Educause Security Discussion mailing list archives

Re: Tenable License Agreement

From: Charlie Prothero <Charlie.Prothero () KEYSTONE EDU>
Date: Thu, 18 Sep 2008 05:25:05 -0400

To play the Devil's Advocate for a moment, turn the tables around and
pretend that you're selling a security product that gives your customers
the ability to scan, monitor and potentially divulge the contents of
network transmissions.  Would you sell that product to anyone without
assurances that their use or misuse of the product won't come back to
bite you?  

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bradley, Stephen W.
Mr.
Sent: Wednesday, September 17, 2008 7:42 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Tenable License Agreement

Well I had a PO in hand in order to get the Nessus feeds and when our
purchasing saw the agreement Tenable wanted us to sign that was it, no
dice.

Our legal would not allow us to enter into the agreement in any way
shape or form.  We gave Tenable language that we would agree to but as
Chris has noticed they would not budge.


steve

________________________________________
From: The EDUCAUSE Security Constituent Group Listserv
[SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chris Green
[cmgreen () UAB EDU]
Sent: Wednesday, September 17, 2008 3:43 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Tenable License Agreement

Good day,

We've been a long time nessus "feed" customer since they started
charging for the immediate access.  However, we go to renew our license
this time and they have a new agreement to sign and they are being
difficult about budging.

http://cgi.tenablesecurity.com/Subscription_Agreement.pdf

From the Subscription agreement:


""" Accordingly, You agree that You will, at Your expense, indemnify,
defend and hold Tenable harmless in all claims and actions that seek
compensation of any kind for injury or death to persons and/or for
damage to property that arise out of or relate to Your security
solutions or Your use of the Plugins, or the solutions You provide to a
third party through Your use of the Plugins. You also agree to pay all
settlements, costs, damages, legal fees and expenses finally awarded in
all such claims and actions. """

That's language our Legal department won't accept under any
circumstances.

Have any other orgs out there been unable to renew their feeds over
this?

Current thread:

Tenable License Agreement Chris Green (Sep 17)
- <Possible follow-ups>
- Re: Tenable License Agreement Valdis Kletnieks (Sep 17)
- Re: Tenable License Agreement Marty Hoag (Sep 17)
- Re: Tenable License Agreement Bradley, Stephen W. Mr. (Sep 17)
- Re: Tenable License Agreement Charlie Prothero (Sep 18)
- Re: Tenable License Agreement Chris Green (Sep 19)
- Re: Tenable License Agreement John Ladwig (Sep 19)