aYceLogic CyberReview and Penetration Test Waiver Example<br>
-------------------------------------------------------------------------------<br>
<br>
CyberReview and Penetration Test Waiver<br>
<br>
Client A represented by<br> (Name:) ......................................................................<br>
WHEREAS:<br>
A. Client A wants some of its systems to be tested, aYceLogic Ltd has offered to perform such testing for Client A and Client A has accepted this offer. The assignment will be performed by aYceLogic Ltd' core-team members, external freelancers, and/or volunteers (the “Consultants”).<br>
<br>
B. Some of the activities performed by aYceLogic Ltd and the Consultants during the course of this assignment could be considered illegal, unless Client A has given permission for these activities. aYceLogic Ltd and the Consultant will only perform such activities if they have received the required permission.<br>
<br>
C. Client A is willing to give such permission to aYceLogic Ltd, the Consultants and any other person ROS might employ or engage for the assignment.<br>
<br>
DECLARES AS FOLLOWS:<br>
<br>
1. Client A is aware that aYceLogic Ltd will perform penetration testing services of the following systems of Client A, as described below. The services are intended to gain insight in the security of these systems. To do so, aYceLogic Ltd will access these systems, attempt to find vulnerabilities and gain further access and elevated privileges by exploiting any vulnerabilities found. aYceLogic Ltd will test the following targets (the “Targets”):<br>
<br>
• Target A<br>
• Target B<br>
<br>
2. Client A hereby grants aYceLogic Ltd and the Consultants on a date to be confirmed by email the broadest permission possible to perform the assignment, including the permission to:<br>
<br>
a. enter and use the Targets;<br>
<br>
b. circumvent, breach, remove and turn off any security measures protecting the Targets;<br>
<br>
c. copy, intercept, record, amend, delete, render unusable or inaccessible any data stored on, processed by or transferred via the Targets; and
<br>
d. hinder the access or use of the Targets, but Client A only grants the permission for these activities to the extent that (i) such activities are necessary to perform the assignment and (ii) such activities do not disrupt the normal business operations of Client A.<br>
<br>
3. The permission under Article 1 extends to all systems on which the Targets run, or which aYceLogic Ltd or the Consultant might encounter while performing the assignment, regardless of whether these systems are owned by third parties.<br>
<br>
4. Client A warrants that it has the legal authority to give the permission set out under Articles 1 and 2. It also warrants it has obtained the necessary permissions from any third parties referred to under Article 3.<br>
<br>
5. Should the public prosecutor initiate an investigation or criminal proceedings against aYceLogic Ltd or any of the consultants it engaged or employed as a result of the performance of the assignment for the customer, then Client A will co-operate fully with aYceLogic Ltd in defending against this investigation or proceedings, including by providing any evidence it has which relates to this investigation or these proceedings.<br>
<br>
Signed<br>
For Client A<br>
<br>
................................................................................
Name:.....................................................................<br>
Date: ....................................................................<br>