Security Vulnerability Sample Clauses

Security Vulnerability. If Supplier becomes aware of a Security Vulnerability in a Deliverable unless otherwise agreed by Supplier and INTESA in writing, Supplier will (i) provide INTESA with an Error Correction and Mitigation within the required time frames for all versions and releases of the Deliverable and (ii) provide INTESA Technical Coordinator (as specified in the PO) a written report with: A) a description of the Security Vulnerability, including the versions and releases of Deliverable affected, and its potential effects, exploits, and risks; and B) the Common Vulnerability Scoring System (CVSS) Base Score for the Security Vulnerability. For a Security Vulnerability that has been publicly disclosed and no Error Correction or Mitigation has been provided to INTESA, Supplier will provide the INTESA Technical Coordinator a planned fix date as soon as reasonably possible after such public disclosure, which must take into account the needs of INTESA Additional Warranties Supplier will use then-current, industry-standard best practices including scanning for security vulnerabilities to help prevent, detect, and correct Security Vulnerabilities in Deliverables (i.e. secure engineering practices and vulnerability management) and provide information on these practices at Buyer’s request. Attachment B: Data Privacy Personal Data, which is a subset of INTESA Materials (and therefore references to INTESA Materials in the Supplier Relationship Agreement, a PO or any other Attachment includes Personal Data), is any information about an identified or identifiable individual. Supplier makes the following ongoing representations and warranties regarding Personal Data:
Sample 1Sample 2
AutoNDA by SimpleDocs
Security Vulnerability. A “Security Vulnerability” is a set of conditions that leads or may lead to an implicit or explicit failure of the confidentiality, integrity or availability of a system. Security Vulnerabilities include, but are not limited to: (i) Executing commands as another user; (ii) Accessing data in excess of specified or expected permission; (iii) Posing as another user or service within a system; (iv) Causing an abnormal denial of service; (v) destroying data without permission; or (vi) Exploiting an encryption implementation weakness that significantly reduces the time or computation required to recover the plaintext from an encrypted message. Principal shall follow industry-standard software assurance practices (such as standards developed by XXXXXxxx.xxx, ISO or any successor or similar industry organization) to minimize the risk of Security Vulnerabilities being introduced in the Pivotal Software provided to Agent at any point in the product lifecycle. Upon external discovery (including, without limitation, by Agent or one of its customers) of any Security Vulnerability in the Pivotal Software, Principal shall follow industry best practices for handling and responding to vulnerabilities such as ISO Standards 29147 and 30111.
Sample 1
Security Vulnerability. Vendor will maintain appropriate processes to identify and correct any weakness in the Website, Intranet or Vendor’s Software, network services, operating system, application and/ or at a physical level that could allow a Security Incident to occur (“Security Vulnerability”).
Sample 1
Security Vulnerability an unintended flaw in software code or a system that leaves it open to the potential for exploitation in the form of unauthorized access or malicious behaviour such as viruses, worms, Trojan horses and other forms of malware.
Sample 1
Security Vulnerability. Pivotal shall promptly notify VMware upon learning of a Security Vulnerability, unless under an active embargo. Should VMware then request it, Pivotal shall promptly make available to VMware, with respect to the perceived role or causal significance of the Product in the Security Vulnerability, the following information: (a) a description of what was discovered and the potential scope of risk in plausible settings including versions of the Product impacted; (b) Pivotal’s proposed method for distributing the remedy (e.g., patch, maintenance update, or product version upgrade); and (c) any other relevant information on possible workarounds or mitigating solutions. In addition, Pivotal shall use all reasonable commercial efforts to remedy any security vulnerability that has a CVSS score of 5.7 or higher (see xxxx://xxx.xxxx.xxx/cvss.cfm?calculator&version=2). Upon discovery by VMware or one of its customers of a Security Vulnerability, Pivotal shall follow industry best practices for handling and responding to vulnerabilities such as the National Infrastructure Advisory Council: Disclosing and Managing Vulnerability Guidelines (xxxx://xxx.xxx.xxx/xlibrary/assets/vdwgreport.pdf). Pivotal shall make available, upon request, information that outlines Pivotal’s practices for software assurance that minimize the risk of vulnerabilities being introduced in products at any point in the product lifecycle. Further, Pivotal shall have a mechanism for demonstrating the authenticity and integrity of Products provided to VMware (e.g., digitally signing mobile code or distributing product code from a trusted web site). VMware may from time to time request information from its supply chain, including software suppliers such as Pivotal, regarding the products that VMware licenses and purchases. VMware may request Pivotal to self-certify that its software and software development practices aligns with software integrity and security standards developed by XXXXXxxx.xxx or any successor or similar industry code security and integrity organization. Pivotal agrees to respond promptly and fully to such requests.
Sample 1

Related to Security Vulnerability

  • Vulnerability Management BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.

  • Security Measures Lessee hereby acknowledges that the rental payable to Lessor hereunder does not include the cost of guard service or other security measures, and that Lessor shall have no obligation whatsoever to provide same. Lessee assumes all responsibility for the protection of the Premises, Lessee, its agents and invitees and their property from the acts of third parties.

  • Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.

  • Security Safeguards (1) Each party acknowledges that it is solely responsible for determining and communicating to the other the appropriate technological, physical, and organizational security measures required to protect Personal Data.

  • Abuse and Neglect of Children and Vulnerable Adults: Abuse Registry Party agrees not to employ any individual, to use any volunteer or other service provider, or to otherwise provide reimbursement to any individual who in the performance of services connected with this agreement provides care, custody, treatment, transportation, or supervision to children or to vulnerable adults if there has been a substantiation of abuse or neglect or exploitation involving that individual. Party is responsible for confirming as to each individual having such contact with children or vulnerable adults the non-existence of a substantiated allegation of abuse, neglect or exploitation by verifying that fact though (a) as to vulnerable adults, the Adult Abuse Registry maintained by the Department of Disabilities, Aging and Independent Living and (b) as to children, the Central Child Protection Registry (unless the Party holds a valid child care license or registration from the Division of Child Development, Department for Children and Families). See 33 V.S.A. §4919(a)(3) and 33 V.S.A. §6911(c)(3).

  • Safeguarding and Protecting Children and Vulnerable Adults The Supplier will comply with all applicable legislation and codes of practice, including, where applicable, all legislation and statutory guidance relevant to the safeguarding and protection of children and vulnerable adults and with the British Council’s Child Protection Policy, as notified to the Supplier and amended from time to time, which the Supplier acknowledges may include submitting to a check by the UK Disclosure & Barring Service (DBS) or the equivalent local service; in addition, the Supplier will ensure that, where it engages any other party to supply any of the Services under this Agreement, that that party will also comply with the same requirements as if they were a party to this Agreement.

  • Security Badging Any Company employee, or any employee of its contractors or agents, that require unescorted access to the Security Identification Display Area (SIDA) to perform work under this Agreement will be badged with an Airport identification badge (hereinafter referred to as "Badge") provided by Authority’s ID Badging Department and will be subject to an FBI fingerprint-based criminal history records check (CHRC) and an annual Security Threat Assessment (STA). A new or renewed Badge will not be issued to an individual until the results of the CHRC and the STA are completed and indicate that the applicant has not been convicted of a disqualifying criminal offense. If the CHRC or STA discloses a disqualifying criminal offense, the individual’s new or renewed badge application will be rejected. The costs of the CHRC and the annual STA will be paid by Company. These costs are subject to change without notice, and Company will be responsible for paying any increase in the costs. All badged employees of Company and its contractors or agents will comply with Authority's regulations regarding the use and display of Badges. Company will be assessed a fine for each Badge that is lost, stolen, unaccounted for or not returned to Authority at the time of Badge expiration, employee termination, termination of the Agreement, or upon written request by Authority. This fine will be paid by Company within 15 days from the date of invoice. The fine is subject to change without notice, and Company will be responsible for paying any increase in the fine. If any Company employee is terminated or leaves Company’s employment, Authority must be notified immediately, and the Badge must be returned to Authority promptly.

  • Searchability Offering searchability capabilities on the Directory Services is optional but if offered by the Registry Operator it shall comply with the specification described in this section.

  • Security System The site and the Work area may be protected by limited access security systems. An initial access code number will be issued to the Contractor by the County. Thereafter, all costs for changing the access code due to changes in personnel or required substitution of contracts shall be paid by the Contractor and may be deducted from payments due or to become due to the Contractor. Furthermore, any alarms originating from the Contractor’s operations shall also be paid by the Contractor and may be deducted from payments due or to become due to the Contractor.

  • Grievability Denial of a petition for reinstatement is grievable. The grievance may not be based on information other than that shared with the Employer at the time of the petition for reinstatement.

Time is Money Join Law Insider Premium to draft better contracts faster.