A2N siteSECURE Service & Terms

A2N siteSECURE

The A2N SECURE service is a paid service for website owners that examines their websites for potential vulnerabilities on a regular basis, and, if no issues are found, enables the site to display the A2N siteSECURE certification and/or trustmark.

Service Definition

The Service includes (but is not limited to) the provision of A2N siteSECURE certification service for websites, a service that performs vulnerability and penetration audits on web sites and assessed against the OWASP ISO IEC 27034 Application Security Controls Standards.

Conditions of Issuing:

  1. Customer must pass a web application penetration test and have no vulnerabilities present.
  2. FOR TRUSTMARK USE:  Customer must pass a weekly web application vulnerability scan to remain compliant.  If vulnerabilities are identified, the A2N siteSECURE trustmark must be removed from the web site. The web site owner has two weeks to restore the site to a zero vulnerability status.  The A2N siteSECURE trustmark may be restored when that status is restored.
  3. Customer web applications must meet or exceed the requirements as set forth within the OWASP ISO IEC 27034
  4. The service is subject to compliance conditions as laid out within the ISO 27034 standards.
  5. Customer must pay annual rights and testing fees to maintain the privilege to display the A2N siteSECURE certificate and/or trustmark.
  6. Customer may use the A2N siteSECURE certificate and trustmark only when the parameters are met.
  7. Customer must re-certify every 6 months.
  8. Customer must re-certify on every major code revision or any platform (operating system or web server) change.
  9. The certificate offers no guarantee or warranty to any third party that the company is invulnerable to attack or breaches in its security, and A2N accordingly accepts no liability to any third party in the event of loss or damage of any description caused by any failure in, or breach of, customer’s security.

Certificate & Trustmark Limitations

Customer may not modify, alter, copy, reproduce, or distribute the Service. Customer may not directly rent, lease, lend, sell, or redistribute the Service.  If Customer breaches these restrictions, or otherwise exceeds the scope granted in these Terms, then Customer may be subject to prosecution and damages, as well as liability for infringement of intellectual property rights, and denial of access to the Service.

Limitation of Liability

  1. In no event will A2N be liable to customer for any indirect, incidental, special, consequential or punitive damages (including damages for loss of profits, goodwill, or any other intangible loss) arising out of or relating to customer’s access to or use of, or customer’s inability to access or use, the service or any materials or content on the service, whether based on warranty, contract, tort (including negligence), statute, or any other legal theory, and whether or not A2N has been informed of the possibility of damage.
  2. The aggregate liability of A2N to customer for all claims arising out of or relating to the use of or any inability to use any portion of the service or otherwise under these terms whether in contract, tort, or otherwise, is limited to the greater of: (i) the amount customer paid to A2N for access to and use of the service in the 3 months prior to the event(s) giving rise to claim; or (ii) $100.
  3. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages.  Accordingly, the above limitation may not apply to customer.
  4. Each provision of these terms that provides for a limitation of liability, disclaimer of warranties, or exclusion of damages is intended to and does allocate the risks between the parties under these terms. This allocation is an essential element of the basis of the bargain between the parties. Each of these provisions is severable and independent of all other provisions of these terms. The limitations in this section will apply even if any limited remedy fails of its essential purpose.

Indemnity

Customer agrees to indemnify, hold harmless, and defend A2N, its officers, directors, employers, agents, suppliers, licensors, and third party information providers, or other related parties from and against all losses, damages, costs, and attorney’s fees (“Claims”) resulting from violation of these Terms or any action, whether intentional, malicious, inadvertent, wrongful or negligent, related to Customer’s account, Customer’s use of the Service or any other person or persons who uses Customer’s user account. A2N does NOT indemnify Customer against such Claims made against Customer by others as a result of Customer’s use of the Service.

Breach

Customer is in breach of these Terms if Customer fail to pay any amount owed to A2N when due, subject to a 10 day grace period, or Customer fails to comply with these Terms. Unless otherwise stated, fees for the Service are due in advance and subject to payment terms in the invoice(s) for the Service, which are incorporated into these Terms by reference. If Customer is in default, A2N may take any or all of the following actions to remedy the default and protect its interests: (a) declare all unpaid monies immediately due and payable; (b) terminate the Service; (c) take any other lawful action A2N may deem appropriate to enforce Customer’s obligations under these Terms. Customer agrees to pay costs and reasonable attorney’s fees A2N may incur enforcing its rights under this agreement.