Common use of Integration Security Review Clause in Contracts

Integration Security Review. SFDC may conduct periodic security evaluations of the Integration (“Security Reviews”), which may include a qualitative assessment involving review of a questionnaire completed by Partner, an interview with appropriate Partner personnel, and/or security testing. SFDC conducts such Security Reviews for its own benefit and Partner may not rely on, publicly disclose, or promote an Integration's successful passage of such Security Review. Partner shall not distribute an Integration unless such Integration has successfully passed the Integration Security Review. There may be fees associated with such review. If the Integration, in whole or in part, runs outside SFDC’s systems, security testing may include remote application-level security testing of the Integration, and network-level security testing including a vulnerability threat assessment. SFDC may conduct such testing itself or through a third party. SFDC will provide reasonable notice to Partner before starting such testing. SFDC will cooperate reasonably with Partner to mitigate the effects of such testing on Partner’s business and operations. Partner agrees to cooperate reasonably with such testing. Despite the foregoing, such testing may in rare cases cause downtime or other adverse effects on the Integration or Partner’s systems. Partner agrees that SFDC and its agents or contractors conducting the testing will bear no responsibility or liability arising from such testing. Any Partner Confidential Information to which SFDC obtains access in the course of a Security Review will be subject to Section 5 (Confidentiality).

Integration Security Review. SFDC may conduct periodic security evaluations of the Integration (“Security Reviews”), which may include a qualitative assessment involving review of a questionnaire completed by Partner, an interview with appropriate Partner personnel, and/or security testing. SFDC conducts such Security Reviews for its own benefit and Partner may not rely on, publicly disclose, or promote an a Integration's successful passage of such Security Review. Partner shall not distribute an a Integration unless such Integration has successfully passed the Integration Security Review. There may be fees associated with such review. If the Integration, in whole or in part, runs outside SFDC’s systems, security testing may include remote application-level security testing of the Integration, and network-level security testing including a vulnerability threat assessment. SFDC may conduct such testing itself or through a third party. SFDC will provide reasonable notice to Partner before starting such testing. SFDC will cooperate reasonably with Partner to mitigate the effects of such testing on Partner’s business and operations. Partner agrees to cooperate reasonably with such testing. Despite the foregoing, such testing may in rare cases cause downtime or other adverse effects on the Integration or Partner’s systems. Partner agrees that SFDC and its agents or contractors conducting the testing will bear no responsibility or liability arising from such testing. Any Partner Confidential Information to which SFDC obtains access in the course of a Security Review will be subject to Section 5 (Confidentiality).