilities or compromised data associated with Licensee’s targets and that Result Content must not be used as a substitute for your own due diligence.
7. Dark Web Scanning Syhunt monitors and compiles publicly available information from third-party Internet sources including information located on the surface web, deep web or dark web, hacker forums, hacker and data dump sites, the black market, file sharing portals, third-party APIs, and past and recent breach records to provide Result Content to the Licensee that detail, calculate and compare the extent of exposure of the Licensee’s organization ("Dark Web Scanning"). Scores returned by the Sofware are calculed using Syhunt's own proprietary model based on the Result Content at the end of a scan. More information about the score available in the Software can be found on the Syhunt Site.
If the Licensee subscribed to the Professional Product with Dark Web Scanning capabilities included, Syhunt will ask the Licensee to prove control and ownership of a domain before the Licensee can access Result Content that contain score information and detailed information about identified data disclosures associated with the domain. Result Content about such authorized domains may contain compromised credentials (i.e. usernames, passwords, email addresses, etc. that have been disclosed), C-level or employee information, financial information, and other compromised corporate data associated with the Licensee’s organization and domains, and may (or may not) be redacted to obscure certain information.
If the Licensee uses the Professional Product to scan a domain name not owned by the Licensee, or uses the Community Edition to scan any domain, Result Content will ommit sensitive information (i.e. the list of compromised passwords, files, etc.) and may (or may not) be redacted.
From time to time, at its sole discretion, Syhunt may attempt to electronically notify the Licensee by email and/or text of leaks so that the Licensee can take appropriate countermeasures, perform cybercrime investigation and incident response tasks. Syhunt will not remove the Licensee's leaked information from the web or stop the leaked information from being sold and redistributed over the Internet.
Licensee will have selected during the Professional Product license activation process whether Licensee wishes Syhunt to deliver leak updates through the Internet, or if Licensee wishes to perform offline updating. From time to time, offline updating enables Syhunt to share with the Licensee, by email or other mutually agreed upon communication method, up-to-date leaked information of an authorized domain in the form of an encrypted file (a "Dump") that may be imported into the Software.
8. OpenAI Integration
The Software optionally integrates with OpenAI API to enhance its application security scanner capabilities through artificial intelligence (AI). The Software diligently employs the OpenAI API in a manner that safeguards sensitive information during requests to the API provider. Measures are taken to prevent the transmission of sensitive data, including credentials and hardcoded information, through these API requests.
In order to enable the AI integration, the Software requires that the Licensee enters their own OpenAI API key. This requirement is enforced by Syhunt for privacy and management purposes. The Licensee is solely responsible for the creation, management, and allocation of their API key or keys. This key management process is independent of Syhunt. Consequently, any expenses associated with API key usage, including fees imposed by OpenAI, are not covered by the Licensee's existing Software license agreement or by Syhunt itself. In the event that the Licensee has multiple installations of the Software, the Licensee has the freedom to employ separate keys for each installation, as per their discretion and requirements.
The Software offers an optional source code analysis feature that involves sending excerpts of vulnerable code to OpenAI to obtain patch examples. These patch examples are automatically included in the Software's reports alongside the identified vulnerable code sections. To enable this feature, the Licensee must add an empty .aipatchconsent file to the root of the target source code repository or directory. Failure to include the .aipatchconsent file will result in the feature remaining disabled.
The Licensee bears sole responsibility for carefully assessing the implications and risks associated with enabling or disabling this feature. Each repository where the Licensee wishes to enable this feature must have its own .aipatchconsent file placed in the root directory. Including the .aipatchconsent file in a specific repository grants authorization for code sharing and patch generation solely within that repository. The Licensee must exercise caution and ensure that this feature is enabled only for repositories where the Licensee is comfortable with sharing code excerpts with OpenAI. If the Licensee had previously enabled the sharing of code excerpts by adding the .aipatchconsent file to a repository, removing the file will disable the feature again for that specific repository.
Before adopting any generated source code patch example, it is the sole responsibility of the Licensee to ensure its security and appropriateness for their specific use case. The Licensee must exercise due diligence in carefully assessing the effectiveness, reliability, and suitability of the generated patch examples. The inherent nature of AI-generated patch examples necessitates a comprehensive review to validate their security and appropriateness for implementation.
By continuing to utilize the Software, integrating with the OpenAI API and incorporating the .aipatchconsent file, the Licensee acknowledges and accepts the aforementioned terms and conditions regarding privacy, patching, API key management, and associated costs.
II. GRANT OF LICENSE.
Syhunt Informática, Ltda. ("Syhunt") hereby grants to Licensee a non-exclusive license to use the Software, Service, Content, Data and Documentation subject to the following terms:
Licensee may: (a) install the Software on one computer and use the Software, Content and Data for personal or commercial purposes; (b) access the Service via one computer; (c) view the Content and the Data in connection with the Software and/or Service on the screen of such computer; (d) save the Content and the Data on such computer, provided that Licensee does not remove any copyright notices that appear in connection therewith and does not modify the Content or the Data in any way; and (e) make one copy of the Software, Content and Data for back-up, archival purposes, provided such copy contains all of the original proprietary notices provided with or otherwise relating to such Software, Content and Data. Notwithstanding anything in this paragraph, Licensee may transfer the Software from one computer to another computer in connection with Licensee's use of the Product, provided that (i) Licensee deletes all copies of the Software from the first device, and (ii) Licensee may use the Product on only one computer at a time.
Licensee may not use, or permit other individuals or entities to use, the Software, Service, Content, Data or Documentation except under the terms expressly listed above. Without limiting the foregoing sentence, Licensee shall not, and shall not permit any other individual or entity to: (a) use the Product following expiration or termination of the applicable subscription period; (b) modify, translate, reverse engineer, decompile, disassemble (except to the extent that this restriction is expressly prohibited by law) or create derivative works based upon the Software, Service, Content, Data or Documentation; (c) copy the Software, Service, Content, Data or Documentation (except as permitted above); (d) rent, lease, sell, offer to sell, distribute, or otherwise transfer rights to the Software, Service, Content, Data or Documentation; and (e) remove any proprietary notices or labels on or relating to the Software, Service, Content, Data or Documentation. Licensee acknowledges that Syhunt has the right to remove listings, restrict access, terminate and otherwise modify the services provided by Syhunt from the Syhunt Site for any reason, including but not limited to a breach of any of the Terms of Service agreement set forth on the Syhunt Site (the "Terms of Service Agreement"), or the Third Party Subscription Terms if applicable.
The Licensee agrees to use the Software only to test Targets for which the Licensee has the full right, power, and authority to test and scan and in accordance with This License Agreement. After the Licensee purchases the license for the software or subscribes for a trial, and receives an email with the license activation key, the Licensee can use the software in accordance with chosen licensing model. Licensee is required to keep the activation key safe and secure. Theft of the key may result in the compromise of the Licensee's license.
III. ENHANCEMENTS AND UPDATES.
From time to time, at its sole discretion, Syhunt may provide enhancements, updates, or new versions of the Software, Service, Content, Data and Documentation on its then standard terms and conditions thereof. This License Agreement shall apply to such enhancements. In order to optimize the Software Syhunt may, at its discretion and without notice, add, modify or remove features from the Software at any time.
All right, title and interest in and to the Software, Service, Content, Data and Documentation (including without limitation all intellectual property rights) shall remain in Syhunt and/or its suppliers and licensors. Without limiting the foregoing: (a) the Software, Service, Content, Data and Documentation are protected by copyright laws and international copyright treaties; and (b) the Content (including the content contained in the Software media demonstration files) and Data, and all rights thereto, are the property of the applicable content owner and are protected by applicable copyright or other law. This license gives Licensee no rights to such Content or Data.
The following copyright notices apply to, and shall not be removed from, the Software and the Documentation and certain Content available in connection therewith:
©2021 Syhunt Informatica Ltda. All rights reserved.
THE SOFTWARE, SERVICE, CONTENT, DATA AND DOCUMENTATION ARE PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SYHUNT AND ITS LICENSORS AND SUPPLIERS FURTHER DISCLAIM ALL WARRANTIES OF ANY KIND (WHETHER EXPRESS OR IMPLIED, ARISING BY LAW OR OTHERWISE), INCLUDING WITHOUT LIMITATION ANY WARRANTIES OF PERFORMANCE, MERCHANTABILITY AND NONINFRINGEMENT. SYHUNT AND ITS LICENSORS AND SUPPLIERS ALSO DISCLAIM ALL WARRANTIES OF QUALITY, ACCURACY, COMPLETENESS, EFFECTIVENESS, RELIABILITY, FITNESS FOR A PARTICULAR PURPOSE, USEFULNESS, USE OR RESULTS TO BE OBTAINED FROM THE CONTENT OR THE DATA, OR THAT THE CONTENT OR THE DATA WILL BE ERROR-FREE. TO THE EXTENT ALLOWED BY APPLICABLE LAW, ANY IMPLIED WARRANTIES THAT CANNOT BE DISCLAIMED ARE LIMITED TO NINETY (90) DAYS FROM THE DATE OF INITIAL DOWNLOAD OR INSTALLATION OF THE SOFTWARE, CONTENT AND/OR DATA OR ACCESS OF THE SERVICE BY OR ON BEHALF OF LICENSEE. THE ENTIRE RISK ARISING OUT OF THE USE OR PERFORMANCE OF THE SERVICE, SOFTWARE, CONTENT, DATA AND DOCUMENTATION REMAINS WITH LICENSEE.
WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, LICENSEE ACKNOWLEDGES THAT THE DATA MAY INCLUDE INACCURACIES AND THAT LICENSEE WILL USE COMMON SENSE AND FOLLOW STANDARD SECURITY PRECAUTIONS IN CONNECTION WITH LICENSEE'S USE OF ANY VULNERABILITY ASSESSMENT RESULTS GENERATED BY THE SOFTWARE OR THE SERVICE.
VI. WAIVER OF DAMAGES.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL SYHUNT OR ITS SUPPLIERS OR LICENSORS BE LIABLE TO LICENSEE OR ANY THIRD PARTY FOR: (A) ANY CLAIM, DEMAND OR ACTION (IRRESPECTIVE OF THE NATURE OR THE CAUSE OF THE CLAIM, DEMAND OR ACTION) ALLEGING ANY LOSS, INJURY OR DAMAGES ARISING OUT OF THIS AGREEMENT OR WHICH MAY RESULT FROM THE USE OR POSSESSION OF THE PRODUCT; (B) ANY LOSS OF PROFIT, REVENUE, CONTRACTS OR SAVINGS, OR ANY OTHER INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES ARISING OUT OF LICENSEE'S USE OF OR INABILITY TO USE THE PRODUCT, ANY DEFECT IN THE PRODUCT, OR THE BREACH OF THESE TERMS OR CONDITIONS, IN EACH CASE, WHETHER IN AN ACTION IN CONTRACT OR TORT OR BASED ON A WARRANTY, EVEN IF SYHUNT OR ITS SUPPLIERS OR LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
VII. LIMITATION OF LIABILITY.
THE TOTAL LIABILITY OF SYHUNT AND ITS SUPPLIERS AND LICENSORS ARISING OUT OF OR IN ANY WAY RELATED TO THIS AGREEMENT OR ITS IMPLEMENTATION SHALL NOT EXCEED THE AMOUNTS PAID BY LICENSEE TO SYHUNT UNDER THIS AGREEMENT AND/OR THE THIRD PARTY SUBSCRIPTION TERMS, IF APPLICABLE. BECAUSE SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO LICENSEE.
VIII. DISCLAIMER OF ENDORSEMENT.
Reference to any products, services, processes, hypertext links to third parties or other information (by trade name, trademark, manufacturer, supplier or otherwise) does not necessarily constitute or imply its endorsement, sponsorship or recommendation by Syhunt or its suppliers or licensors. Product and service information are the sole responsibility of each individual vendor. The Syhunt Informatica Ltda name and logo, and other trademarks and trade names owned by Syhunt, may not be used in any commercial manner without the prior written consent of Syhunt.
This Agreement shall terminate automatically if Licensee fails to comply with any of the terms and conditions described in this Agreement. No notice shall be required from Syhunt to effectuate such termination. On termination, Licensee must destroy all copies of the Software, Service, Content, Data and Documentation. Without limiting the foregoing, Syhunt may terminate this Agreement immediately for any breach by Licensee of the Terms of Service Agreement, or the Third Party Subscription Terms if applicable. In the event of any termination by Syhunt pursuant to this Section IX, Licensee shall not be entitled to any refund of pre-paid subscription fees.
Licensee agree to indemnify, defend and hold Syhunt and its parents, subsidiaries, affiliates, suppliers and licensors (including their respective licensors, suppliers, assignees, subsidiaries, affiliated companies, and the respective officers, directors, employees, shareholders, agents and representatives of each of them) free and harmless from and against any liability, loss, injury (including injuries resulting in death), demand, action, cost, expense, or claim of any kind or character, including but not limited to attorney's fees, arising out of or in connection with any use or possession by Licensee of the Product.
XI. TERMS OF SERVICE AGREEMENT.
The Terms of Service Agreement is incorporated herein by reference, provided, however, that in the event of any conflict between the terms and conditions of this Agreement and the terms and conditions of the Terms of Service Agreement, the terms and conditions of this Agreement shall govern.
XII. GOVERNING LAW.
The rights and obligations of the parties under this Agreement shall be governed and construed under the laws of the State of Rio de Janeiro, Brazil, without reference to its conflict of laws principles.
XIII. ENTIRE AGREEMENT.
This Agreement constitutes the complete and exclusive agreement between Syhunt and Licensee with respect to the subject matter hereof and supersedes all prior oral or written understandings, communications or agreements not specifically incorporated herein. This Agreement may not be modified except when executed by an authorized representative of Syhunt and Licensee.
The failure of either party to require performance by the other party of any provision hereof shall not affect the full right to require such performance at any time thereafter, nor shall the waiver by either party of a breach of any provision hereof be taken or held to be a waiver of such or any other provision.
Neither this Agreement nor any rights or obligations of Licensee hereunder may be assigned by Licensee, in whole or in part, without the prior written approval of Syhunt. Any assignment in derogation of the foregoing shall be null and void.
If any part of this Agreement is for any reason found to be unenforceable, all other parts nevertheless remain enforceable as long as a party's rights under this Agreement are not materially affected. In lieu of the unenforceable provision, the parties will substitute or add as part of this Agreement a provision that will be as similar as possible in economic and business objectives as was intended by the unenforceable provision.