Loading . . .

SOC Prime Threat Bounty Program Terms

Last Updated: August 30, 2022

Introduction

Please read these Terms carefully as they govern participation in the Threat Bounty Program created by SOC Prime to help threat hunters submit their Partner Сontent (as defined below) and be rewarded if eligible.

SOC Prime Platform - https://tdm.socprime.com/ (“Platform”) is a SOC Prime-owned service for cross-platform threat detection content delivery developed by security incident responders. The Platform provides content for searching, indexing, monitoring, analyzing, and visualizing information and data on cybersecurity threats to improve the efficiency of Security Information and Event Management (“SIEM”), Endpoint Detection and Response (“EDR”), Network Security Monitoring (“NSM”), Network Traffic Analysis (“NTA”) and Network Threat Detection & Response ("NTDR") solutions.

This Threat Bounty Program Terms (“Terms”), along with our Privacy Policy (“Privacy Policy”) and other guidelines or rules posted within our Platform, constitutes the entire and only agreement between you (“you,” “your” “Developer”) and SOC Prime, Inc. (“SOC Prime,” “we,” “us” or “our”), and supersedes all other agreements, representations, and warranties.

These Terms set forth the terms under which you may participate in the SOC Prime Threat BountyⓇ Program (“Program”) after registration of your personal account with the Program and supply quality tested Partner Content through the Program to SOC Prime for use on the Platform, including, without limitation, use by users and customers of the Platform (“User” or “Client”).

These Terms are not intended to and shall not be construed to create an employment relationship between you and SOC Prime or its representatives. The participants of the SOC Prime Threat Bounty Program are not employees, contractors, or agents of SOC Prime but are independent third parties who want to participate in Program and submit their content for monetization to the SOC Prime Platform.

1. Eligibility

Only persons acting in their own individual capacity can participate in the Program. Companies and legal entities are not permitted to participate. If you would like to use corporate email, you must provide us with written permission from the organization you work for to participate in and waive any claim in relation to Partner Content created by you. You ARE NOT eligible to participate in the Program if you meet any of the following criteria:

  • You are subject to Export Control and Sanctions Laws or other significant trade restrictions (meaning that you are a resident of without limitation Russia, the Crimea, Donetsk, and Luhansk regions of Ukraine, Cuba, Iran, North Korea, and Syria or any other country under U.S. sanctions);
  • You are under the age of 18 and have not obtained your parent's or legal guardian's permission before participating;
  • You work for an organization that does not permit you to participate in this Program or such types of programs. You are responsible for reviewing your employer's rules for participating in this Program.

If you have been within the past six months or are currently an employee/independent contractor of SOC Prime or an affiliate of SOC Prime, we may, in our sole discretion, bar you from participating in the Program.

You acknowledge that you do not use equipment, supplies, facility, or trade secret information of your employing company to create the Partner Content and that the Partner Content is developed entirely in your own time, and (1) it is not related (i) directly to the business of your employing company, or (ii) to your employing company’s actual or demonstrably anticipated research or development, and (2) the Partner Content is not the result of any work performed by you for your employing company.

If you are participating in violation of your employer’s policies, you may be disqualified from participating or receiving any Reward. SOC Prime does not knowingly allow participation in the Program in violation of these Terms.

2. Account

To supply Partner Content to SOC Prime, you will have to join the Program by submitting a join request or following a referral link and creating an account with SOC Prime Threat Bounty Program.

We require that you use your personal email at registration.

PARTICIPATION VERIFICATION PROCESS

After you join, request, or pass a registration with the Program in accordance with this Section, SOC Prime engineers will review your account data and validate its eligibility. SOC Prime retains sole discretion in determining whether you are qualified based on the additional verification requests. Please be accurate while submitting any additional information. The review time will vary depending on the number and complexity of our registration requests.

You must keep your account password secure and confidential. You are responsible for all Partner Content uploaded using your account name and password and for all activity through your account. You are solely responsible for all activities that occur in connection with your account and must not bring about harm to any of the other Users, third parties, or SOC Prime. You may not: (i) breach or circumvent any laws, third-party rights, or our policies or instructions regarding the use of the Program; (ii) allow for another person or party to access your account or transfer your account to someone else.

You agree to notify us immediately of any unauthorized access to or use of your username or password or any other security breach.

Your email is kept by us to identify your submitted Content If you would like to change your email address, please contact us at threatbounty@socprime.com.

3. Partner Content

Subject to these Terms, you may, from time to time, upload or otherwise provide Your Own Content for threat detection, threat hunting, and incident response (“Partner Content”, “Content”) through the Program to Platform by following the requirements located at https://developer.socprime.com/guide/, for a chance to earn rewards in an amount determined by SOC Prime ("Reward").

Under the Partner Content, we mean: (i) In SIEM terms: Sigma Rules, correlation rules, queries, dashboards, parsers; (ii) In EDR & Endpoint Protection: Yara rules, Network-Based detection — Snort rules; (iii) Attack simulation content for open-source instruments, - ((i), (ii), (iii) collectively - “Rules”).

Examples:

  • Sigma rules
    (Sigma is a generic rule format for SIEM systems. Just like Yara for binaries and Snort for the network. In 2018 Sigma was acknowledged by MISP to be a de-facto standard for SIEM queries. In 2019 SANS recommended Sigma for threat hunting with MITRE ATT&CK®)
  • Yara rules
  • Snort rules
  • Red tests (such as Atomic Red Team)
  • SIEM rule packages (.arb, .gzip, etc.)
  • Parsers (logstash configs, Flex connectors, technology add-ons, functions, DSM’s, etc.)
  • Data enrichers and response actions (e.g., python, bash, PowerShell scripts)
  • Incident Response playbooks

SOC Prime secure Partner Content with AES-256 block-level encryption, AWS hosting, replication & backup testing, full-stack hardening, firm password policy with ReCaptcha, continuous vulnerability testing, in-house red team testing, monitored by our own SOC. Suggestions are welcome.

By “Your Own Content,” we mean content that is your original work, created by you, and which does not violate any intellectual property rights of any third party.
Partner Content Representations. You represent that:

  • each of your Partner Content is your original work;
  • your Partner Content includes complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which you are aware and which are associated with any part of your Partner Content.
  • you are legally entitled to grant the licenses as outlined in the Partner Content License Section 6;
  • if you are submitting as an individual, and if your employer(s) has intellectual property rights to the Partner Content created by you, you represent that you have received permission to make that Partner Content on behalf of that employer and that your employer has waived such rights for your Partner Content to SOC Prime, or that your employer has executed a separate agreement with SOC Prime granting such rights and/or waivers;

4. Partner Content Requirements

The provided Partner Content shall be:

  • Your original work that doesn't violate these Terms, DRL License, or Intellectual Property rights of any third party;
  • Unique, which means that it was not previously published on any open-source repositories (e.g., GitHub) or other resources, including SOC Prime Platform;
  • Fully operative content, which means correct detection logic, proper syntax (relevant for the format depending on the content type), and the relevant description. You may substantiate Content operability by providing screenshots with confirmation data evidence or other reliable information;
  • Tagged with relevant MITRE ATT&CK Techniques, Tools, and Actors where appropriate and have references to open-source information related to the detection and Log sources, Compliance tags, etc.

All Partner Content shall undergo the Content Verification procedure before publication on the SOC Prime Platform. SOC Prime will test all the Content you upload from spellcheck to IOC lookups and metadata tagging, including the automated check for Sigma rules prior to the personnel review. We will do our best to review the Partner Content as quickly as possible; however, we do not guarantee any specific review term.

Partner Content marked as "Verified" on the SOC Prime Platform means that it has passed the verification by a dedicated SOC Prime content team. SOC Prime retains sole discretion in determining which Partner Content is qualified.

5. Partner Content Deletion

Deletion of the Content by SOC Prime. SOC Prime reserves the right to refuse to accept or delete any Partner Content that SOC Prime may determine, in its sole discretion: (i) violates or may infringe, misappropriate or violate these Terms, the intellectual property, proprietary, or other rights of third parties; (ii) is the same (has the same name or the duplicate detection) or similar to existing Content; (iii) is translated from third party sources (e.g., converting a Sentinel rule to SIGMA); or (iv) is otherwise objectionable or unacceptable; (v) is publicly available on resources which are not owned by SOC Prime

If we discover the existence of the same Content published by you or with your authorship, or if we receive a claim that the Partner Content infringes the intellectual property rights of any third party, we may immediately remove the Content from our Platform with or without notice and withhold rewards for such Content.

Deletion of the Content by you for convenience. You may delete the submitted Content at your convenience, for any or no reason, upon prior written notice to SOC Prime at threatbounty@socprime.com. In this case, (i) your Content will no longer be available for Users of the Platform, and no rating will be calculated; and (ii) YOU WILL NOT BE ABLE TO PUBLISH THE DELETED CONTENT AGAIN.

If you elect to remove your Partner Content from the Platform, then we will stop using that Partner Content for our business purposes as promptly as is practical.

We intend to operate transparently and will generally attempt to notify you if we do not accept or delete your Partner Content. However, it is ultimately your responsibility to contact us if your Content is not accepted or is deleted and you do not receive a notification from us regarding such action. In all cases where you feel that Partner Content that you submitted has been misjudged or mishandled by SOC Prime (including our refusal to accept or deletion of your Partner Content, misclassification of your Partner Content, or any omitted or misattribution regarding the origin of your Partner Content), we encourage you to contact us at threatbounty@socprime.com.

6. Partner Content License

You hereby grant SOC Prime (to the extent permitted by applicable law) a non-exclusive, transferable, perpetual, irrevocable, sub-licensable, paid-up, worldwide right and license to use, copy, modify, adapt, reproduce, create derivative works based upon, distribute, perform, publicly display, transmit, and otherwise use your Partner Content, market, and commercialize the Partner Content for its business purposes in connection with the operation and promotion of the Platform and Partner Content offered by SOC Prime or otherwise available through the Platform or for any purpose and in any form of media now existing or hereafter available or developed (“Content License”).

SOC Prime agrees to use any personally identifiable information under SOC Prime Privacy Policy. However, our Privacy Policy applies to any personal data about you that may be contained in the Partner Content, as only you, and not SOC Prime, control how Partner Content is processed.

In addition, you hereby irrevocably represent and warrant to SOC Prime that (i) you have all necessary power, authority, right, title, and/or licenses to grant to SOC Prime the foregoing Content License.

Restrictions on Partner Content. You hereby agree not to submit any Partner Content that (i) is unlawful, violates any right of publicity, or invades the privacy of others, (ii) violates any intellectual property rights of any third party; (iii) constitutes obscene, or otherwise objectionable material, (iv) violates any applicable law or government regulation; (v) deploys to the Platform any robot, spider, scraper, website search/retrieval application, or other application designed to retrieve, index, "data mine," information from the Platform; (vi) contains: (1) any advertisement, promotional materials or solicitation related to any product or service that is competitive with SOC Prime products or services; (2) software or programs which contain any harmful code, including, but not limited to, viruses, worms, time bombs or Trojan horses; (3) Indicators of compromise (IoCs); (4) US social numbers; (5) Payment cards details; (6) IP-addresses; (7) Hashes; (8) Bitcoin wallets, etc.

This list of prohibitions provides examples and is not complete or exclusive. SOC Prime reserves the right to (i) terminate access to your account and your ability to use the Program or post to the Platform and (ii) refuse, delete or remove Partner Content with or without cause and with or without notice, for any reason or no reason, or for any action that SOC Prime determines to be inappropriate.

SOC Prime may modify or adapt your Partner Content for transmission, display, or distribution over computer networks and in various media and/or make changes to Partner Content as necessary to comply with and adapt it to any requirements or limitations of any devices, services, or media.

The Partner Content is sublicensable to Users under the terms of the Detection Rule License 1.1., which can be found by following this link:

https://github.com/SigmaHQ/sigma/blob/master/LICENSE.Detection.Rules.md, (hereinafter the “DLR license”). If you want your specific license terms to be used, please contact SOC Prime at threatbounty@socprime.com. By uploading a Partner Content without prior written consent from SOC Prime to use your license terms, you agree that the Partner Content will be available to SOC Prime and its Users under the DLR license.

Your license grant(s) to us will survive for these Terms, and thereafter, to the extent a User has obtained a sublicense to your Partner Content, your license to us will be irrevocable with respect to each such sublicense and will survive for so long as that sublicense exists. If you ever decide that you do not want to allow your Partner Content to continue being licensed, please follow the instructions under the Termination Section below.

SOC Prime may, at its sole discretion and unilaterally, make changes to Partner Content to improve it. SOC Prime reserves the right to make the necessary changes independently at its discretion and publish Partner content indicating your and SOC Prime’s co-authorship. If you disagree with the indication of your authorship on a Partner Content modified by SOC Prime, you can request the removal of your Partner Content.

7. Intellectual Property

You will remain the author of your Partner's Content. Except as provided in these Terms, we will use commercially reasonable efforts to keep your author name or pseudonym on the Partner Content you submit. You retain all of your ownership rights in your Partner Content, but you are required to grant Content License rights and DRL License to SOC Prime and Users. We require that all Partner Content you submit be your original work and that, before submitting the Partner Content to us, you secure all the necessary rights, licenses, permissions, waivers, and releases needed to create such Partner Content and to grant the rights and licenses under these Terms.

You agree that you will not: (a) submit Content that is copyrighted, subject to third-party proprietary rights, including privacy and publicity rights, unless you are the owner of such rights or have permission from the legal owner to post the Content and to grant to SOC Prime all of the license rights granted herein; (b) publish misrepresentations that could damage SOC Prime or any third party; (c) upload the Content that is translated, converted, or adapted in any way from the third-party sources or violates any third party's rights.

If you have translated Content from any third-party sources, you should: (i) if the Rule is under any license (including proprietary), indicate the source of the Rule and add a link or text to the original license terms or as required by those license terms; (ii) in case the Rule is not licensed: upload it to the community under a DLR license with original authorship attribution and add the following description: "The Rule was translated from the open-source repository" OR "The Rule was translated with the permission of the author.".

You acknowledge that SOC Prime has the right, at its sole discretion, to remove Content without prior notice if we become aware that the published Content infringes the intellectual rights of third parties. SOC Prime also reserves the right to terminate a user's access to the Program if it is found that you have repeatedly violated copyright.

8. Rewards

You can be eligible for a Reward when your Partner Content is used by Platform Client. It will be determined based on the rating system that determines the position of the Partner Content based on multiple factors, including but not limited to: the amount of all your published Partner Content, Content type and parameters, the number of unique views, and individual downloads, unique deploys by Clients, etc.

  • The following data is taken into account for rating calculation: (i) actions of Platform clients registered with corporate email.
  • The following data is not taken into account for rating calculation: (i) actions of test companies Users (i.e., SOC Prime users and users of service companies created in the admin panel), (iii) all Your actions as the Partner Content creator (iv) actions of other Users who are participants of the Program.

Please refer to the dashboards on your Developer Account to see the number of unique Platform Clients' interactions with your content. The Content rating is calculated for a calendar month for all your Partner Content available to the Platform Users.

Only the Partner Content that has been delivered through the Threat bounty Program has passed our review and is published on the Platform (i.e., available for our Users) will be taken into account for rating calculation purposes and will be eligible for Rewards. The Partner Content which is not displayed on the Platform (i.e., not available for Users of the Platform because of deprecation, your request to remove the Partner Content or due to failure to pass our review, other reasons) will not be taken into account for rating calculation purposes and shall not be eligible for Rewards.

Until released with updates, your Content will no longer be available for Users of the Platform; that is why no rating will be calculated for it.

If you do not publish (i.e., your Content does not become available for the Users) any Partner Content for more than three consecutive months, you shall not be eligible for a Reward for the previously posted Partner Content. SOC Prime will not pay Reward for Partner Content starting from the 90th calendar day following the day your last Partner Content was published. You can resume posting Partner Content at any time and continue to be paid for it and your previously published Partner Content.

Rewards’ payment schedule will be negotiated individually as payment terms vary per Developer, usually calculated between 30 days (often) to 120 days (very rare). Payments will accrue and be paid in United States Dollars and will be paid to PayPal or a bank account. Developers are required to complete tax documents, including an IRS W-9 or W-8BEN, to receive Program rewards.

We may send you a request to provide a document required for payment through the PandaDoc service. To upload a paper in the file collection field, you must click on this field. Then, in the file upload window, you must click "Choose File" to upload the file from your computer. Google Drive, Dropbox, Box, and OneDrive can also upload a file. Please note that all recipients of your document can access the files you upload. For security purposes, the completed PDF file will not include items uploaded into the collect files field.

You will bear all transaction fees imposed by third parties on Rewards’ payments, and you understand and agree that we may deduct all such expenses from payments. If the payment option selected by you cannot be processed, is reversed, or otherwise cannot be completed, or if you do not provide us with requested tax information within 120 days from when you were notified by email, you will forfeit the reward and relinquish any claim or right to such amounts (on behalf of yourself and any of your creditors or successors in interest thereto) and agree that we may retain, use or otherwise dispose of such funds in any manner as we see fit.

If you are unable or unwilling to accept your Reward, we reserve the right to rescind it. If you get a Reward, you will be solely responsible for paying all applicable taxes, levies, tariffs, and other government-imposed amounts for any payments you receive under these Terms and, in general, must comply with any legal and tax-related obligations and formalities applicable to your situation, status and income.

You will accurately and timely report and pay all such amounts to the applicable authority. Further, if and to the extent we request that you provide us with tax information and forms, you agree to do so promptly. You hereby represent and warrant that all such information will be accurate, correct, and current. If any of such information that you provide us changes, you agree to promptly submit updated information to us.

9. Confidential Information

You may receive information from us that is marked as “confidential” or “proprietary” (or similar marking) or that you reasonably should understand to be confidential based on the nature of the information and the circumstances of disclosure. To the extent you receive any such information, you agree not to use it or disclose it to any other person except as authorized under these Terms.

10. Warranties

You hereby warrant as follows: (i) you have the capacity and authority and right to enter into these Terms and to grant the rights and licenses granted hereunder and perform the obligations hereunder; (ii) your entering into these Terms, granting the rights granted and performing the obligations hereunder does not conflict with the terms of any agreement to which you are a party, violate the rights of any third party, violate any law, rule, regulation or order; (iii) all of your Partner Content is an original creation or work of authorship by you, you are the sole and exclusive owner of the Partner Content, and you have not granted any rights or licenses that would conflict with these Terms; (iv) no Partner Content infringes, misappropriates or violates any copyright, trademark, right of privacy, right of attribution or publicity, moral right or other intellectual property or right of any third party, defames, libels or casts into disrepute in any manner any third party, or is obscene or otherwise inappropriate; and (v) no portion of the Partner Content as delivered to SOC Prime from time to time, contains any virus, Trojan horse, disabling mechanism or other malware or malicious code.

11. Indemnity

YOU UNDERSTAND AND ACKNOWLEDGE THAT YOU ARE RESPONSIBLE FOR ANY CONTRIBUTIONS AND MODIFICATIONS OF CONTENT, AND YOU SHALL BE FULLY LIABLE TO ANY THIRD PARTY FOR ANY CLAIMS WHEN PARTNER CONTENT INFRINGES OR VIOLATES ANY THIRD PARTY’S INTELLECTUAL PROPERTY RIGHTS AND WILL INDEMNIFY SOC PRIME ALL HARMLESS UNDER THIS SECTION.

You agree to indemnify, defend and hold SOC Prime and its affiliates and their respective directors, officers, employees, shareholders, agents, and licensees of Partner Content (collectively, the “SOC Prime Indemnitees”) harmless from and against any claims, actions, suits, proceedings, liability, damages, losses, fines, penalties, costs and expenses (including, but not limited to, reasonable attorneys’ fees and court costs) incurred by any SOC Prime Indemnitee as a result of or in connection with: (i) any use of the Program under your name by any person, whether or not authorized by you; (ii) any breach by you of these Terms; (iii) any claim that Partner Content infringes, misappropriates or otherwise violates any law or any patent, trademark, copyright, trade secret, right of privacy, attribution or publicity, moral rights or any other intellectual property or other rights of any third party.

SOC Prime reserves the right, at your expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you. In such a case, you agree to cooperate with SOC Prime's defense of such a claim.

12. Claims of Copyright Infringement

SOC Prime respects the intellectual property rights of others and asks that the people who use the Platform and Program do the same. The Digital Millennium Copyright Act of 1998 (the “DMCA”) provides recourse for copyright owners who believe that material appearing on the Internet infringes their rights under U.S. copyright law. If you believe in good faith that materials on the Platform infringe your copyright, you (or your agent) may send SOC Prime a notice requesting that we remove the material or block access to it. If you believe in good faith that someone has wrongly filed a notice of copyright infringement against you, the DMCA permits you to send SOC Prime a counter-notice. Notices and counter-notices must meet the then-current statutory requirements imposed by the DMCA. See DMCA Designated Agent Directory for details. Notices and counter-notices should be sent to
Copyright Agent
SOC Prime, Inc.
399 Boylston Street, 6th Floor
Boston, MA 02116
Email: dmca@socprime.com

13. Termination

These Terms are effective until terminated. You may terminate these Terms at any time by giving 30 days' written notice to SOC Prime at threatbounty@socprime.com. On becoming aware of any potential violation of these Terms, including your breach of intellectual property rights in Content published under your authorship, SOC Prime may terminate a Developer's account at any time at its sole discretion with or without notice. SOC Prime may terminate these Terms for any reason immediately upon notification by your account email.

The Partner Content can be removed:

(i) On your request. If you wish to remove any or all of your Partner Content from the Platform, you can email us at threatbounty@socprime.com, and we, at our sole discretion, will either delete it entirely or retain the Partner Content on the Platform (if such removal of the Content might impacts Users) without indicating your authorship. At the same time, please note that after the removal of the Partner Content from the Platform, your Partner Content (with your authorship) will still be available to any User who has previously downloaded it. Once removed at your request, the Content may not be re-published by you and will not be rewarded.

(ii) In the case of Content deprecation. We reserve the right to remove Partner Content if such Partner Content is not popular among the Users (e.g., had 0 downloads and low views over the last 24 months after publishing). We will do our best to get in touch with you in advance before deprecating your Partner Content and to change the situation as we are highly committed to promoting valuable content however, the final decision as to the popularity of the Partner Content and its deprecation will be made solely on our discretion.

If you violate these Terms, you may be prohibited from participating in the Program in the future, and any Partner Content you have provided may be deemed to be ineligible for Rewards.

Notwithstanding any other provision in these Terms, the termination or expiration of these Terms shall not alter or affect the rights granted to licensees or sub-licensees by SOC Prime pursuant to these Terms.

The following provisions will survive the expiration or termination of these Terms: Sections 7, 9, 10, 11, and 14 – 17, as well as such terms and conditions that by their nature would survive.

14. DISCLAIMER OF WARRANTIES

SOC PRIME, AND OUR AFFILIATES, RESELLERS, DISTRIBUTORS, AND VENDORS, MAKE NO WARRANTIES, EXPRESS OR IMPLIED, GUARANTEES OR CONDITIONS FOR THE PROGRAM. YOU UNDERSTAND THAT YOUR PARTICIPATION IN THE PROGRAM IS AT YOUR OWN RISK. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAW, WE EXCLUDE ANY IMPLIED WARRANTIES IN CONNECTION WITH THE PROGRAM. YOU MAY HAVE CERTAIN RIGHTS UNDER YOUR LOCAL LAW. NOTHING IN THESE TERMS IS INTENDED TO AFFECT THOSE RIGHTS IF THEY ARE APPLICABLE.

THE PROGRAM IS PROVIDED BY SOC PRIME “AS IS,” WITHOUT WARRANTY OF ANY KIND. WITHOUT LIMITING THE FOREGOING, SOC PRIME EXPLICITLY DISCLAIMS ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, AND ANY WARRANTIES ARISING OUT OF THE COURSE OF DEALING OR USAGE. SOC PRIME MAKES NO WARRANTY THAT THE PROGRAM WILL MEET A YOUR SPECIFIC REQUIREMENTS OR BE AVAILABLE ON AN UNINTERRUPTED, SECURE, OR ERROR-FREE BASIS.

15. LIMITATION OF LIABILITY

SOC PRIME DISCLAIMS ANY LIABILITY OR RESPONSIBILITY FOR PROGRAM-RELATED DISPUTES ARISING BETWEEN YOUR EMPLOYEE AND YOU. SOC PRIME'S ENTIRE LIABILITY TO YOU ARISING OUT OF OR RELATED TO THESE TERMS OR YOUR PARTICIPATION IN THE PROGRAM SHALL NOT EXCEED FIVE HUNDRED (500) U.S. DOLLARS. YOU CAN'T RECOVER ANY OTHER DAMAGES OR LOSSES, INCLUDING DIRECT, CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE.

SOC PRIME DOES NOT TAKE RESPONSIBILITY OR LIABILITY FOR THE BREACH BY USERS WHO DOWNLOAD OR USE YOUR PARTNER CONTENT. WE ARE NOT RESPONSIBLE FOR ENSURING THAT USERS COMPLY WITH THE TERMS OF SERVICES GOVERNING THE USE OF YOUR PARTNER CONTENT ON THE SOC PRIME PLATFORM.

YOU CAN'T RECOVER ANY OTHER DAMAGES OR LOSSES, INCLUDING DIRECT, CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE. TO THE MAXIMUM EXTENT PERMITTED BY LAW.

16. Apple Cable Law

These Terms shall be treated as though they were executed and performed in Delaware, USA, and shall be governed by and construed by the laws of Delaware, USA, without regard to conflict of law principles. In addition, you agree to submit to the personal jurisdiction and venue of the state and federal courts located in Delaware. Any cause of action by you concerning our Program must be instituted within one (1) year after the cause of action arose or be forever waived and barred. Should any part of these Terms be held invalid or unenforceable, that portion shall be construed consistent with applicable law, and the remaining portions shall remain in full force and effect. The rights of SOC Prime under these Terms shall survive the termination of your account or these Terms.

17. Changes to These Terms

SOC Prime reserves the right to change these Terms in its sole discretion and at any time with or without specific notice to you. The latest copies of these Terms will be posted on our Program website. Such modifications shall take effect and be binding on you on the date set forth on the first page of these Terms. We will take reasonable steps to notify you of any changes or modifications, but it is your responsibility to check the Terms periodically for changes. Notwithstanding anything to the contrary, your continued use of the Program after the effective date of any modifications will be deemed your conclusive acceptance of all such changes.

We may, from time to time, change the reward rates that we offer, the timing for payment of accrued rewards, the threshold at which we make payment, and how we will make payment. We will inform you of such changes by sending you an email notification at the email address on file with us with your account. If you do not agree to such changed terms, you must notify us upon your receipt of the first payment reflecting such changed terms. Your acceptance of payment reflecting the changed terms will signify your agreement to such terms. You can send your notification to us either through your account page or by emailing us at threatbounty@socprime.com.

18. Miscellaneous

Nothing in these Terms will be construed to constitute either party as the agent, employee, or representative of the other party. No joint venture or partnership will be created hereby. Neither party will make or have the power or authority to act for, bind, or otherwise create or assume any obligation on behalf of the other party for any purpose whatsoever.

SOC Prime’s failure to insist upon or enforce strict performance of any provision of these Terms shall not be construed as a waiver of any provision or right.

You agree that SOC Prime shall not be liable to you or any third party for any modification, suspension, or discontinuance of the Program.

We may provide you with notices, including regarding changes to these Terms, by email, regular mail, or through communications through the Program. It is your responsibility to keep your email address current and to set your spam filters to accept emails from us. Any notice that we send to the email address on file in your account will be deemed to have been effectively provided even if the email address on file with your account is out-of-date, invalid, or you otherwise do not receive or see our email to you.

These Terms are personal to you and are binding upon your heirs, executors, and legal representatives, as the case may be, and is not assignable by you without SOC Prime's prior written consent. SOC Prime may assign these Terms to any other party without your permission.

If all or part of any provision of these Terms is wholly or partially unenforceable, the remaining provisions hereof shall not be affected, and these Terms shall continue in full force and effect as if the unenforceable provision had never constituted a part hereof, and the parties or, in the event the parties are unable to agree, a court of competent jurisdiction, shall put in place of such whole or part-provision an enforceable provision or provisions, that as nearly as possible reflects the terms of the unenforceable whole or part-provision.

If you have concerns relating to these Terms, please contact SOC Prime by email at threatbounty@socprime.com.

19. Feedback and Information

SOC Prime welcomes suggestions, comments, or other feedback about the Platform, Program, Content (e.g., regarding their utility, feasibility), and Your experience with Program, as well as any bug fixes, features, functionality, or enhancements you would like to see in future versions ("Feedback"). You agree that all Feedback is and will be given entirely voluntarily and be non-confidential for SOC Prime. SOC Prime shall be free to use such information on an unrestricted basis. You assign all rights, titles, and interests in any Feedback You provide SOC Prime. Other than your Partner Content, SOC Prime does not consider or accept unsolicited proposals or ideas, including, without limitation, ideas for new products, technologies, promotions, or Program improvements ("Unsolicited Feedback"). If you send any Unsolicited Feedback to SOC Prime through the Program or otherwise, SOC Prime makes no assurances that your ideas will be treated as confidential or proprietary.

20. Copyrights and Trademarks

Unless otherwise authorized by SOC Prime in writing, all materials including but not limited to logos, trademarks, images, designs, photographs, videos, and written and other materials that appear as part of any of our websites: https://socprime.com/, https://tdm.socprime.com, https://my.socprime.com, https://developer.socprime.com, official Facebook, Twitter and LinkedIn pages and others web pages owned by SOC Prime (collectively - “Website”) are copyrights, trademarks, service marks, trade dress and/or other intellectual property whether registered or unregistered (“Intellectual Property”) owned, controlled or licensed by SOC Prime. Nothing on our Website should be construed as granting, by implication, estoppel or otherwise, any license or right to use any Intellectual Property displayed or used on our Website without the prior written permission of the Intellectual Property owner.

Sharing on Social Platforms. SOC Prime supports sharing and reposting public SOC Prime’s news and posts on social media platforms such as Facebook, Twitter, and LinkedIn ("Social Platforms"). You understand and agree that you may share on Social Platforms and include a link to the Website in your post.

Unless otherwise stated herein, the names, trademarks, and logos of SOC Prime may not be used in any way, including in advertising or publications of any Website’s materials anywhere, including Social Platforms, without prior written permission from SOC Prime. SOC Prime prohibits the use of any SOC Prime logo or any of the published materials on the Website unless such publication is approved by these Terms or in advance and written by SOC Prime.

Other trademarks and logos mentioned on our Website may be the intellectual property of their respective owners.

21. Export Control and Sanctions Laws

You shall comply with all applicable federal, state, local and foreign laws, rules, and regulations while creating Content. You are solely responsible for ensuring your participation in the Program is compliant with all laws, rules, and regulations applicable to you, and the right to participate in the Program is revoked when it is prohibited by any applicable law, rule, or regulation.

You acknowledge that the Platform may be subject to the Export Administration Regulations, 15 C.F.R. Parts 730-774, of the United States and may be subject to other applicable country export control and trade sanctions laws (“Export Control and Sanctions Laws”). You may not participate in the Program directly or indirectly, in violation of Export Control and Sanctions Laws.

22. Handling of Personal Information

SOC Prime respects the privacy of Developers. SOC Prime will use the personal information provided by Developers for identification, contacting, report reviewing, payments, prevention of unauthorized use, smooth operation of the Program, and any other necessary clerical processes. The handling of other privacy matters shall be under the Privacy Policy. SOC Prime gives the utmost care to safely manage the information collected from Developers.

23. Slack App Bot

We created a Slack app called Sigma Rules Bot for Threat Bounty (the “Application”) to create and manage your Content using the Program. With the Application, you can:

  • Develop Sigma rules directly through Slack;
  • Run automated tests to check the created Sigma rules for common errors;
  • Submit Sigma rules to review by SOC Prime experts directly through Slack;
  • Communicate with SOC Prime representatives during Sigma rules verification;
  • Search for your previously published Sigma rules and suggest appropriate updates on the fly.

The Application is available through your account or via a link. To install the Application, click the "Add to Slack" button, launch the bot, and authenticate. For the authentication, you need to enter your email address linked to your Threat Bounty Program account and the authentication token. To request the authentication token, follow the instructions provided in the App or contact us at threatbounty@socprime.com. One user can be authenticated with the bot only in one Slack space.

Сontent created with Application subject to all the same rules and restrictions as other Threat Bounty Content.