Intruvent Technologies
Contact us
BRACE Platform

Subscription Agreement

Breach Recognition And Classification Engine

Effective Date: January 1, 2025

Important: This Subscription Agreement ("Agreement") governs your access to and use of the BRACE threat intelligence platform. By subscribing to or using BRACE, you agree to be bound by this Agreement. If you are entering into this Agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity.

1. Definitions

"Affiliate"
Any entity that directly or indirectly controls, is controlled by, or is under common control with a party.
"Authorized Users"
Customer's employees, contractors, and agents who are authorized by Customer to access and use the BRACE Platform under this Agreement.
"BRACE Platform" or "Platform"
The Breach Recognition And Classification Engine, including all software, APIs, dashboards, reports, threat intelligence data, and related services provided by Intruvent.
"Customer Data"
Any data, information, or materials submitted by Customer to the Platform, excluding Threat Intelligence.
"Documentation"
User guides, technical documentation, and other materials provided by Intruvent describing the features and functionality of the Platform.
"Order Form"
A mutually executed ordering document specifying the subscription tier, fees, term, and other details of Customer's subscription.
"Subscription Term"
The period during which Customer has the right to access the Platform as specified in the Order Form.
"Threat Intelligence"
All threat data, indicators of compromise (IOCs), tactics, techniques and procedures (TTPs), threat actor profiles, sector reports, detection rules, and related intelligence provided through the Platform.

2. The BRACE Platform

2.1 Platform Description

BRACE is a cloud-based threat intelligence platform that provides:

  • Industry-specific threat intelligence reports
  • Real-time indicators of compromise (IOCs)
  • Threat actor tracking and attribution
  • MITRE ATT&CK framework mapping
  • Production-ready detection rules (Splunk, YARA, Sigma)
  • API access for integration with security tools
  • Executive threat briefings and analyst support (Enterprise tier)

2.2 Service Delivery

BRACE is delivered as a multi-tenant Software-as-a-Service (SaaS) solution. All customers access the Platform on shared infrastructure using the same codebase. We do not provide custom development, dedicated instances, or on-premises deployments under standard subscriptions.

2.3 Platform Updates

We continuously improve the Platform and may modify features, functionality, or user interfaces. We will provide reasonable notice of material changes that may adversely affect your use of the Platform.

3. Subscription Terms

3.1 Subscription Tiers

BRACE is offered in the following tiers:

Tier Description Starting Price
Starter Single sector, monthly reports, basic IOC feeds $399/month
Professional Multiple sectors, weekly reports, API access, detection rules $999/month
Enterprise Unlimited sectors, daily intelligence, analyst support, custom briefings Contact Sales

3.2 Free Trial

We may offer free trials at our discretion. During the trial period:

  • The Platform is provided "AS IS" without warranties
  • We may terminate your trial access at any time
  • Trial data may be deleted if you do not convert to a paid subscription
  • Trial periods do not automatically convert to paid subscriptions

3.3 Subscription Term and Renewal

Subscriptions are offered on annual terms unless otherwise specified in your Order Form. Subscriptions will automatically renew for successive periods of the same duration unless either party provides written notice of non-renewal at least thirty (30) days before the end of the current term.

4. Fees and Payment

4.1 Fees

Customer agrees to pay all fees specified in the Order Form. Fees are:

  • Due in advance for the subscription period
  • Non-refundable except as expressly provided in this Agreement
  • Exclusive of taxes, which Customer is responsible for paying

4.2 Payment Terms

Unless otherwise specified, invoices are due within thirty (30) days of the invoice date. We accept payment by credit card, ACH, or wire transfer.

4.3 Late Payment

Overdue amounts accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is less. We may suspend access to the Platform if payment is more than fifteen (15) days overdue.

4.4 Price Changes

We may change pricing for renewal terms by providing at least sixty (60) days written notice before the renewal date.

5. Access and Use Rights

5.1 License Grant

Subject to the terms of this Agreement, we grant Customer a non-exclusive, non-transferable, limited right to:

  • Access and use the Platform during the Subscription Term
  • Use Threat Intelligence for Customer's internal security operations
  • Integrate Platform data with Customer's security tools via API
  • Create derivative detection rules for Customer's internal use

5.2 Authorized Users

Customer may permit Authorized Users to access the Platform. Customer is responsible for:

  • Ensuring Authorized Users comply with this Agreement
  • Maintaining the confidentiality of account credentials
  • All activities that occur under Customer's account
  • Promptly notifying us of any unauthorized access

5.3 Third-Party Contractors

Customer may authorize managed security service providers (MSSPs) or other contractors to access the Platform on Customer's behalf, provided such access is solely for Customer's benefit and the contractor agrees to confidentiality obligations at least as protective as those in this Agreement.

6. Use Restrictions

Customer shall not, and shall not permit any third party to:

  • Redistribute: Sell, resell, license, sublicense, or distribute Threat Intelligence to third parties
  • Publish: Publicly disclose or publish Threat Intelligence without prior written consent
  • Compete: Use Threat Intelligence to create a competing product or service
  • Reverse Engineer: Decompile, disassemble, or reverse engineer the Platform
  • Circumvent: Attempt to bypass security measures or access controls
  • Overload: Use the Platform in a manner that could damage, disable, or impair our systems
  • Scrape: Use automated means to extract data beyond normal API usage
  • Misrepresent: Remove proprietary notices or misrepresent the source of intelligence

Attribution Requirement: If Customer is permitted to share specific Threat Intelligence externally, Customer must attribute the intelligence to "Intruvent BRACE Platform" or as otherwise specified.

7. Data and Intelligence

7.1 Threat Intelligence Ownership

All Threat Intelligence, including reports, IOCs, TTPs, and detection rules, remains the exclusive property of Intruvent. Customer receives only the limited rights expressly granted in this Agreement.

7.2 Customer Data

Customer retains all rights to Customer Data. Customer grants us a limited license to use Customer Data solely to provide the Platform and improve our services.

7.3 Aggregated Data

We may collect and use aggregated, anonymized data derived from Customer's use of the Platform for analytics, benchmarking, and service improvement. Such data will not identify Customer or any individual.

7.4 Intelligence Sources

Our Threat Intelligence is derived from multiple sources including open-source intelligence (OSINT), dark web monitoring, malware analysis, incident response engagements, and intelligence sharing partnerships. We do not guarantee the accuracy or completeness of third-party sourced intelligence.

8. Security and Compliance

8.1 Security Measures

We implement commercially reasonable security measures to protect the Platform and Customer Data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication requirements
  • Regular security assessments and penetration testing
  • Incident response procedures

8.2 Compliance

The Platform is designed to support Customer's compliance efforts but does not guarantee compliance with any specific regulation. Customer is responsible for determining whether the Platform meets Customer's regulatory requirements.

8.3 Data Location

The Platform is hosted in the United States. Customer consents to the processing and storage of data in the United States.

9. Support and Service Levels

9.1 Technical Support

We provide technical support via email during business hours (9 AM - 6 PM Pacific, Monday-Friday). Enterprise customers receive priority support and access to dedicated account managers.

9.2 Platform Availability

We target 99.5% uptime for the Platform, excluding scheduled maintenance. We will provide reasonable advance notice of scheduled maintenance that may affect availability.

9.3 Service Credits

If monthly uptime falls below 99.5% due to our systems (excluding scheduled maintenance, force majeure, or issues caused by Customer), Customer may request service credits. Credits are limited to 10% of the monthly subscription fee and must be requested within 30 days of the incident.

10. Confidentiality

10.1 Confidential Information

"Confidential Information" means any non-public information disclosed by one party to the other that is designated as confidential or that reasonably should be understood to be confidential. Threat Intelligence is Intruvent's Confidential Information.

10.2 Obligations

Each party agrees to:

  • Use Confidential Information only for purposes of this Agreement
  • Protect Confidential Information using at least the same care used for its own confidential information
  • Not disclose Confidential Information to third parties except as permitted
  • Limit access to Confidential Information to those with a need to know

10.3 Exceptions

Confidentiality obligations do not apply to information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was rightfully known before receipt; (c) is rightfully received from a third party without confidentiality restrictions; or (d) is independently developed without use of Confidential Information.

10.4 Required Disclosure

A party may disclose Confidential Information if required by law, regulation, or court order, provided the party gives reasonable advance notice (where permitted) and cooperates in limiting the scope of disclosure.

11. Intellectual Property

11.1 Intruvent IP

Intruvent and its licensors retain all rights, title, and interest in the Platform, Threat Intelligence, Documentation, and all related intellectual property. No rights are granted except as expressly set forth in this Agreement.

11.2 Customer IP

Customer retains all rights to Customer Data and any pre-existing intellectual property. Nothing in this Agreement transfers ownership of Customer's intellectual property to Intruvent.

11.3 Feedback

If Customer provides suggestions, enhancement requests, or other feedback regarding the Platform, Customer grants Intruvent a perpetual, irrevocable, royalty-free license to use such feedback for any purpose.

12. Warranties and Disclaimers

12.1 Intruvent Warranties

Intruvent warrants that:

  • The Platform will perform substantially in accordance with the Documentation
  • We will provide the Platform in a professional and workmanlike manner
  • We have the right to grant the licenses in this Agreement

12.2 Disclaimer

EXCEPT AS EXPRESSLY PROVIDED, THE PLATFORM AND THREAT INTELLIGENCE ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. WE DISCLAIM ALL IMPLIED WARRANTIES, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

12.3 Intelligence Disclaimer

THREAT INTELLIGENCE IS PROVIDED FOR INFORMATIONAL PURPOSES. WE DO NOT WARRANT THAT THE INTELLIGENCE IS COMPLETE, ACCURATE, OR CURRENT. WE DO NOT GUARANTEE DETECTION OF ALL THREATS OR PREVENTION OF SECURITY INCIDENTS. CUSTOMER IS SOLELY RESPONSIBLE FOR ITS SECURITY DECISIONS AND IMPLEMENTATIONS.

13. Limitation of Liability

13.1 Exclusion of Damages

NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, REVENUE, DATA, OR BUSINESS OPPORTUNITIES, REGARDLESS OF WHETHER SUCH DAMAGES WERE FORESEEABLE OR WHETHER A PARTY WAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

13.2 Liability Cap

EXCEPT FOR (A) CUSTOMER'S PAYMENT OBLIGATIONS, (B) EITHER PARTY'S INDEMNIFICATION OBLIGATIONS, OR (C) BREACHES OF SECTION 6 (USE RESTRICTIONS), EACH PARTY'S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE FEES PAID BY CUSTOMER DURING THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

13.3 Essential Purpose

THE LIMITATIONS IN THIS SECTION APPLY EVEN IF ANY LIMITED REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

14. Indemnification

14.1 Intruvent Indemnification

We will defend Customer against third-party claims that the Platform infringes a valid U.S. patent or copyright, and indemnify Customer for damages finally awarded. This obligation does not apply to claims arising from: (a) Customer's modification of the Platform; (b) combination with non-Intruvent products; (c) use in violation of this Agreement; or (d) continued use after we provide a non-infringing alternative.

14.2 Customer Indemnification

Customer will defend Intruvent against third-party claims arising from: (a) Customer Data; (b) Customer's violation of Section 6 (Use Restrictions); or (c) Customer's violation of applicable law.

14.3 Procedure

The indemnifying party's obligations are conditioned on: (a) prompt written notice of the claim; (b) sole control of the defense and settlement; and (c) reasonable cooperation from the indemnified party.

15. Term and Termination

15.1 Term

This Agreement is effective upon Customer's acceptance and continues until all subscriptions expire or are terminated.

15.2 Termination for Breach

Either party may terminate this Agreement if the other party materially breaches and fails to cure the breach within thirty (30) days of written notice. We may terminate immediately for violations of Section 6 (Use Restrictions).

15.3 Termination for Convenience

Customer may not terminate for convenience during a subscription term. If Customer wishes to terminate, the subscription will end at the conclusion of the current term without renewal.

15.4 Effect of Termination

Upon termination:

  • All rights granted to Customer terminate immediately
  • Customer must cease all use of the Platform and Threat Intelligence
  • Customer must return or destroy all Confidential Information
  • We may delete Customer Data after thirty (30) days
  • Fees paid are non-refundable, and fees owed become immediately due

15.5 Survival

Sections 1, 6, 7, 10, 11, 12, 13, 14, 15.4, 15.5, and 16 survive termination.

16. General Provisions

16.1 Governing Law

This Agreement is governed by the laws of the State of California, without regard to conflict of law principles. The parties consent to exclusive jurisdiction in the state and federal courts of Orange County, California.

16.2 Dispute Resolution

The parties will attempt to resolve disputes through good faith negotiations. If unsuccessful within thirty (30) days, disputes will be resolved by binding arbitration under JAMS Streamlined Arbitration Rules in Orange County, California. Either party may seek injunctive relief in court to protect intellectual property or confidential information.

16.3 Assignment

Customer may not assign this Agreement without our prior written consent. We may assign this Agreement in connection with a merger, acquisition, or sale of substantially all assets. Any purported assignment in violation of this section is void.

16.4 Notices

Notices must be in writing and sent to the addresses in the Order Form. Notices are effective upon receipt.

16.5 Entire Agreement

This Agreement, including all Order Forms, constitutes the entire agreement between the parties and supersedes all prior agreements. This Agreement may only be modified in writing signed by both parties.

16.6 Severability

If any provision is found unenforceable, the remaining provisions remain in effect, and the unenforceable provision will be modified to the minimum extent necessary to make it enforceable.

16.7 Waiver

Failure to enforce any right is not a waiver of that right. Waivers must be in writing to be effective.

16.8 Force Majeure

Neither party is liable for delays or failures caused by circumstances beyond reasonable control, including natural disasters, war, terrorism, strikes, or government actions.

16.9 Export Compliance

Customer agrees to comply with all applicable export control laws and regulations. Customer represents that it is not located in, or a national of, any country subject to U.S. trade sanctions.