APPLICATION AND SOFTWARE SECURITY Sample Clauses

APPLICATION AND SOFTWARE SECURITY. In addition to Provider’s other obligations under the Agreement, including without limitation, Provider’s confidentiality and security obligations, Provider shall maximize the security of Software according to the following terms: 2.1. Provider will, at no additional cost to Company, develop secure Software via a Secure By Design approach. For purposes of this Schedule “Secure By Design” means that the Software minimizes security flaws based upon security principles and practices that include:
View SourceView Similar (2)
APPLICATION AND SOFTWARE SECURITY. Zscaler agrees that its Product(s) will, at a minimum, incorporate the following: a) Zscaler uses third party auditors at least annually, to conduct automated (i.e., SAST, DAST and SCA) and manual security (i.e., penetration testing) assessments to ensure the Product codebase contains no known exploitable conditions classified as ‘Critical/Very High’ or ’High’, or otherwise captured on the OWASP Top 10 or SAN Top 25 lists. b) Zscaler agrees to provide, maintain and support its software and subsequent updates, upgrades, and bug fixes, such that the software is, and remains secure from Common Software Vulnerabilities in accordance with its product end of life (EOL) and end of sale (EOS) policy. c) Zscaler agrees to provide updates and patches to remediate security vulnerabilities based on severity by CVSSv3 score and will work to remediate any known zero-day exploits without undue delay. In case of critical vulnerabilities, Zscaler will deploy mitigation with urgency upon discovering the issue and push out a patch without undue delay thereafter depending on risk level post mitigation.
View Source
APPLICATION AND SOFTWARE SECURITY. 2.1 In addition to Counterparty's other obligations under the Agreement, including without limitation, Counterparty's confidentiality and security obligations, Counterparty shall maximize the security of Software according to the terms of this Schedule. 2.1.1 Counterparty will, at no additional cost to Company, develop secure Software via a Secure By Design approach. For purposes of this Schedule "Secure By Design" means that the Software minimizes security flaws based upon security principles and practices that include:
View Source

Related to APPLICATION AND SOFTWARE SECURITY

  • SOFTWARE SECURITY If applicable, BA warrants that software security features will be compatible with the CE’s HIPAA compliance requirements. This HIPAA Business Associate Agreement-Addendum shall supersede any prior HIPAA Business Associate Agreements between CE and BA.

  • Software Services If elected by Customer, the following Software Services will be made available for Customer’s use. 2.1. Core HR Software Service is a system of interactive web pages to assist Customer in its human resource related recordkeeping and reporting. Customer shall ensure the accuracy of its Customer Data. The HR Software Services shall function in accordance with the Documentation, as may be amended from time to time, and provide features to aid Customer with its compliance with federal and state laws and regulations applicable to Human Resources (except as stated otherwise in the Documentation). 2.2. Recruiting Software Service is a system of interactive web pages to assist Customer in posting job requisitions, storing candidates, recording job applications, and the related recordkeeping and reporting. Customer shall ensure the accuracy of its Customer Data. The Recruiting Software Service shall function in accordance with the Documentation which may be amended from time to time.

  • New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.

  • DATA PROTECTION AND SECURITY A. In this Agreement the following terms shall have the meanings respectively ascribed to them:

  • Core Services The Company agrees to provide to the Municipality the Core Services set forth in Schedule “A”. The Company and the Municipality may amend Schedule “A” from time to time upon mutual agreement.