Welcome to the CISO Marketplace! Global Shipping + Currencies & SOL/ ETH/ BNB/ MATIC Accepted at checkout.

Master Service Agreement

Version: 1.0

Effective Date: 2/17/2025

MASTER SERVICE AGREEMENT

This Master Service Agreement ("Agreement") is entered into as of the date of electronic acceptance ("Effective Date") by and between QSai LLC, a Texas, United States of America limited liability company ("Service Provider"), and the client ("Client") (collectively, the "Parties"). By clicking "Accept" or by otherwise engaging the Services on our website, Client agrees to be bound by the terms and conditions of this Agreement.

1. DEFINITIONS

1.1 "Agreement" means this Master Service Agreement, including all exhibits, schedules, Statements of Work ("SOW"), and any amendments hereto that are incorporated by reference.

1.2 "Services" means the cybersecurity consulting and offensive security assessment services provided by Service Provider as described in any applicable SOW, including but not limited to penetration testing, vulnerability assessments, and simulated attack exercises.

1.3 "Client Data" means any data, information, or materials provided by Client to Service Provider in connection with the Services.

1.4 "Confidential Information" means any non-public information disclosed by one Party to the other that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including but not limited to technical, business, and security information.

1.5 "Deliverables" means all reports, documents, analyses, and other materials developed or delivered by Service Provider to Client under this Agreement.

1.6 "Offensive Security Assessment" means a security evaluation service that includes penetration testing, vulnerability assessments, and other authorized simulated attacks designed to identify security weaknesses, as further detailed in the applicable SOW.

1.7 "Testing Environment" means the systems, networks, or applications designated by Client for the purpose of conducting an Offensive Security Assessment.

2. SCOPE OF SERVICES

2.1 Engagement. Subject to the terms of this Agreement, Service Provider shall perform the Services described in each applicable SOW. Each SOW shall detail the scope, deliverables, timelines, milestones, fees, and any specific terms related to the engagement.

2.2 Change Management. Any changes to the scope of Services must be agreed upon in writing by both Parties via an amended SOW.

2.3 Authorization. Client represents and warrants that it holds all necessary rights, consents, and permissions to request and authorize an Offensive Security Assessment on the systems specified in the SOW, and that such systems are fully under Client's control or otherwise lawfully accessible for testing.

2.4 Testing Protocol & Limitations.

  • (a) Client acknowledges that Offensive Security Assessments involve simulated cyber-attacks which, despite reasonable precautions, may result in system slowdowns or temporary disruptions.
  • (b) Client agrees to implement appropriate backups, contingency plans, and notify internal stakeholders before testing commences.
  • (c) Service Provider will exercise commercially reasonable care but shall not be liable for indirect or unforeseen outcomes resulting from the testing activities, except as otherwise provided herein.

3. CLIENT RESPONSIBILITIES

3.1 Access and Cooperation. Client agrees to provide Service Provider with timely access to systems, personnel, and any required information necessary to perform the Services. This includes designating a primary contact and ensuring that relevant personnel are available to address queries.

3.2 Data Accuracy. Client warrants that all information and data provided to Service Provider is accurate, complete, and up-to-date.

3.3 Compliance and Internal Policies. Client shall comply with all applicable laws, regulations, and internal policies. Client further agrees to obtain any necessary internal authorizations before engaging in an Offensive Security Assessment.

3.4 Pre-Assessment Notification. Client agrees to notify all affected third parties or subsidiaries, if applicable, and secure all necessary internal and external approvals prior to the commencement of any testing activities.

4. FEES, EXPENSES, AND PAYMENT

4.1 Fees. Client shall pay all fees for the Services as set forth in the applicable SOW. Fees do not include taxes, which shall be the responsibility of Client unless otherwise stated.

4.2 Payment Terms. Invoices are due within thirty (30) days from the invoice date. Late payments will accrue interest at a rate of 1.5% per month or the highest rate permitted by applicable law, whichever is lower.

4.3 Expenses. Client shall reimburse Service Provider for reasonable out-of-pocket expenses incurred in connection with the Services, provided such expenses are pre-approved in writing by Client.

4.4 Suspension of Services. In the event of non-payment, Service Provider reserves the right to suspend the Services until such time as all outstanding balances are paid in full.

4.5 Additional Charges. Any additional work outside the agreed scope must be documented in a written change order and may incur additional charges.

5. INTELLECTUAL PROPERTY RIGHTS

5.1 Pre-Existing IP. Each Party retains all right, title, and interest in its pre-existing intellectual property. No rights to one Party's pre-existing intellectual property are granted to the other except as expressly provided herein.

5.2 Developed IP. Unless otherwise agreed in writing, any Deliverables or intellectual property developed solely by Service Provider in connection with the Services shall be considered a "work made for hire" and become the exclusive property of Client upon full payment. Notwithstanding the foregoing, Service Provider grants Client a perpetual, worldwide, royalty-free license to use any underlying tools, methodologies, or software incorporated into the Deliverables solely for Client's internal use.

5.3 License Restrictions. Client shall not modify, reverse engineer, sublicense, or distribute any intellectual property provided by Service Provider without prior written consent.

5.4 Third-Party Materials. Any third-party software, tools, or materials incorporated into the Deliverables shall be subject to the applicable third-party licenses, and Service Provider disclaims any warranties with respect thereto.

6. CONFIDENTIALITY AND DATA SECURITY

6.1 Confidentiality Obligations. Each Party agrees to:

  • (a) Maintain the confidentiality of Confidential Information received from the other Party;
  • (b) Use Confidential Information solely for the purpose of performing obligations under this Agreement;
  • (c) Disclose Confidential Information only to employees or agents who need to know such information and who are bound by confidentiality obligations no less restrictive than those herein.

6.2 Data Security. Service Provider will implement commercially reasonable security measures to protect Client Data from unauthorized access, disclosure, alteration, or destruction, in compliance with applicable data protection laws and industry best practices as of 2025.

6.3 Data Breach Notification. In the event of any security breach affecting Client Data, Service Provider shall notify Client promptly and shall cooperate with Client in investigating and mitigating the breach.

6.4 Exclusions. Confidential Information does not include information that (i) is or becomes publicly known through no breach of this Agreement; (ii) was rightfully in the receiving Party's possession before disclosure; or (iii) is independently developed without reference to the disclosing Party's Confidential Information.

7. REPRESENTATIONS AND WARRANTIES

7.1 Mutual Representations. Each Party represents and warrants that it has the authority to enter into this Agreement and that its performance hereunder will not violate any applicable law or contractual obligation.

7.2 Service Provider Warranties. Service Provider warrants that it will perform the Services in a professional and workmanlike manner in accordance with industry standards. Service Provider does not warrant that the Services will identify every vulnerability or security risk.

7.3 Disclaimer of Additional Warranties. EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES ARE PROVIDED "AS IS," AND SERVICE PROVIDER DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

8. LIMITATION OF LIABILITY AND INDEMNIFICATION

8.1 Indemnification by Client. Client agrees to indemnify, defend, and hold harmless Service Provider and its affiliates, officers, directors, employees, and agents from any third-party claims, damages, losses, liabilities, or expenses (including reasonable attorneys' fees) arising from:

  • (a) Client's breach of this Agreement;
  • (b) Client's negligence or willful misconduct; or
  • (c) Client's violation of any applicable law or regulation.

8.2 Indemnification by Service Provider. Service Provider agrees to indemnify, defend, and hold harmless Client and its affiliates, officers, directors, employees, and agents from any third-party claims, damages, losses, liabilities, or expenses (including reasonable attorneys' fees) arising from:

  • (a) Service Provider's gross negligence or willful misconduct in the performance of the Services; or
  • (b) Service Provider's material breach of this Agreement.

8.3 Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY'S TOTAL LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL EXCEED THE FEES PAID BY CLIENT TO SERVICE PROVIDER UNDER THE APPLICABLE SOW. IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

9. TERM AND TERMINATION

9.1 Term. This Agreement shall commence on the Effective Date and continue until terminated in accordance with this Section.

9.2 Termination for Convenience. Either Party may terminate this Agreement or any SOW for any reason upon thirty (30) days' written notice to the other Party.

9.3 Termination for Cause. Either Party may terminate this Agreement or any SOW immediately upon written notice if the other Party materially breaches any provision of this Agreement and fails to cure such breach within fifteen (15) days after receiving written notice thereof.

9.4 Effect of Termination. Upon termination or expiration:

  • (a) Client shall pay Service Provider for all Services rendered and expenses incurred through the effective date of termination;
  • (b) All licenses, rights, and obligations granted under Sections 5, 6, 7, 8, and any other surviving provisions shall survive termination.

10. DISPUTE RESOLUTION

10.1 Good Faith Negotiations. In the event of any dispute arising out of or relating to this Agreement, the Parties agree to meet in good faith to attempt to resolve the dispute amicably.

10.2 Mediation and Arbitration.

  • (a) If the dispute is not resolved within thirty (30) days after notice, the Parties agree to submit the dispute to mediation administered by 'TBD' Institution in Houston, Texas.
  • (b) If mediation fails to resolve the dispute within 10 days, the dispute shall be resolved by binding arbitration in accordance with the rules of 'TBD' Institution then in effect.
  • (c) The arbitration decision shall be final and binding on the Parties, and judgment upon the award rendered by the arbitrator(s) may be entered in any court having jurisdiction.

10.3 Governing Law. This Agreement shall be governed by and construed in accordance with the laws of Texas, United States of America, without regard to its conflicts of law principles.

11. MISCELLANEOUS

11.1 Force Majeure. Neither Party shall be liable for any delay or failure to perform its obligations under this Agreement due to causes beyond its reasonable control, including, but not limited to, acts of God, natural disasters, labor disputes, or governmental actions.

11.2 Notices. All notices or communications under this Agreement must be in writing and will be deemed given when delivered by certified mail, courier, or email (with confirmation of receipt) to the addresses specified in the applicable SOW or as otherwise provided by the Parties.

11.3 Assignment. Neither Party may assign this Agreement or any rights or obligations hereunder without the prior written consent of the other Party, except in connection with a merger, acquisition, or sale of substantially all of its assets, provided that the assignee agrees to be bound by the terms of this Agreement.

11.4 Entire Agreement. This Agreement, including all SOWs, exhibits, and amendments, constitutes the entire agreement between the Parties with respect to its subject matter and supersedes all prior and contemporaneous agreements, understandings, and communications, whether oral or written.

11.5 Amendment. No amendment or modification of this Agreement shall be effective unless in writing and signed by authorized representatives of both Parties.

11.6 Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.

11.7 Waiver. The failure of either Party to enforce any provision of this Agreement shall not constitute a waiver of future enforcement of that or any other provision.

11.8 Survival. The provisions of this Agreement that by their nature extend beyond termination or expiration shall survive any termination or expiration of this Agreement.

11.9 Counterparts. This Agreement may be executed in counterparts, each of which shall be deemed an original, and all of which together shall constitute one and the same instrument.

12. ACCEPTANCE

By clicking "Accept" or by purchasing the Services on our website, Client acknowledges that it has read, understood, and agrees to be bound by the terms of this Master Service Agreement.

Last Updated: 2/17/2025

© 2024 CISO Marketplace. All rights reserved.