Security Vulnerability Sample Clauses

Security Vulnerability. If Supplier becomes aware of a Security Vulnerability in a Deliverable unless otherwise agreed by Supplier and INTESA in writing, Supplier will (i) provide INTESA with an Error Correction and Mitigation within the required time frames for all versions and releases of the Deliverable and (ii) provide INTESA Technical Coordinator (as specified in the PO) a written report with: A) a description of the Security Vulnerability, including the versions and releases of Deliverable affected, and its potential effects, exploits, and risks; and B) the Common Vulnerability Scoring System (CVSS) Base Score for the Security Vulnerability. For a Security Vulnerability that has been publicly disclosed and no Error Correction or Mitigation has been provided to INTESA, Supplier will provide the INTESA Technical Coordinator a planned fix date as soon as reasonably possible after such public disclosure, which must take into account the needs of INTESA Additional Warranties Supplier will use then-current, industry-standard best practices including scanning for security vulnerabilities to help prevent, detect, and correct Security Vulnerabilities in Deliverables (i.e. secure engineering practices and vulnerability management) and provide information on these practices at Buyer’s request. Attachment B: Data Privacy Personal Data, which is a subset of INTESA Materials (and therefore references to INTESA Materials in the Supplier Relationship Agreement, a PO or any other Attachment includes Personal Data), is any information about an identified or identifiable individual. Supplier makes the following ongoing representations and warranties regarding Personal Data:
Sample 1Sample 2
AutoNDA by SimpleDocs
Security Vulnerability. A “Security Vulnerability” is a set of conditions that leads or may lead to an implicit or explicit failure of the confidentiality, integrity or availability of a system. Security Vulnerabilities include, but are not limited to: (i) Executing commands as another user; (ii) Accessing data in excess of specified or expected permission; (iii) Posing as another user or service within a system; (iv) Causing an abnormal denial of service; (v) destroying data without permission; or (vi) Exploiting an encryption implementation weakness that significantly reduces the time or computation required to recover the plaintext from an encrypted message. Principal shall follow industry-standard software assurance practices (such as standards developed by XXXXXxxx.xxx, ISO or any successor or similar industry organization) to minimize the risk of Security Vulnerabilities being introduced in the Pivotal Software provided to Agent at any point in the product lifecycle. Upon external discovery (including, without limitation, by Agent or one of its customers) of any Security Vulnerability in the Pivotal Software, Principal shall follow industry best practices for handling and responding to vulnerabilities such as ISO Standards 29147 and 30111.
Sample 1
Security Vulnerability. Pivotal shall promptly notify VMware upon learning of a Security Vulnerability, unless under an active embargo. Should VMware then request it, Pivotal shall promptly make available to VMware, with respect to the perceived role or causal significance of the Product in the Security Vulnerability, the following information: (a) a description of what was discovered and the potential scope of risk in plausible settings including versions of the Product impacted; (b) Pivotal’s proposed method for distributing the remedy (e.g., patch, maintenance update, or product version upgrade); and (c) any other relevant information on possible workarounds or mitigating solutions. In addition, Pivotal shall use all reasonable commercial efforts to remedy any security vulnerability that has a CVSS score of 5.7 or higher (see xxxx://xxx.xxxx.xxx/cvss.cfm?calculator&version=2). Upon discovery by VMware or one of its customers of a Security Vulnerability, Pivotal shall follow industry best practices for handling and responding to vulnerabilities such as the National Infrastructure Advisory Council: Disclosing and Managing Vulnerability Guidelines (xxxx://xxx.xxx.xxx/xlibrary/assets/vdwgreport.pdf). Pivotal shall make available, upon request, information that outlines Pivotal’s practices for software assurance that minimize the risk of vulnerabilities being introduced in products at any point in the product lifecycle. Further, Pivotal shall have a mechanism for demonstrating the authenticity and integrity of Products provided to VMware (e.g., digitally signing mobile code or distributing product code from a trusted web site). VMware may from time to time request information from its supply chain, including software suppliers such as Pivotal, regarding the products that VMware licenses and purchases. VMware may request Pivotal to self-certify that its software and software development practices aligns with software integrity and security standards developed by XXXXXxxx.xxx or any successor or similar industry code security and integrity organization. Pivotal agrees to respond promptly and fully to such requests.
Sample 1
Security Vulnerability. Vendor will maintain appropriate processes to identify and correct any weakness in the Website, Intranet or Vendor’s Software, network services, operating system, application and/ or at a physical level that could allow a Security Incident to occur (“Security Vulnerability”).
Sample 1
Security Vulnerability an unintended flaw in software code or a system that leaves it open to the potential for exploitation in the form of unauthorized access or malicious behaviour such as viruses, worms, Trojan horses and other forms of malware.
Sample 1
Security Vulnerability. In order to maintain the Service as secure as possible, You must not disclose any security vulnerability to any person except the Corporation. As soon as possible upon discovering any issue or problem that may be pose a risk to the security or use of the system or to Your Data (or any data of any other user of the Service), You must notify us by contacting us at Xxxxxx.xxx.
Sample 1

Related to Security Vulnerability

  • Security Measures Lessee hereby acknowledges that the rental payable to Lessor hereunder does not include the cost of guard service or other security measures, and that Lessor shall have no obligation whatsoever to provide same. Lessee assumes all responsibility for the protection of the Premises, Lessee, its agents and invitees and their property from the acts of third parties.

  • Security System The site and the Work area may be protected by limited access security systems. An initial access code number will be issued to the Contractor by the County. Thereafter, all costs for changing the access code due to changes in personnel or required substitution of contracts shall be paid by the Contractor and may be deducted from payments due or to become due to the Contractor. Furthermore, any alarms originating from the Contractor’s operations shall also be paid by the Contractor and may be deducted from payments due or to become due to the Contractor.

  • Encryption The Fund acknowledges and agrees that encryption may not be available for every communication through the System, or for all data. The Fund agrees that Custodian may deactivate any encryption features at any time, without notice or liability to the Fund, for the purpose of maintaining, repairing or troubleshooting the System or the Software.

  • Security and Safeguarding Information (a) Confidential Information that contains Non-Public Personal Information about customers is subject to the protections created by the Xxxxx-Xxxxx-Xxxxxx Act of 1999 (the “Act”) and under the standards for safeguarding Confidential Information, 16 CFR Part 314 (2002) adopted by Federal Trade Commission (“FTC”) (the “Safeguards Rule”). Additionally, state specific laws may regulate how certain confidential or personal information is safeguarded. The parties agree with respect to the Non-Public Personal Information to take all appropriate measures in accordance with the Act, and any state specific laws, as are necessary to protect the security of the Non-Public Personal Information and to specifically assure there is no disclosure of the Non-Public Personal Information other than as authorized under the Act, and any state specific laws, and this Agreement. With respect to Confidential Information, including Non-Public Personal Information and Personally Identifiable Financial Information as applicable, each of the parties agrees that:

  • Measures SAP protects its assets and facilities using the appropriate means based on the SAP Security Policy • In general, buildings are secured through access control systems (e.g., smart card access system). • As a minimum requirement, the outermost entrance points of the building must be fitted with a certified key system including modern, active key management. • Depending on the security classification, buildings, individual areas and surrounding premises may be further protected by additional measures. These include specific access profiles, video surveillance, intruder alarm systems and biometric access control systems. • Access rights are granted to authorized persons on an individual basis according to the System and Data Access Control measures (see Section 1.2 and 1.3 below). This also applies to visitor access. Guests and visitors to SAP buildings must register their names at reception and must be accompanied by authorized SAP personnel. • SAP employees and external personnel must wear their ID cards at all SAP locations.

  • Cybersecurity; Data Protection To the Company’s knowledge, the Company and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (collectively, the “Personal Data”)) used in connection with their businesses, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same, except in each case as would not reasonably be expected to have a Material Adverse Effect. The Company and its subsidiaries are presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification.

  • Compatibility 1. Any unresolved issue arising from a mutual agreement procedure case otherwise within the scope of the arbitration process provided for in this Article and Articles 25A to 25G shall not be submitted to arbitration if the issue falls within the scope of a case with respect to which an arbitration panel or similar body has previously been set up in accordance with a bilateral or multilateral convention that provides for mandatory binding arbitration of unresolved issues arising from a mutual agreement procedure case.

  • Safety Where an employee is prevented from working at the employee’s particular function as a result of unsafe conditions caused by the inclement weather, the employee may be transferred to other work in the employee’s classification on site, until the unsafe conditions are rectified. Where such alternative is not available and until the unsafe conditions are rectified, the employee shall remain on site. The employee shall be paid for such time without reduction of the employees’ inclement weather entitlement.

  • Security / Passwords 2.1. A digital certificate and/or an encryption key may be required to access certain Services. You may apply for a digital certificate and/or an encryption key by following the procedures set forth at xxxx://xxx.xxx.xxx/certs/. You also will need an identification code (ID) and password(s) (Password) to access the Services.

  • Safeguards Business Associate, its Agent(s) and Subcontractor(s) shall implement and use appropriate safeguards to prevent the use or disclosure of PHI other than as provided for by this Agreement. With respect to any PHI that is maintained in or transmitted by electronic media, Business Associate or its Subcontractor(s) shall comply with 45 CFR sections 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312 (technical safeguards) and 164.316 (policies and procedures and documentation requirements). Business Associate or its Agent(s) and Subcontractor(s) shall identify in writing upon request from Covered Entity all of the safeguards that it uses to prevent impermissible uses or disclosures of PHI.

Time is Money Join Law Insider Premium to draft better contracts faster.