Workload Attack Path Assessment User Terms and Conditions

USER AGREEMENT

This User Agreement is between you, an individual or legal entity, and Aviatrix Systems, Inc. (“Aviatrix”) governing your use of Aviatrix’s Workload Attack Path Assessment (the “Application”) to conduct an assessment of your network security. BY CLICKING “ACCEPT’ BELOW OR UTILIZING THE APPLICATION, YOU AGREE THAT THE TERMS AND CONDITIONS OF THIS USER AGREEMENT GOVERN YOUR USE OF THE APPLICATION. IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS, DO NOT USE THE APPLICATION.

You and Aviatrix agree as follows:

1. DEFINITIONS.

1.1. “Data” means the security data, specifications, descriptions, and other information provided by you and inputted into the Application.

1.2. “Report” means the security assessment results issued to you by Aviatrix which is generated by the Application based on your Data.

1.3. “AI Features” means large language models (LLMs) or other machine learning or artificial intelligence features of the Application

2. USE RIGHTS.

2.1. Right to Access and Use. Subject to the terms in this User Agreement, Aviatrix grants you a non-sublicensable, non-transferable right to access and use the Application to upload your Data and receive and utilize the resulting Report for your internal business purposes. You in turn grant Aviatrix the right to access and use your Data for purposes of conducting a security assessment and generating a Report.

2.2. Use of Third Parties.Aviatrix may utilize third party providers to conduct certain aspects of the security assessment, provided Aviatrix remains responsible for such third parties.

2.3. Restrictions and Obligations. You agree you will not and will not permit anyone else to: (a) sell, sublicense, distribute, gain access to or rent the Application, (b) reverse engineer, decompile or seek to access the source code of the Application, except to the extent these restrictions are prohibited by Laws and then only upon advance notice to Aviatrix, (c) copy, modify, create derivative works of or remove proprietary notices from the Application, (d) use the Application in any manner except for its intended purpose; or (e) use the Application to develop a product that competes with the Application. You represent and warrant you has all rights necessary to allow Aviatrix to use your Data as specified herein without violating third-party intellectual property, privacy or other rights.

3. DATA.

3.1. Your Data. Aviatrix will access and use your Data to provide the security assessment and generate the Report. In addition, Aviatrix may use Data and the Report to (i) contact you to follow up on the Report and discuss Aviatrix products, and (ii) understand security needs, trends and potential product improvements. Aviatrix will not disclose your Data externally unless it is (a) de-identified so that it does not identify you or other parties, and (b) aggregated with data from other assessments

3.2. Data Retention. After termination of your access to the Application, Aviatrix will delete your Data within 30 days.

4. USE OF AI FEATURES.

The Application may include AI Features. Third parties that provide such AI Features are identified in Exhibit A below. Due to the nature of the AI Features, Reports are generated through machine learning processes and are not tested, verified, endorsed or guaranteed to be accurate, complete or current by Aviatrix. You should independently review and verify all Reports as to appropriateness for any or all use cases or applications. The warranty disclaimers and limitations of liability in the Agreement for the Application apply to the AI Features.

5. INTELLECTUAL PROPERTY.

5.1. Proprietary Rights. Aviatrix and its licensors retain all right, title and interest, including all related intellectual property rights, in and to the Application. No rights are granted to you except those expressly set forth in this Agreement. You retain all right, title and interest in and to all your Data.

5.2. Feedback. If you give Aviatrix feedback regarding improvement or operation of the Application, report, or any Aviatrix product or service, Aviatrix may use the feedback without restriction or obligation. All feedback is provided “AS IS” and Aviatrix will not publicly identify you as the source of feedback without your permission.

6. CONFIDENTIALITY.

6.1. Use and Protection. Aviatrix agrees it will keep your Data confidential and only use your Data only as described in this User Agreement, using at least the same precautions recipient uses for its own similar information and no less than a reasonable standard of care.

6.2. Permitted Disclosures. Aviatrix may disclose your Data to its employees, contractors, authorized third parties and other representatives having a legitimate need to know for purposes of conducting the security assessment, provided Aviatrix remains responsible for their compliance with these confidentiality obligations and they are bound to confidentiality obligations no less protective than these terms.

6.3. Exclusions. These confidentiality obligations do not apply to information that the recipient can document (a) is or becomes public knowledge through no fault of the recipient, (b) it rightfully knew or possessed, without confidentiality restrictions, prior to receipt from the discloser, (c) it rightfully received from a third party without confidentiality restrictions or (d) it independently developed without using or referencing Confidential Information.

6.4. Remedies. Breach of this Section 5 may cause substantial harm for which monetary damages are an insufficient remedy. Upon a breach of this Section 5, the discloser is entitled to seek appropriate equitable relief, including an injunction, in addition to other remedies.

7. WARRANTIES.

7.1. THE APPLICATION AND REPORT ARE PROVIDED TO YOU “AS-IS” WITH NO WARRANTY OF ANY KIND. Results and information provided in a Report are dependent on your provision of accurate and complete Data, and any and all assessments, conclusions, recommendations, and other information provided by Aviatrix are used by you at your risk.

7.2. Disclaimers of Warranty. AVIATRIX MAKES NO REPRESENTATIONS AND DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, AVIATRIX SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, COMPLIANCE WITH LAWS, NON-INFRINGEMENT, AND ACCURACY, AND AVIATRIX DOES NOT WARRANT THAT THE APPLICATION, SECURITY ASSESSMENT, OR REPORT WILL BE COMPREHENSIVE, ERROR-FREE, OR DEFINITIVE IN RESULTS.

8. LIMITATIONS OF LIABILITY.

Neither you nor Aviatrix will have any liability arising out of or related to this User Agreement for indirect, special, incidental, reliance or consequential damages or damages for incorrect results, loss of use, lost profits or interruption of business, even if informed of their possibility in advance. Except for a breach of confidentiality by Aviatrix, each party’s liability is limited to any fees paid by you for use of the Application. Liability from a breach of confidentiality by Aviatrix under this User Agreement is limited to $100,000. The waivers and limitations in this Section apply regardless of the form of action, whether in contract, tort (including negligence), strict liability or otherwise and will survive and apply even if any limited remedy in this Agreement fails of its essential purpose.

9. GENERAL.

9.1. Independent Contractors. The parties are independent contractors, not agents, partners or joint venturers.

9.2. Waivers and Severability. Waivers must be signed by the waiving Party’s authorized representative and cannot be implied from conduct. If any provision of this Agreement is held invalid, illegal or unenforceable, it will be limited to the minimum extent necessary so the rest of this Agreement remains in effect.

9.3 Governing Law; Jurisdiction and Venue. This User Agreement shall be governed by the laws of the United States of America and the State of California, excluding its conflict of laws rules. The United Nations Convention on the International Sale of Goods and the Uniform Computer Information Transactions Act are specifically excluded from application to this User Agreement. The Parties hereby submit to the exclusive jurisdiction of, and waive any venue jurisdiction or venue objections against, the state and Federal courts located in Santa Clara County, California.

9.4. Entire Agreement and Precedence; Amendments. This User Agreement is the complete and exclusive terms and conditions for use of the Application and Reports. Any other agreements, orders, or understanding between you and Aviatrix do not apply to this User Agreement or your use of the Application or Report.

EXHIBIT A: List of Third Parties providing AI Features