Loading . . .

SOC Prime Threat Bounty Program Terms

Last Updated: June 10, 2024

Introduction

SOC Prime Threat BountyⓇ Program (“Program”) is an initiative by SOC Prime for crowdsourced detection engineering with monetary rewards. The Program unites enthusiastic and skilled individuals who develop content for threat detection and threat-hunting for a chance of exclusive publication on the SOC Prime Platform and to receive rating-based rewards based on the rule’s performance, incentivizing excellence in the development of behavior threat detection content and algorithms for proactive threat hunting.

Participation in the Program is subject to the terms and conditions set forth in these Terms and serves as a mutually beneficial collaboration between SOC Prime and the independent security researchers who participate in the Program, with the shared goal of enhancing the capabilities to withstand emerging threats at the global scale, fostering the professionalism of Program members, and creating a reliable and trusted environment for professional networking and collaboration.

“SOC Prime Platform” or “Platform” is a service for cross-platform threat detection content delivery, developed by security incident responders. SOC Prime Platform provides content and tools for searching, indexing, monitoring, analyzing, and visualizing information and data on cybersecurity threats to improve the efficiency of Security Information and Event Management (“SIEM”), Endpoint Detection and Response (“EDR”), Network Security Monitoring (“NSM”), Network Traffic Analysis (“NTA”) and Network Threat Detection & Response ("NTDR") solutions.

These Threat Bounty Program Terms (“Terms”), along with our Privacy Policy (“Privacy Policy”) and other guidelines or rules posted within our Platform, constitute the entire and only agreement between you (“you” or “your”) and SOC Prime, Inc. (“SOC Prime”, “we”, “us” or “our”), and supersedes all other agreements, representations, and warranties.

These Terms set forth the terms under which you may participate in the Threat Bounty Program after the successful submission of an application for participation in the Program and registration of your personal account with the Program. By submitting an application and upon acceptance by SOC Prime, you gain the opportunity to supply quality-tested Partner Content (as defined in Section 3 herein) through the Program to SOC Prime for use on the Platform. This content may be utilized by users and customers of the Platform (“User” or “Client”).

Please note that submitting an application for participation in the Program does not guarantee acceptance into the Program. SOC Prime reserves the right to evaluate and select applicants based on predefined criteria and suitability for the Program.

These Terms are not intended to and shall not be construed to create an employment relationship between you and SOC Prime or its representatives. The participants of the Program are not employees, contractors, or agents of SOC Prime but are independent third parties who want to participate in the Program and submit their content for monetization to the SOC Prime Platform.

Participation in the Program does not grant any privileges or access rights to SOC Prime resources, including, but not limited to the SOC Prime Platform. SOC Prime reserves the right to enforce any applicable terms of service on its owned resources, and participants of the Program are expected to adhere to them accordingly.

1. Eligibility

Only persons acting in their own individual capacity can participate in the Program. Companies and legal entities are not permitted to participate. If you would like to use corporate email, you must provide us with written permission from the organization you work for to participate in and waive any claim in relation to Partner Content created by you.
You ARE NOT eligible to participate in the Program if you meet any of the following criteria:

  • You are subject to Export Control and Sanctions Laws or other significant trade restrictions, meaning that you are not a resident of, or located in, any country that is subject to comprehensive U.S. sanctions, including but not limited to Russia, Venezuela, Sudan, Zimbabwe, Myanmar (Burma), Nicaragua, Cuba, Iran, North Korea, and Syria. You are under the age of 18 and have not obtained your parent's or legal guardian's permission before participating;
  • If you work for an organization that does not permit you to participate in this Program or similar programs, you are responsible for reviewing your employer's rules for participating in this Program.

If you have been within the past six months or are currently an employee/independent contractor of SOC Prime or an affiliate of SOC Prime, we may, at our sole discretion, bar you from participating in the Program.

You acknowledge that you do not use equipment, supplies, facility, or trade secret information of your employing company to create the Partner Content and that the Partner Content is developed entirely in your own time, and (1) it is not related (i) directly to the business of your employing company, or (ii) to your employing company’s actual or demonstrably anticipated research or development, and (2) the Partner Content is not the result of any work performed by you for your employing company.

If you are participating in violation of your employer’s policies, you may be disqualified from participating or receiving any Reward. SOC Prime does not knowingly allow participation in the Program in violation of these Terms.

2. Account

To supply Partner Content to SOC Prime as a member of the Program, you will have to join the Program by submitting an Application Form. Please ensure the accuracy of any additional information you provide in the application form. We require you to use your personal email when applying to participate in the Program and for any accounts or resources provided to you by SOC Prime as a part of your participation in the Program.

PARTICIPATION VERIFICATION PROCESS

After you join, request, or pass a registration with the Program in accordance with this Section, SOC Prime engineers will review your account data and validate its eligibility.

We will not approve your application to join the Program if we determine that you are not eligible to participate.SOC Prime reserves the right to withhold the approval of your application for participation in the Program if, in our sole discretion, we determine that your participation is not conducive to a mutually beneficial relationship between you and SOC Prime. The review time will vary depending on the number and complexity of registration requests.

Upon approval of your application, you will receive an email(s) from us providing comprehensive instructions for activation of your account. You must keep your account password secure and confidential. You are responsible for all Partner Content uploaded using your account name and password and for all activity through your account. You are solely responsible for all activities that occur in connection with your account and must not bring about harm to any of the other Users, third parties, or SOC Prime. You may not: (i) breach or circumvent any laws, third-party rights, or our policies or instructions regarding the use of the Program or other SOC Prime resources; (ii) allow for another person or party to access your account or transfer your account to someone else.

You agree to notify us immediately of any unauthorized access to or use of your username or password or any other security breach.

Your email is kept by us to identify your membership in the Program and your submitted Content. If you would like to change your email address, please contact us at support@socprime.com.

3. Partner Content

Subject to these Terms, you are permitted to submit Your Own Content for threat detection, threat hunting, and incident response (“Partner Content”, “Content”) through the Program to Platform, provided that this content does not violate these Terms and satisfies the content requirements established by SOC Prime, for a chance to earn rewards in an amount determined by SOC Prime ("Reward").

Partner Content includes, but is not limited to, Sigma Rules, a generic signature format for SIEM systems. The following types of Content are not accepted under the Program: YARA Rules, Snort Rules, Red Tests, Config, Data Enricher, and Playbook.

By “Your Own Content,” we mean content that is your original work, created by you, and which does not violate any intellectual property rights of any third party.

PARTNER CONTENT LICENSE

You hereby grant SOC Prime (to the extent permitted by applicable law) a non-exclusive, transferable, perpetual, irrevocable, sub-licensable, paid-up, worldwide right and license to use, copy, modify, adapt, reproduce, create derivative works based upon, distribute, perform, publicly display, transmit, and otherwise use your Partner Content, market, and commercialize the Partner Content for its business purposes in connection with the operation and promotion of the Platform and Partner Content offered by SOC Prime or otherwise available through the Platform or for any purpose and in any form of media now existing or hereafter available or developed (“Content License”).

SOC Prime agrees to use any personally identifiable information under SOC Prime’s Privacy Policy. However, our Privacy Policy applies to any personal data about you that may be contained in the Partner Content, as only you, and not SOC Prime, control how Partner Content is processed.

In addition, you hereby irrevocably represent and warrant to SOC Prime that (i) you have all necessary power, authority, right, title, and/or licenses to grant to SOC Prime the foregoing Content License.

Restrictions on Partner Content. You hereby agree not to submit any Partner Content that (i) is unlawful, violates any right of publicity, or invades the privacy of others, (ii) violates any intellectual property rights of any third party; (iii) constitutes obscene, or otherwise objectionable material, (iv) violates any applicable law or government regulation; (v) deploys to the Platform any robot, spider, scraper, website search/retrieval application, or other application designed to retrieve, index, "data mine," information from the Platform; (vi) contains: (1) any advertisement, promotional materials or solicitation related to any product or service that is competitive with SOC Prime products or services; (2) software or programs which contain any harmful code, including, but not limited to, viruses, worms, time bombs or Trojan horses; (3) Indicators of compromise (IoCs); (4) US social numbers; (5) Payment cards details; (6) IP-addresses; (7) Hashes; (8) Bitcoin wallets, etc.

This list of prohibitions provides examples and is not exhaustive. SOC Prime reserves the right to (i) terminate access to your account and your ability to use the Program, or submit your content to the Platform, and (ii) refuse, delete, or remove Partner Content with or without cause and with or without notice. This may occur if, at our sole discretion, we determine that your participation in the Program is no longer mutually beneficial, or for any action that SOC Prime deems inappropriate.

SOC Prime may modify or adapt your Partner Content for transmission, display, or distribution over computer networks and in various media and/or make changes to Partner Content as necessary to comply with and adapt it to any requirements or limitations of any devices, services, or media. SOC Prime may, at its sole discretion and unilaterally, make changes to Partner Content to improve its and publish Partner content indicating your and SOC Prime’s co-authorship. If you disagree with the indication of your authorship on a Partner Content modified by SOC Prime, you can request the removal of your Partner Content.

The Partner Content is sublicensable to Users under the terms of the Detection Rule License (may be updated from time to time), which can be found by following this link: https://github.com/SigmaHQ/sigma/blob/master/LICENSE.Detection.Rules.md, (hereinafter the “DLR license”). By uploading Partner Content, you agree that the Partner Content will be available to SOC Prime and its Users under the DLR license.

Your license grant(s) to us will survive for these Terms, and thereafter, to the extent a User has obtained a sublicense to your Partner Content, your license to us will be irrevocable with respect to each such sublicense and will survive for so long as that sublicense exists. If you ever decide that you do not want to allow your Partner Content to continue being licensed, please follow the instructions under the Termination Section below.

CONTENT REPRESENTATIONS

You represent that:

  • each of your Partner Content is your original work;
  • your Partner Content includes complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which you are aware and which are associated with any part of your Partner Content;
  • you are legally entitled to grant the licenses as outlined in the Partner Content License Section 4;
  • if you are submitting as an individual, and if your employer(s) has intellectual property rights to the Partner Content created by you, you represent that you have received permission to make that Partner Content on behalf of that employer and that your employer has waived such rights for your Partner Content to SOC Prime, or that your employer has executed a separate agreement with SOC Prime granting such rights and/or waivers.

CONTENT REQUIREMENTS

Quality Standards: Your Partner Content must meet the quality standards and criteria established by SOC Prime. This means that your submitted Сontent shall adhere to the following:

  • Сontent should be original and not violate these Terms, the DRL License, or the Intellectual Property rights of any third party;
  • Content should be accurate, original, and creative works, not adaptations, or translations of the existing rules;
  • Content should not violate any provision of these Terms or any other applicable laws, regulations, or third-party rights;
  • Content should be behavioral threat detection code, meaning that it should identify and detect cyber threats by analyzing and correlating behavior patterns;
  • Content should have correct detection logic, proper syntax (relevant for the format depending on the content type), and the relevant description;
  • Content shall be tagged with relevant MITRE ATT&CK Techniques, Tools, and Actors where appropriate and have references to open-source information related to the detection, Log sources, Compliance tags, etc.

For detailed information on these requirements, please refer to the Help Center. Failure to comply with Partner Content requirements will render your content ineligible for publication on the SOC Prime Platform.

CONTENT VERIFICATION

All Partner Content shall undergo the Content Verification procedure before publication on the SOC Prime Platform. SOC Prime will test all the Content you upload, from spellcheck to IOC lookups and metadata tagging, including the automated check for Sigma rules prior to the personnel review.

All Partner Content is reviewed and determined for eligibility for publication one after another, starting from the Content that was received for review first. Each Partner Content that is received for review is reviewed based on the same standards and criteria, regardless of the Content Author(s), date of Content creation by the Author, and how many times the Partner Content has been edited or corrected. We will do our best to review the Partner Content as quickly as possible; however, we do not guarantee any specific review term.

For each Rule, the team of SOC Prime engineers determines whether the suggested Content is eligible for publication through the Program. We will notify you about the approval or rejection reason for your Partner Content publication. Where possible, you may edit the Rules in order to bring them into compliance with the acceptance criteria and submit them for SOC Prime review. SOC Prime retains sole discretion in determining which Partner Content is qualified.

SOC Prime does not provide private consultations within the Program and encourages Threat Bounty members to engage with the SOC Prime Community for technical discussions.

CONTENT DELETION

Deletion of the Content by SOC Prime. SOC Prime reserves the right to refuse to accept or delete any Partner Content that SOC Prime may determine, in its sole discretion: (i) violates or may infringe, misappropriate or violate these Terms, the intellectual property, proprietary, or other rights of third parties; (ii) does not comply with SOC Prime’s content quality standards; or (iii) is otherwise objectionable or unacceptable; (iv) is not popular among the Users (e.g., had 0 downloads and low views over the last 24 months after publishing); (v) is publicly available on resources which are not owned by SOC Prime; (vi) is the same (has the same name or the duplicate detection) or similar to existing Content; (vii) is translated from third party sources.

Deletion of the Content by you for convenience. If you wish to remove any or all of your Partner Content from the Platform, you can email us at support@socprime.com, and we, at our sole discretion, will either delete it entirely or retain the Partner Content on the Platform (if such removal of the Content might impact Users). Once removed at your request, the Content may not be re-published by you and will not be rewarded. If you elect to remove your Partner Content from the Platform, we will stop using it for our business purposes as promptly as possible.

4. Intellectual Property

You will remain the author of your Partner's Content. Except as provided in these Terms, we will use commercially reasonable efforts to keep your author name or pseudonym on the Partner Content you submit.
You retain all of your ownership rights in your Partner Content, but you are required to grant Content License rights and DRL License to SOC Prime and Users.
We require that all Partner Content you submit is your original work and that, before submitting the Partner Content to us, you secure all the necessary rights, licenses, permissions, waivers, and releases needed to create such Partner Content and to grant the rights and licenses under these Terms.

You agree that you will not: (a) submit Content that is copyrighted, subject to third-party proprietary rights, including privacy and publicity rights, unless you are the owner of such rights or have permission from the legal owner to post the Content and to grant to SOC Prime all of the license rights granted herein; (b) publish misrepresentations that could damage SOC Prime or any third party; (c) upload the Content that is translated, converted, or adapted in any way from the third-party sources or violates any third party's rights.

You acknowledge that SOC Prime has the right, at its sole discretion, to remove Content without prior notice if we become aware that the published Content infringes the intellectual rights of third parties. SOC Prime also reserves the right to terminate a user's access to the Program if it is found that you have repeatedly violated copyright.

5. Rewards

You can be eligible for a Reward when your Partner Content is used by the Platform Client. It will be determined based on the rating system that determines the position of the Partner Content based on multiple factors, including but not limited to the amount of all your published Partner Content, Content type, and parameters, the number of unique views, and individual downloads, unique deploys by Clients, etc.

  • The following data is taken into account for rating calculation: (i) actions of Platform clients registered with corporate email.
  • The following data is not taken into account for rating calculation: (i) actions of test companies Users (i.e., SOC Prime users and users of service companies created in the admin panel), (iii) all Your actions as the Partner Content creator (iv) actions of other Users who are participants of the Program.

Please refer to the dashboards on your Account to see the number of unique Platform Clients' interactions with your content. The Content rating is calculated for a calendar month for all your Partner Content available to the Platform Users.

Only the Partner Content that has been delivered through the Threat Bounty Program has passed our review and is published on the Platform (i.e., available for our Users) will be taken into account for rating calculation purposes and will be eligible for Rewards. The Partner Content that is not displayed on the Platform (i.e., not available for Users of the Platform because of deprecation, your request to remove the Partner Content or due to failure to pass our review or other reasons) will not be taken into account for rating calculation purposes and shall not be eligible for Rewards.

Until released with updates, your Content will no longer be available for Users of the Platform; that is why no rating will be calculated for it.

If you do not publish (i.e., your Content does not become available for the Users) any Partner Content for more than three consecutive months, you shall not be eligible for a Reward for the previously posted Partner Content. SOC Prime will not pay Rewards for Partner Content starting from the 90th calendar day following the day your last Partner Content was published. You can resume posting Partner Content at any time and continue to be paid for it and your previously published Partner Content.

Rewards’ payment schedule will be negotiated individually as payment terms vary per Program member, usually calculated between 30 days (often) to 120 days (very rare). Payments will accrue and be paid in United States Dollars and will be paid to PayPal or a bank account. Program members to receive payments are required to complete tax documents, including an IRS W-9 or W-8BEN, to receive Program rewards. We send you a request to provide the needed documents through the DocuSign service.

You will bear all transaction fees imposed by third parties on Rewards’ payments, and you understand and agree that we may deduct all such expenses from payments. If the payment option selected by you cannot be processed, is reversed, or otherwise cannot be completed, or if you do not provide us with the requested tax information within 120 days from when you were notified by email, you will forfeit the reward and relinquish any claim or right to such amounts (on behalf of yourself and any of your creditors or successors in interest thereto) and agree that we may retain, use or otherwise dispose of such funds in any manner as we see fit.

If you are unable or unwilling to accept your Reward, we reserve the right to rescind it. If you get a Reward, you will be solely responsible for paying all applicable taxes, levies, tariffs, and other government-imposed amounts for any payments you receive under these Terms and, in general, must comply with any legal and tax-related obligations and formalities applicable to your situation, status, and income.

You will accurately and timely report and pay all such amounts to the applicable authority. Further, if and to the extent we request that you provide us with tax information and forms, you agree to do so promptly. You hereby represent and warrant that all such information will be accurate, correct, and current. If any of such information that you provide us changes, you agree to promptly submit updated information to us.

6. Confidential Information

You may receive information from us that is marked as “confidential” or “proprietary” (or similar marking) or that you reasonably should understand to be confidential based on the nature of the information and the circumstances of disclosure. To the extent you receive any such information, you agree not to use it or disclose it to any other person except as authorized under these Terms.

7. Warranties

You hereby warrant as follows: (i) you have the capacity and authority and right to enter into these Terms and to grant the rights and licenses granted hereunder and perform the obligations hereunder; (ii) your entering into these Terms, granting the rights granted and performing the obligations hereunder does not conflict with the terms of any agreement to which you are a party, violate the rights of any third party, violate any law, rule, regulation or order; (iii) all of your Partner Content is an original creation or work of authorship by you, you are the sole and exclusive owner of the Partner Content, and you have not granted any rights or licenses that would conflict with these Terms; (iv) no Partner Content infringes, misappropriates or violates any copyright, trademark, right of privacy, right of attribution or publicity, moral right or other intellectual property or right of any third party, defames, libels or casts into disrepute in any manner any third party, or is obscene or otherwise inappropriate; and (v) no portion of the Partner Content as delivered to SOC Prime from time to time, contains any virus, Trojan horse, disabling mechanism or other malware or malicious code.

8. Indemnity

YOU UNDERSTAND AND ACKNOWLEDGE THAT YOU ARE RESPONSIBLE FOR ANY CONTRIBUTIONS AND MODIFICATIONS OF CONTENT, AND YOU SHALL BE FULLY LIABLE TO ANY THIRD PARTY FOR ANY CLAIMS WHEN PARTNER CONTENT INFRINGES OR VIOLATES ANY THIRD PARTY’S INTELLECTUAL PROPERTY RIGHTS AND WILL INDEMNIFY SOC PRIME ALL HARMLESS UNDER THIS SECTION.

You agree to indemnify, defend and hold SOC Prime and its affiliates and their respective directors, officers, employees, shareholders, agents, and licensees of Partner Content (collectively, the “SOC Prime Indemnitees”) harmless from and against any claims, actions, suits, proceedings, liability, damages, losses, fines, penalties, costs and expenses (including, but not limited to reasonable attorneys’ fees and court costs) incurred by any SOC Prime Indemnitee as a result of or in connection with (i) any use of the Program under your name by any person, whether or not authorized by you; (ii) any breach by you of these Terms; (iii) any claim that Partner Content infringes, misappropriates or otherwise violates any law or any patent, trademark, copyright, trade secret, right of privacy, attribution or publicity, moral rights or any other intellectual property or other rights of any third party.

SOC Prime reserves the right, at your expense, to assume the exclusive defense and control of any matter otherwise subject to your indemnification. In such a case, you agree to cooperate with SOC Prime's defense of such a claim.

9. Claims of Copyright Infringement

SOC Prime respects the intellectual property rights of others and asks that the people who use the Platform and Program do the same. The Digital Millennium Copyright Act of 1998 (the “DMCA”) provides recourse for copyright owners who believe that material appearing on the Internet infringes their rights under U.S. copyright law. If you believe in good faith that materials on the Platform infringe your copyright, you (or your agent) may send SOC Prime a notice requesting that we remove the material or block access to it. If you believe in good faith that someone has wrongly filed a notice of copyright infringement against you, the DMCA permits you to send SOC Prime a counter-notice. Notices and counter-notices must meet the then-current statutory requirements imposed by the DMCA. See the DMCA Designated Agent Directory for details. Notices and counter-notices should be sent to
Copyright Agent
SOC Prime, Inc.
399 Boylston Street, 6th Floor
Boston, MA 02116
Email: dmca@socprime.com

10. Termination

These Terms are effective until terminated. You may terminate these Terms at any time by giving 30 days written notice to SOC Prime at threatbounty@socprime.com. On becoming aware of any potential violation of these Terms, including your breach of intellectual property rights in Content published under your authorship, SOC Prime may terminate your account at any time at its sole discretion with or without notice. SOC Prime may terminate these Terms for any reason immediately upon notification by your account email.

If you violate these Terms, you may be prohibited from participating in the Program in the future, and any Partner Content you have provided may be deemed to be ineligible for Rewards.

Notwithstanding any other provision in these Terms, the termination or expiration of these Terms shall not alter or affect the rights granted to licensees or sub-licensees by SOC Prime pursuant to these Terms.

The following provisions will survive the expiration or termination of these Terms: Sections 7, 9, 10, 11, and 14 – 17, as well as such terms and conditions that by their nature would survive.

11. DISCLAIMER OF WARRANTIES

SOC PRIME, AND OUR AFFILIATES, RESELLERS, DISTRIBUTORS, AND VENDORS, MAKE NO WARRANTIES, EXPRESS OR IMPLIED, GUARANTEES OR CONDITIONS FOR THE PROGRAM. YOU UNDERSTAND THAT YOUR PARTICIPATION IN THE PROGRAM IS AT YOUR OWN RISK. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAW, WE EXCLUDE ANY IMPLIED WARRANTIES IN CONNECTION WITH THE PROGRAM. YOU MAY HAVE CERTAIN RIGHTS UNDER YOUR LOCAL LAW. NOTHING IN THESE TERMS IS INTENDED TO AFFECT THOSE RIGHTS IF THEY ARE APPLICABLE.

THE PROGRAM IS PROVIDED BY SOC PRIME “AS IS,” WITHOUT WARRANTY OF ANY KIND. WITHOUT LIMITING THE FOREGOING, SOC PRIME EXPLICITLY DISCLAIMS ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, AND ANY WARRANTIES ARISING OUT OF THE COURSE OF DEALING OR USAGE. SOC PRIME MAKES NO WARRANTY THAT THE PROGRAM WILL MEET YOUR SPECIFIC REQUIREMENTS OR BE AVAILABLE ON AN UNINTERRUPTED, SECURE, OR ERROR-FREE BASIS.

12. LIMITATION OF LIABILITY

SOC PRIME DISCLAIMS ANY LIABILITY OR RESPONSIBILITY FOR PROGRAM-RELATED DISPUTES ARISING BETWEEN YOUR EMPLOYEE AND YOU. SOC PRIME'S ENTIRE LIABILITY TO YOU ARISING OUT OF OR RELATED TO THESE TERMS OR YOUR PARTICIPATION IN THE PROGRAM SHALL NOT EXCEED FIVE HUNDRED (500) U.S. DOLLARS. YOU CAN'T RECOVER ANY OTHER DAMAGES OR LOSSES, INCLUDING DIRECT, CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE.

SOC PRIME DOES NOT TAKE RESPONSIBILITY OR LIABILITY FOR THE BREACH BY USERS WHO DOWNLOAD OR USE YOUR PARTNER CONTENT. WE ARE NOT RESPONSIBLE FOR ENSURING THAT USERS COMPLY WITH THE TERMS OF SERVICES GOVERNING THE USE OF YOUR PARTNER CONTENT ON THE SOC PRIME PLATFORM.

YOU CAN'T RECOVER ANY OTHER DAMAGES OR LOSSES, INCLUDING DIRECT, CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE. TO THE MAXIMUM EXTENT PERMITTED BY LAW.

13. Applicable Law

These Terms shall be treated as though they were executed and performed in Delaware, USA, and shall be governed by and construed by the laws of Delaware, USA, without regard to conflict of law principles. In addition, you agree to submit to the personal jurisdiction and venue of the state and federal courts located in Delaware. Any cause of action by you concerning our Program must be instituted within one (1) year after the cause of action arose or be forever waived and barred. Should any part of these Terms be held invalid or unenforceable, that portion shall be construed consistent with applicable law, and the remaining portions shall remain in full force and effect. The rights of SOC Prime under these Terms shall survive the termination of your account or these Terms.

14. Changes to These Terms

SOC Prime reserves the right to change these Terms in its sole discretion and at any time with or without specific notice to you. The latest copies of these Terms will be posted on our Program website. Such modifications shall take effect and be binding on you on the date set forth on the first page of these Terms. We will take reasonable steps to notify you of any changes or modifications, but it is your responsibility to check the Terms periodically for changes. Notwithstanding anything to the contrary, your continued use of the Program after the effective date of any modifications will be deemed your conclusive acceptance of all such changes.

We may, from time to time, change the reward rates that we offer, the timing for payment of accrued rewards, the threshold at which we make payment, and how we will make payment. We will inform you of such changes by sending you an email notification at the email address on file with us with your account. If you do not agree to such changed terms, you must notify us upon your receipt of the first payment reflecting such changed terms. Your acceptance of payment reflecting the changed terms will signify your agreement to such terms.

MISCELLANEOUS

Nothing in these Terms will be construed to constitute either party as the agent, employee, or representative of the other party. No joint venture or partnership will be created hereby. Neither party will make or have the power or authority to act for, bind, or otherwise create or assume any obligation on behalf of the other party for any purpose whatsoever.

SOC Prime’s failure to insist upon or enforce strict performance of any provision of these Terms shall not be construed as a waiver of any provision or right.

You agree that SOC Prime shall not be liable to you or any third party for any modification, suspension, or discontinuance of the Program.

We may provide you with notices, including regarding changes to these Terms, by email, regular mail, or through communications through the Program. It is your responsibility to keep your email address current and to set your spam filters to accept emails from us. Any notice that we send to the email address on file in your account will be deemed to have been effectively provided even if the email address on file with your account is out-of-date, invalid, or you otherwise do not receive or see our email to you.

These Terms are personal to you and binding upon your heirs, executors, and legal representatives, as the case may be. You may not assign these Terms without SOC Prime's prior written consent, and SOC Prime may assign these Terms to any other party without your permission.

If all or part of any provision of these Terms is wholly or partially unenforceable, the remaining provisions hereof shall not be affected, and these Terms shall continue in full force and effect as if the unenforceable provision had never constituted a part hereof, and the parties or, in the event the parties are unable to agree, a court of competent jurisdiction, shall put in place of such whole or part-provision an enforceable provision or provisions, that as nearly as possible reflects the terms of the unenforceable whole or part-provision.

If you have concerns relating to these Terms, please contact SOC Prime by email at legal@socprime.com.

15. Feedback and Information

SOC Prime welcomes suggestions, comments, or other feedback about the Platform, Program, Content (e.g., regarding their utility and feasibility), and Your experience with Program, as well as any bug fixes, features, functionality, or enhancements you would like to see in future versions ("Feedback"). You agree that all Feedback is and will be given entirely voluntarily and be non-confidential for SOC Prime. SOC Prime shall be free to use such information on an unrestricted basis. You assign all rights, titles, and interests in any Feedback You provide SOC Prime. Other than your Partner Content, SOC Prime does not consider or accept unsolicited proposals or ideas, including, without limitation, ideas for new products, technologies, promotions, or Program improvements ("Unsolicited Feedback"). If you send any Unsolicited Feedback to SOC Prime through the Program or otherwise, SOC Prime makes no assurances that your ideas will be treated as confidential or proprietary.

16. Copyrights and Trademarks

Unless otherwise authorized by SOC Prime in writing, all materials including but not limited to logos, trademarks, images, designs, photographs, videos, and written and other materials that appear as part of any of our websites: https://socprime.com/, https://tdm.socprime.com, https://my.socprime.com, https://developer.socprime.com, official Facebook, Twitter and LinkedIn pages and others web pages owned by SOC Prime (collectively - “Website”) are copyrights, trademarks, service marks, trade dress and/or other intellectual property whether registered or unregistered (“Intellectual Property”) owned, controlled or licensed by SOC Prime. Nothing on our Website should be construed as granting, by implication, estoppel, or otherwise, any license or right to use any Intellectual Property displayed or used on our Website without the prior written permission of the Intellectual Property owner.

Sharing on Social Platforms. SOC Prime supports sharing and reposting public SOC Prime’s news and posts on social media platforms such as Facebook, Twitter, and LinkedIn ("Social Platforms"). You understand and agree that you may share on Social Platforms and include a link to the Website in your post.

Unless otherwise stated herein, the names, trademarks, and logos of SOC Prime may not be used in any way, including in advertising or publications of any Website’s materials anywhere, including Social Platforms, without prior written permission from SOC Prime. SOC Prime prohibits the use of any SOC Prime logo or any of the published materials on the Website unless such publication is approved by these Terms or in advance and written by SOC Prime.

Other trademarks and logos mentioned on our Website may be the intellectual property of their respective owners.

17. Export Control and Sanctions Laws

You shall comply with all applicable federal, state, local, and foreign laws, rules, and regulations while creating Content. You are solely responsible for ensuring your participation in the Program is compliant with all laws, rules, and regulations applicable to you, and the right to participate in the Program is revoked when it is prohibited by any applicable law, rule, or regulation.

You acknowledge that the Platform may be subject to the Export Administration Regulations, 15 C.F.R. Parts 730-774, of the United States and may be subject to other applicable country export control and trade sanctions laws (“Export Control and Sanctions Laws”). You may not participate in the Program directly or indirectly, in violation of Export Control and Sanctions Laws.

18. Handling of Personal Information

SOC Prime respects your privacy. SOC Prime will use the personal information provided by Program members for identification, contacting, report reviewing, payments, prevention of unauthorized use, smooth operation of the Program, and any other necessary clerical processes. The handling of other privacy matters shall be under the Privacy Policy. SOC Prime takes the utmost care to safely manage the information collected from Program members.

19. Slack App Bot

We created a Slack app called Sigma Rules Bot for Threat Bounty (the “Application”) to create and manage your Content using the Program. With the Application, you can:

  • Develop Sigma rules directly through Slack;
  • Run automated tests to check the created Sigma rules for common errors;
  • Submit Sigma rules to review by SOC Prime experts directly through Slack;
  • Communicate with SOC Prime representatives during Sigma rules verification;
  • Search for your previously published Sigma rules and suggest appropriate updates on the fly.

The Application is available through your account or via a link. To install the Application, click the "Add to Slack" button, launch the bot, and authenticate.
To authenticate, you need to enter the email address linked to your Program account and the authentication token.
To request the authentication token, follow the instructions provided in the App or contact us at threatbounty@socprime.com. The bot can authenticate one user only in one Slack space.

Сontent created with Application subject to all the same rules and restrictions as other Threat Bounty Content.