Common use of Preventing Unauthorized Product Use Clause in Contracts

Preventing Unauthorized Product Use. We implement industry standard access controls and detection capabilities for the internal networks that support its products. Access controls: Network access control mechanisms are designed to prevent network traffic using unauthorized protocols from reaching the product infrastructure. The technical measures implemented differ between infrastructure providers and include Virtual Private Cloud (VPC) implementations, security group assignment, and traditional firewall rules. Intrusion detection and prevention: We implement a Web Application Firewall (WAF) solution to protect hosted Client websites and other internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Security reviews of code stored in our source code repositories is performed, checking for coding best practices and identifiable software flaws. Penetration testing: We maintain relationships with industry recognized penetration testing service providers for four annual penetration tests. The intent of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios. Bug bounty: A bug bounty program invites and incentivizes independent security researchers to ethically discover and disclose security flaws. We implement a bug bounty program in an effort to widen the available opportunities to engage with the security community and improve the product defenses against sophisticated attacks.

Preventing Unauthorized Product Use. We implement industry standard access controls and detection capabilities for the internal networks that support its products. Access controls: Network access control mechanisms are designed to prevent network traffic using unauthorized protocols from reaching the product infrastructure. The technical measures implemented differ between infrastructure providers and include DocuSign Envelope ID: A449B22A-B813-4D13-AC41-663047786B38 DocuSign Envelope ID: 8FA8B10C-C4DE-427D-9466-DBB9ACDC5D06 Virtual Private Cloud (VPC) implementations, security group assignment, and traditional firewall rules. Intrusion detection and prevention: We implement a Web Application Firewall (WAF) solution to protect hosted Client customer websites and other internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Security reviews of code stored in our source code repositories is performed, checking for coding best practices and identifiable software flaws. Penetration testing: We maintain relationships with industry recognized penetration testing service providers for four annual penetration tests. The intent of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios. Bug bounty: A bug bounty program invites and incentivizes independent security researchers to ethically discover and disclose security flaws. We implement a bug bounty program in an effort to widen the available opportunities to engage with the security community and improve the product defenses against sophisticated attacks.