These Contrast Security End User Terms of Service (the “Agreement”) are entered into as of the date of acceptance of the Services(s) and Product(s) (the “Effective Date”) by and between Contrast Security, Inc. (“Contrast”) and the entity that has purchased the Contrast Service(s) and or Product(s) (“Customer”).



1. Order Forms; Grant of License and/or Access to the Service. Contrast and Customer may mutually execute one or more written order forms which reference this Agreement (each, an “Order Form”), and upon mutual execution, each Order Form shall be incorporated into and form a part of the Agreement.  For purposes of this Agreement, “Application”, “Application Instance”, and “Developer” shall have the meanings  set forth at

1.1 On-Premise Products. Subject to Customer’s compliance with the terms and conditions of this Agreement (including any limitations and restrictions set forth on the applicable Order Form) Contrast grants Customer a personal nonsublicenseable, nonexclusive right to use the Product specified in each Order Form in object code form only during the applicable Order Form Term (as defined below) for the internal business purposes of Customer, only as provided herein and only in accordance with Contrast’s official user documentation set forth at (the “Documentation”). Customer may only use the Product in the quantities listed on the applicable Order Form, and once Customer has used the Product to manage or analyse a particular Application, that Application will permanently count toward the number of maximum allowable Applications, and may not be replaced by another Application. Except for one copy solely for back-up purposes, Customer may possess only the number of copies of any Product as has been expressly authorised by Contrast. 

1.2 Saas Services. Subject to Customer’s compliance with the terms and conditions of this Agreement (including any limitations and restrictions set forth on the applicable Order Form) Contrast grants Customer the right to access and use the services specified on the applicable Order Form (collectively the “Service “ or “Services”).  Customer may only use the Services to manage and analyse the maximum aggregate number of Applications (as defined below) set forth on the applicable Order Form, and once Customer has used the Service to manage or analyse a particular Application, that Application will permanently count toward the number of maximum allowable Applications, and may not be replaced by another Application.

1.3 Contrast retains ownership of all Products and Services and all rights therein and Customer will maintain the copyright notice and any other notices that appear on the Product on any copies and any media.  Customer will not (and will not allow any third party to) (i) reverse engineer or attempt to discover any source code or underlying ideas or algorithms of any Service or Product (except to the extent that applicable law prohibits reverse engineering restrictions), (ii) provide, lease, lend, disclose, use for timesharing or service bureau purposes, or otherwise use or allow others to use for the benefit of any third party, any Service or Product (except as expressly and specifically authorised by Contrast), (iii) possess or use any Service or Product, or allow the transfer, transmission, export, or re-export of any Service or Product or portion thereof in violation of any export control laws or regulations administered by the U.S. Commerce Department, U.S. Treasury Department’s Office of Foreign Assets Control, or any other government agency, (iv) disclose to any third party any benchmarking or comparative study involving any Service or Product or (v) modify any Service or Product.  Prior to disposing of any media or apparatus containing any part of the Product, Customer shall completely destroy any Product contained therein.  All the limitations and restrictions on Services or Products in this Agreement also apply to the relevant Documentation.

2. Support; Service Levels. Contrast will provide support and uptime for the Service and/or Product, as applicable,  in accordance with (i) the support package selected by Customer on the applicable Order Form (if any), and (ii) Contrast’s  then-current standard Support and Availability Policy set forth at

3. Service Updates.From time to time, Contrast may provide upgrades, patches, enhancements, or fixes for the Services and/or Products, as applicable,  to its customers generally without additional charge (“Updates”), and such Updates will become part of the Service or Products and subject to this Agreement. Notwithstanding the foregoing, Contrast shall have no obligation under this Agreement or otherwise to provide any such Updates.

4. Ownership; Restrictions; Feedback.As between the parties, Contrast retains all right, title, and interest in and to the Services and Product, and all software, products, works, and other intellectual property and moral rights related thereto or created, used, or provided by Contrast for the purposes of this Agreement, including any copies and derivative works of the foregoing. Any software which is distributed or otherwise provided to Customer hereunder shall be deemed a part of the “Services” or “Product”. No rights or licenses are granted except as expressly and unambiguously set forth in this Agreement. Customer may from time to time provide suggestions, comments or other feedback to Contrast with respect to the Service or Product (“Feedback”). Feedback, even if designated as confidential by Customer, shall not create any confidentiality obligation for Contrast notwithstanding anything else. Customer shall, and hereby does, grant to Contrast a nonexclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty-free, fully paid up license to use and exploit the Feedback for any purpose; provided that such license grant shall not be construed to relieve Contrast of any confidentiality obligations it may have hereunder with respect to Customer Data. Nothing in this Agreement will impair Contrast’s right to develop, acquire, license, market, promote or distribute products, software or technologies that perform the same or similar functions as, or otherwise compete with any products, software or technologies that Customer may develop, produce, market, or distribute.

5. Fees; Payment. Customer shall pay Contrast fees for the Service or Product as set forth in each Order Form (“Fees”). Unless otherwise specified in an Order Form, all Fees shall be invoiced annually in advance and all invoices issued under this Agreement are payable in U.S. dollars within thirty (30) days from date of invoice. Past due invoices are subject to interest on any outstanding balance of the lesser of 1.5% per month or the maximum amount permitted by law. Customer shall be responsible for all taxes associated with Service or Product other than taxes based on Contrast’s net income. All Fees paid are non-refundable and are not subject to set-off.

6. Restrictions. Except as expressly set forth in this Agreement, Customer shall not (and shall not permit any third party to), directly or indirectly: (i) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, or algorithms of the Service or Product (except to the extent applicable laws specifically prohibit such restriction); (ii) modify, translate, or create derivative works based on the Service or Product; (iii) copy, rent, lease, distribute, pledge, assign, or otherwise transfer or encumber rights to the Service or Product; (iv) use the Service or Product for the benefit of a third party; (v) remove or otherwise alter any proprietary notices or labels from the Service or Product or any portion thereof; (vi) use the Service or Product to build an application or product that is competitive with any Contrast product or Service or Product. Customer is responsible for all of Customer’s activity in connection with the Service or Product, including but not limited to uploading Customer Data (as defined below) onto the Service or Product. Customer (i) shall use the Service or Product in compliance with all applicable local, state, national and foreign laws, treaties and regulations in connection with Customer’s use of the Service or Product (including those related to data privacy, international communications, export laws and the transmission of technical or personal data laws), and (ii) shall not use the Service or Product in a manner that violates any third party intellectual property, contractual or other proprietary rights. Additionally, Customer shall not: (i) interfere or attempt to interfere with the proper working of the Service or Product or any activities conducted on the Service or Product; or (ii) bypass any measures Contrast may use to prevent or restrict access to the Service or Product (or other accounts, computer systems or networks connected to the Service or Product).

7. Customer Data. For purposes of this Agreement, “Customer Data” shall mean any data, information or material provided, uploaded, or submitted by Customer to the Service or Product in the course of using the Service or Product. Customer shall retain all right, title and interest in and to the Customer Data (as defined below), including all intellectual property rights therein. Customer, not Contrast, shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use of all Customer Data. Contrast shall use commercially reasonable efforts to maintain the security and integrity of the Service or Product and the Customer Data. Contrast is not responsible to Customer for unauthorised access to Customer Data or the unauthorised use of the Service or Product unless such access is due to Contrast’s gross negligence or willful misconduct. Customer is responsible for the use of the Service or Product by any person to whom Customer has given access to the Service or Product, and any person who gains access to Customer Data, even if Customer did not authorise such use. Customer agrees and acknowledges that Customer Data may be irretrievably deleted if Customer’s account is ninety (90) days or more delinquent. Notwithstanding anything to the contrary, Customer acknowledges and agrees that Contrast may (i) internally use and modify (but not disclose) Customer Data for the purposes of (A) providing the Service or Product to Customer and (B) generating Aggregated Anonymous Data, and (ii) freely use and make available Aggregated Anonymous Data for Contrast’s business purposes. “Aggregated Anonymous Data” means data submitted to, collected by or generated by Contrast in connection with Customer’s use of the Service or Product, but only in aggregate, anonymised form which can in no way be linked specifically to Customer. Customer shall own and hereby reserves all right, title and interest in the Customer Data.

8. Data Privacy. With respect to its activities hereunder involving Protected Information (as defined herein), Contrast agrees that: (i) it is and will remain at all times during the term of this Agreement, and to the extent it Processes any Protected Information after the term of the Agreement, in compliance with all applicable Data Protection Laws and Regulations and will enable Customer to use the Products and/or Services in compliance with all applicable Data Protection Laws and Regulations; and (ii) its performance under this Agreement will not cause Customer to be in violation of any Data Protection Laws and Regulations. “Data Protection Laws and Regulations” means all laws, regulations, and legally binding requirements of any governmental authority or regulator applicable to the Processing of Personal Data under the Agreement. This includes laws and regulations of the United States, the European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, including but not limited to GDPR. “GDPR” means General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.  “Personal Data” means any information relating to an identified or identifiable natural person (the Data Subject).  An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.  “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.  “Protected Information” means (all Personal Data that Customer may provide to Contrast, including Personal Data about Customer employees and personnel.  Customer hereby acknowledges and agrees to abide by the terms of Contrast’s then-current Privacy Policy found at

9. Identifying Customer as Client. During the Order Form Term Customer grants Contrast the limited right to use Customer’s corporate names, logos, and trademarks (“Marks”) in Contrast’s websites and marketing materials for the sole purpose of identifying Customer as a client.  Contrast will use the Marks only in a manner that complies in all material respects with Customer’s trademark usage policies that may be provided by Customer to Contrast from time to time. If Contrast, in the course of performing this Agreement, acquires any goodwill or reputation in any of the Marks, all such goodwill or reputation will automatically vest in Customer when and as, on an on-going basis, such acquisition of goodwill or reputation occurs, as well as at the expiration or termination of this Agreement.

10. Term; Termination. This Agreement shall commence on the Effective Date and, unless earlier terminated in accordance herewith, shall last until the expiration of the term set forth on the applicable Order Form (the “Initial Term”). Following the Initial Term, this Agreement shall automatically renew for successive renewal terms of equal length to the Initial Term (each a “Renewal Term,” and together with the Initial Term, the ”Order Form Term”), unless either party provides the other party with written notice of non-renewal at least thirty (30) days prior to the then-current term.  In the event of a material breach of this Agreement by the either party, the non-breaching party may terminate this Agreement by providing written notice to the breaching party, provided that the breaching party does not materially cure such breach within thirty (30) days of receipt of such notice. Without limiting the foregoing, Contrast may suspend or limit Customer’s access to or use of the Service or Product if (i) Customer’s account is more than sixty (60) days past due, or (ii) Customer’s use of the Service or Product results in (or is reasonably likely to result in) damage to or material degradation of the Service or Product which interferes with Contrast’s ability to provide access to the Service or Product to other customers; provided that in the case of subsection (ii): (a) Contrast shall use reasonable good faith efforts to work with Customer to resolve or mitigate the damage or degradation in order to resolve the issue without resorting to suspension or limitation; (b) prior to any such suspension or limitation, Contrast shall use commercially reasonable efforts to provide notice to Customer describing the nature of the damage or degradation; and (c) Contrast shall reinstate Customer’s use of or access to the Service or Product, as applicable, if Customer remediates the issue within thirty (30) days of receipt of such notice. All provisions of this Agreement which by their nature should survive termination shall survive termination, including, without limitation, accrued payment obligations, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

11. Indemnification. Each party (“Indemnitor”) shall defend, indemnify, and hold harmless the other party, its affiliates and each of its and its affiliates’ employees, contractors, directors, suppliers and representatives (collectively, the “Indemnitee”) from all liabilities, claims, and expenses paid or payable to an unaffiliated third party (including reasonable attorneys’ fees) (“Losses”), that arise from or relate to any claim that (i) the Customer Data or Customer’s use of the Service or Product (in the case of Customer as Indemnitor), or (ii) the Service or Product (in the case of Contrast as Indemnitor), infringes, violates, or misappropriates any third party intellectual property or proprietary right. Each Indemnitor’s indemnification obligations hereunder shall be conditioned upon the Indemnitee providing the Indemnitor with: (i) prompt written notice of any claim (provided that a failure to provide such notice shall only relieve the Indemnitor of its indemnity obligations if the Indemnitor is materially prejudiced by such failure); (ii) the option to assume sole control over the defense and settlement of any claim (provided that the Indemnitee may participate in such defense and settlement at its own expense); and (iii) reasonable information and assistance in connection with such defense and settlement (at the Indemnitor’s expense). The foregoing obligations of Contrast do not apply with respect to the Service or Product or any information, technology, materials or data (or any portions or components of the foregoing) to the extent (i) not created or provided by Contrast, (ii) made in whole or in part in accordance to Customer specifications, (iii) modified after delivery by Contrast, (iv) combined with other products, processes or materials not provided by Contrast (where the alleged Losses arise from or relate to such combination), (v) where Customer continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (vi) Customer’s use of the Service or Product is not strictly in accordance herewith.

12. Confidentiality.

12.1 “Confidential Information

means the non-public information that is exchanged between the parties, provided   

 that such information is: (a) identified as confidential at the time of disclosure by the disclosing party (“Discloser”), or (b) disclosed under circumstances that would indicate to a reasonable person that the information ought to be treated as confidential by the party receiving such information (“Recipient”).  A Recipient may use the Confidential Information that it receives from the other party solely for the purpose of performing activities contemplated under this Agreement.  For a period of five (5) years following the applicable date of disclosure of any Confidential Information, a Recipient shall not disclose the Confidential Information to any third party.  A Recipient shall protect it by using the same degree of care, but no less than a reasonable degree of care, to prevent the unauthorised use, dissemination or publication as the Recipient uses to protect its own confidential information of a like nature.  The Recipient may disclose the Confidential Information to its Affiliates, agents and independent contractors with a need to know in order to fulfill the purpose of this Agreement, who have signed a nondisclosure agreement at least as protective of the Discloser’s rights as this Agreement. 

12.2 This provision imposes no obligation upon a Recipient with respect to Confidential Information which: (a) is or becomes public knowledge through no fault of the Recipient; (b) was in the Recipient’s possession before receipt from the Discloser and was not subject to a duty of confidentiality; (c) is rightfully received by the Recipient without any duty of confidentiality; (d) is disclosed generally to a third party by the Discloser without a duty of confidentiality on the third party; or (e) is independently developed by the Recipient without use of the Confidential Information.  The Recipient may disclose the Discloser's Confidential Information as required by law or court order provided:  (i) the Recipient promptly notifies the Discloser in writing of the requirement for disclosure; and (ii) discloses only as much of the Confidential Information as is required.  Upon request from the Discloser or upon termination of the Agreement, the Recipient shall return all Confidential Information and all copies, notes, summaries or extracts thereof or certify destruction of the same.

12.3 Each party will retain all right, title and interest to such party’s Confidential Information.  The parties acknowledge that a violation of the Recipient’s obligations with respect to Confidential Information may cause irreparable harm to the Discloser for which a remedy at law would be inadequate.  Therefore, in addition to any and all remedies available at law, Discloser shall be entitled to seek an injunction or other equitable remedies in all legal proceedings in the event of any threatened or actual violation of any or all of the provisions hereof.

13. Warranty; Disclaimer. Contrast represents and warrants that, during the applicable Order Form Term, the Service or Product will operate in substantial conformance with the Documentation.  As Customer’s sole remedy (and Contrast’s sole liability) for any breach of the warranty set forth in the foregoing sentence, Contrast shall use commercially reasonable efforts to correct the applicable nonconformance.  EXCEPT AS EXPRESSLY SET FORTH HEREIN, THE SERVICE OR PRODUCT IS PROVIDED “AS IS” AND “AS AVAILABLE” AND ARE WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES IMPLIED BY ANY COURSE OF PERFORMANCE, USAGE OF TRADE, OR COURSE OF DEALING, ALL OF WHICH ARE EXPRESSLY DISCLAIMED.


15. Miscellaneous.Any modifications to the Agreement must be in the form of a mutually signed Addendum or Amendment. The terms of any mutually signed Addendum or Amendment, and this EULA, shall apply in that order of precedence in the event of any conflict between or among such documents.  Together such terms are the complete and exclusive agreement between the parties with respect to the subject matter hereof, and supersede any previous or contemporaneous agreement, proposal, commitment, representation, or other communication (whether oral, written, or electronic) between the parties regarding such subject matter.  This Agreement prevails over any conflicting or additional terms of any purchase order, ordering document, acknowledgement or confirmation or other document issued by Customer, even if signed and returned. The Agreement shall be governed by and construed in accordance with the laws of the State of California, excluding its conflicts of law rules, and the parties consent to exclusive jurisdiction and venue in the state and federal courts located in Santa Clara, California. All notices under this Agreement shall be in writing and shall be deemed to have been duly given when received, if personally delivered or sent by certified or registered mail, return receipt requested; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; or the day after it is sent, if sent for next day delivery by recognised overnight delivery service. Notices must be sent to the contacts for each party set forth on the most recent Order Form. Either party may update its address set forth above by giving notice in accordance with this section.Except for payment obligations, neither party shall be liable for any failure to perform its obligations hereunder where such failure results from any cause beyond such party’s reasonable control, including, without limitation, the elements; fire; flood; severe weather; earthquake; vandalism; accidents; sabotage; power failure; denial of service attacks or similar attacks; Internet failure; acts of God and the public enemy; acts of war; acts of terrorism; riots; civil or public disturbances; strikes lock-outs or labor disruptions; any laws, orders, rules, regulations, acts or restraints of any government or governmental body or authority, civil or military, including the orders and judgments of courts. Neither party may assign any of its rights or obligations hereunder without the other party’s consent; provided that (i) either party may assign all of its rights and obligations hereunder without such consent to a successor-in-interest in connection with a sale of substantially all of such party’s business relating to this Agreement, and (ii) Contrast may utilise subcontractors in the performance of its obligations hereunder. No agency, partnership, joint venture, or employment relationship is created as a result of this Agreement and neither party has any authority of any kind to bind the other in any respect. In any action or proceeding to enforce rights under this Agreement, the prevailing party shall be entitled to recover costs and attorneys’ fees. If any provision of this Agreement is held to be unenforceable for any reason, such provision shall be reformed only to the extent necessary to make it enforceable. The failure of either party to act with respect to a breach of this Agreement by the other party shall not constitute a waiver and shall not limit such party’s rights with respect to such breach or any subsequent breaches.

Revision: 0819A