N NSAuditor AI
  • Pro
  • Enterprise
  • Docs
  • Pricing
  • Nsasoft
  • GitHub

End User License Agreement

Nsasoft US LLC · NSAuditor AI — Community, Pro & Enterprise Editions

Version 2.0 · Effective June 5, 2026 · Updated June 30, 2026

IMPORTANT — READ CAREFULLY BEFORE INSTALLING, COPYING, OR USING THIS SOFTWARE.

This End User License Agreement ("Agreement" or "EULA") is a legally binding contract between you (either an individual or a single entity, referred to herein as "You," "Your," or "Licensee") and Nsasoft US LLC, a Nevada limited liability company ("Nsasoft," "We," "Us," or "Company"), governing Your use of the NSAuditor AI software, including any associated media, printed materials, documentation, updates, patches, plugins, and online or electronic content (collectively, the "Software").

BY INSTALLING, COPYING, DOWNLOADING, ACCESSING, OR OTHERWISE USING THE SOFTWARE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT INSTALL OR USE THE SOFTWARE. PROMPTLY DELETE ALL COPIES IN YOUR POSSESSION.

IF YOU ARE ACCEPTING THIS AGREEMENT ON BEHALF OF AN ORGANIZATION, YOU REPRESENT AND WARRANT THAT YOU HAVE THE AUTHORITY TO BIND THAT ORGANIZATION TO THESE TERMS.


1. DEFINITIONS

1.1 "Community Edition" or "CE" means the free, MIT-licensed open source version of the Software available at github.com/nsasoft/nsauditor-ai.

1.2 "Pro Edition" means the paid subscription tier of the Software that includes additional proprietary features available via the @nsasoft/nsauditor-ai-ee package.

1.3 "Enterprise Edition" or "EE" means the paid subscription tier of the Software that includes all features of the Pro Edition plus additional enterprise capabilities.

1.4 "License Key" means the digitally signed token (JWT) issued by Nsasoft that activates Pro or Enterprise features.

1.5 "Scan Data" means any and all data, information, results, reports, findings, network information, credentials, passwords, vulnerabilities, configurations, or other output generated by the Software during its operation.

1.6 "Target" means any computer, network, device, system, service, or infrastructure that the Software is directed to scan, probe, test, audit, or analyze.

1.7 "Authorized Target" means a Target that You own, operate, or have explicit written authorization from the owner to scan.


2. LICENSE GRANT

2.1 Community Edition. The Community Edition is licensed under the MIT Expat License. Your rights and obligations with respect to the Community Edition are governed by the MIT License included with the Software, subject to the additional terms in Sections 5 through 14 of this Agreement.

2.2 Pro and Enterprise Editions. Subject to Your compliance with this Agreement and payment of applicable fees, Nsasoft grants You a limited, non-exclusive, non-transferable, revocable license to install and use the Pro or Enterprise Edition of the Software during the term of Your active subscription, solely for Your internal business purposes.

2.3 Scope. The Software is licensed, not sold. Nsasoft retains all right, title, and interest in and to the Software, including all intellectual property rights therein. This Agreement does not convey any ownership interest in the Software.


3. LICENSE RESTRICTIONS

You shall not:

(a) Sublicense, sell, resell, lease, rent, loan, distribute, or otherwise transfer the Pro or Enterprise Edition or any License Key to any third party;

(b) Modify, adapt, translate, reverse engineer, decompile, disassemble, or create derivative works of the Pro or Enterprise Edition, except to the extent expressly permitted by applicable law notwithstanding this limitation;

(c) Remove, alter, obscure, or tamper with any proprietary notices, labels, trademarks, license keys, or license enforcement mechanisms in the Software;

(d) Use the Software to provide scanning, auditing, or security assessment services to third parties on a managed-service, SaaS, or bureau-service basis without a separate written agreement with Nsasoft;

(e) Share, publish, or post any License Key in any public forum, repository, or electronic medium;

(f) Circumvent, disable, or interfere with any license validation, capability gating, or feature restriction mechanism in the Software;

(g) Use the Software in any manner that violates any applicable local, state, national, or international law or regulation (see Section 5);

(h) Reuse any portion of the Software's source code — including any individual function, algorithm, plugin, detection rule, compliance mapping, or code snippet — in original or modified form, in any other software, product, or service, whether internal, open-source, free, or commercial; or

(i) Re-implement, whether by clean-room methods or with the assistance of any automated tool or artificial-intelligence system, any of the Software's plugin logic, detection rules, or compliance-mapping data, or create any work that reproduces the structure, sequence, organization, or substantial functionality thereof.

3.1 Confidentiality and Trade Secrets. The Software's source code, plugin detection logic, detection rules, and compliance-mapping data (including the framework control mappings and matching patterns in the data/compliance directory) constitute trade secrets and Confidential Information of Nsasoft, developed at significant expense and maintained as confidential. The public taxonomies of the referenced compliance frameworks (e.g., the SOC 2, HIPAA, NIST CSF, PCI DSS, ISO 27001, and CIS control identifiers) are not claimed as confidential; the proprietary control mappings, detection rules, and matching logic are. You shall not disclose, publish, post, or otherwise share the Software's contents or any License Key with any third party. The Software is furnished under a private, access-controlled distribution channel (a restricted npm registry token) solely for Your authorized internal use, and You shall protect it using at least the same degree of care You use to protect Your own confidential information of like importance, and in no event less than a reasonable degree of care.

3.2 Ownership of Unauthorized Derivatives. Any modification, adaptation, translation, derivative work, or re-implementation of the Software created in breach of this Agreement, together with all intellectual property rights therein, are and shall be the sole and exclusive property of Nsasoft, and You hereby irrevocably assign to Nsasoft all right, title, and interest in and to any such work. This Section is in addition to, and does not limit, Nsasoft's other rights and remedies, including the injunctive relief described in Section 13.5.


4. SUBSCRIPTION TERMS

4.1 Fees. Pro and Enterprise Edition features require an active paid subscription. Fees are as stated on nsauditor.com/pricing at the time of purchase.

4.2 Renewal. Subscriptions renew automatically unless canceled before the renewal date. You may cancel at any time through Your account portal.

4.3 Expiration. Upon expiration or termination of Your subscription, the Pro or Enterprise features will deactivate. The Community Edition features will continue to function without interruption.

4.4 Refunds. Subscription fees are non-refundable except as required by applicable law or as otherwise stated in the Nsasoft Terms of Service.


5. AUTHORIZED USE AND LEGAL COMPLIANCE

THIS SECTION IS CRITICAL. READ IT CAREFULLY.

5.1 Authorization Requirement. You shall use the Software ONLY against Authorized Targets. You represent and warrant that, for every Target scanned, probed, tested, or analyzed using the Software, You either:

(a) Own the Target; or

(b) Have obtained explicit, documented, written authorization from the owner, operator, or authorized administrator of the Target to perform the specific type of scanning, testing, or auditing You intend to conduct.

5.2 Legal Compliance. You are solely responsible for ensuring that Your use of the Software complies with all applicable laws, regulations, and industry standards, including but not limited to:

  • The Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030
  • The Electronic Communications Privacy Act (ECPA)
  • The General Data Protection Regulation (GDPR), where applicable
  • The Health Insurance Portability and Accountability Act (HIPAA), where applicable
  • The Payment Card Industry Data Security Standard (PCI DSS), where applicable
  • Any applicable state, provincial, or national computer crime, privacy, or data protection laws
  • Any applicable terms of service of the Target systems, networks, or services

5.3 Prohibited Uses. You shall NOT use the Software to:

(a) Scan, probe, test, or attack any Target without explicit authorization from the Target's owner or authorized operator;

(b) Conduct any form of unauthorized access, intrusion, penetration, or exploitation of any computer system, network, or service;

(c) Harvest, collect, store, or exfiltrate any personal data, credentials, passwords, private keys, or other sensitive information from any Target without the Target owner's explicit consent;

(d) Conduct denial-of-service attacks, network flooding, or any activity intended to degrade, disrupt, or destroy the availability of any Target;

(e) Violate the privacy, confidentiality, or security of any individual, organization, or system;

(f) Develop, create, or assist in the creation of malware, exploits, attack tools, or any software designed to facilitate unauthorized access;

(g) Engage in any activity that constitutes or facilitates corporate espionage, competitive intelligence gathering through unauthorized means, or industrial sabotage;

(h) Violate any law, regulation, contractual obligation, or third-party right.

5.4 Your Responsibility. YOU ACKNOWLEDGE AND AGREE THAT THE SOFTWARE IS A POWERFUL NETWORK SECURITY AUDITING TOOL THAT CAN DISCOVER SENSITIVE INFORMATION INCLUDING BUT NOT LIMITED TO OPEN PORTS, RUNNING SERVICES, SOFTWARE VERSIONS, SYSTEM CONFIGURATIONS, EXPOSED CREDENTIALS, PRIVATE DATA, AND NETWORK VULNERABILITIES. THE DISCOVERY OF SUCH INFORMATION IS THE INTENDED PURPOSE OF THE SOFTWARE WHEN USED ON AUTHORIZED TARGETS. YOU ARE SOLELY AND EXCLUSIVELY RESPONSIBLE FOR:

(a) Determining whether Your intended use is lawful in Your jurisdiction;

(b) Obtaining all necessary authorizations before scanning any Target;

(c) Safeguarding, protecting, and properly handling all Scan Data generated by the Software;

(d) Complying with all data protection, privacy, and security regulations applicable to the Scan Data;

(e) Any and all consequences arising from Your use of the Software, including any Scan Data discovered, generated, stored, or disclosed.

5.5 Read-Only, Least-Privilege Credentials Requirement (Cloud Auditing). The Software's cloud-audit features require You to supply cloud-provider credentials (Amazon Web Services, Microsoft Azure, and/or Google Cloud Platform access keys, roles, service accounts, or service principals) so the Software can read configuration and metadata from Your cloud account(s). You represent, warrant, and agree that any credential, access key, role, service account, or service principal You provide to, configure for, or use with the Software MUST be scoped to read-only, least-privilege permissions sufficient only to enumerate and read the resources being audited — for example, the AWS managed policies ReadOnlyAccess or SecurityAudit, the Azure built-in role Reader, or the GCP role roles/viewer — and MUST NOT grant create, write, modify, delete, or other state-changing permissions. The Software is designed to perform read-only auditing and does not require, request, or rely on write access to any Target or cloud environment. You are solely and exclusively responsible for provisioning, scoping, rotating, and revoking such credentials. To the maximum extent permitted by applicable law, Nsasoft shall have no liability for any modification, disruption, outage, data loss, or damage to Your systems, data, accounts, or cloud environment arising from or related to credentials You supply or configure that exceed read-only, least-privilege scope, and You assume all risk of supplying credentials broader than read-only.


6. ZERO DATA EXFILTRATION — DATA OWNERSHIP AND PROCESSING

6.1 No Data Collection. The Software operates entirely within Your infrastructure. Nsasoft does NOT collect, receive, transmit, access, process, store, or have any access to any Scan Data generated by the Software. Nsasoft has no technical capability to access Your Scan Data.

6.2 Not a Data Processor. Nsasoft is NOT a data processor, data controller, sub-processor, or business associate under any data protection regulation, including GDPR, HIPAA, CCPA, or any other privacy law, with respect to any Scan Data. No Data Processing Agreement (DPA) or Business Associate Agreement (BAA) is required or offered in connection with this Software.

6.3 Data Ownership. All Scan Data is and remains Your sole property. You are solely responsible for the collection, storage, protection, retention, deletion, and lawful processing of all Scan Data.

6.4 AI Integration. If You configure the Software to use external AI services (such as OpenAI, Anthropic Claude, or other providers), You are responsible for providing Your own API keys, reviewing the AI provider's terms of service and privacy policies, and understanding that Scan Data (after redaction) may be transmitted to the AI provider. Nsasoft has no relationship with, control over, or responsibility for any third-party AI provider. Nsasoft does not receive, process, or store any data transmitted to or received from AI providers.

6.5 License Validation. The only data Nsasoft processes is Your License Key and associated subscription information (email address, payment details via Stripe). License validation is performed offline using cryptographic signature verification. No Scan Data, network information, or telemetry of any kind is transmitted to Nsasoft.


7. DISCLAIMER OF WARRANTIES

THE SOFTWARE IS PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NSASOFT AND ITS SUPPLIERS, LICENSORS, AND AFFILIATES EXPRESSLY DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO:

(a) IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT;

(b) ANY WARRANTY THAT THE SOFTWARE WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS;

(c) ANY WARRANTY THAT THE SOFTWARE WILL BE UNINTERRUPTED, TIMELY, SECURE, ACCURATE, COMPLETE, OR ERROR-FREE;

(d) ANY WARRANTY THAT THE SOFTWARE WILL DETECT ALL VULNERABILITIES, SECURITY FLAWS, MISCONFIGURATIONS, OR THREATS IN ANY TARGET;

(e) ANY WARRANTY THAT THE SCAN DATA OR AI-GENERATED REPORTS ARE ACCURATE, COMPLETE, CURRENT, OR RELIABLE;

(f) ANY WARRANTY REGARDING THE RESULTS OBTAINED FROM THE USE OF THE SOFTWARE;

(g) ANY WARRANTY THAT DEFECTS WILL BE CORRECTED.

YOU ACKNOWLEDGE THAT NETWORK SECURITY AUDITING IS INHERENTLY COMPLEX AND THAT NO SCANNING TOOL, INCLUDING THE SOFTWARE, CAN GUARANTEE DETECTION OF ALL VULNERABILITIES OR PROVIDE COMPLETE SECURITY ASSURANCE. THE SOFTWARE IS A TOOL TO ASSIST QUALIFIED SECURITY PROFESSIONALS AND IS NOT A SUBSTITUTE FOR PROFESSIONAL JUDGMENT, MANUAL TESTING, OR COMPREHENSIVE SECURITY ASSESSMENTS.


8. LIMITATION OF LIABILITY

THIS SECTION LIMITS NSASOFT'S LIABILITY TO THE MAXIMUM EXTENT PERMITTED BY LAW. READ IT CAREFULLY.

8.1 Exclusion of Consequential Damages. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL NSASOFT, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, SUPPLIERS, LICENSORS, OR AFFILIATES BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES WHATSOEVER, INCLUDING BUT NOT LIMITED TO:

(a) DAMAGES FOR LOSS OF PROFITS, REVENUE, BUSINESS, GOODWILL, OR ANTICIPATED SAVINGS;

(b) DAMAGES FOR LOSS OF, DAMAGE TO, OR CORRUPTION OF DATA (INCLUDING SCAN DATA);

(c) DAMAGES FOR BUSINESS INTERRUPTION, SYSTEM DOWNTIME, OR NETWORK DISRUPTION;

(d) DAMAGES FOR LOSS OF PRIVACY, EXPOSURE OF CONFIDENTIAL INFORMATION, OR DATA BREACHES;

(e) DAMAGES FOR PERSONAL INJURY (TO THE EXTENT PERMITTED BY LAW);

(f) DAMAGES FOR FAILURE TO MEET ANY DUTY INCLUDING OF GOOD FAITH OR OF REASONABLE CARE;

(g) DAMAGES FOR NEGLIGENCE;

(h) DAMAGES ARISING FROM OR RELATED TO ANY UNAUTHORIZED ACCESS, USE, OR ALTERATION OF YOUR SCAN DATA OR TRANSMISSIONS;

(i) ANY OTHER PECUNIARY OR NON-PECUNIARY LOSS WHATSOEVER;

ARISING OUT OF OR IN ANY WAY RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES, OR OTHERWISE UNDER OR IN CONNECTION WITH ANY PROVISION OF THIS AGREEMENT, REGARDLESS OF THE LEGAL THEORY (WHETHER CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, WARRANTY, OR OTHERWISE), EVEN IF NSASOFT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

8.2 Maximum Aggregate Liability. NOTWITHSTANDING ANY DAMAGES THAT YOU MIGHT INCUR FOR ANY REASON WHATSOEVER (INCLUDING, WITHOUT LIMITATION, ALL DAMAGES REFERENCED ABOVE AND ALL DIRECT OR GENERAL DAMAGES IN CONTRACT, TORT, OR OTHERWISE), THE ENTIRE AGGREGATE LIABILITY OF NSASOFT AND ANY OF ITS SUPPLIERS, LICENSORS, AND AFFILIATES UNDER ANY PROVISION OF THIS AGREEMENT, AND YOUR EXCLUSIVE REMEDY FOR ALL OF THE FOREGOING, SHALL BE LIMITED TO THE GREATER OF:

(a) THE AMOUNTS ACTUALLY PAID BY YOU FOR THE SOFTWARE OR SUBSCRIPTION IN THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR

(b) FIVE U.S. DOLLARS (US $5.00).

8.3 Application. THE FOREGOING LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS SHALL APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EVEN IF ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE, AND REGARDLESS OF WHETHER NSASOFT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS APPLY TO ALL CLAIMS RELATED TO THIS AGREEMENT, THE SOFTWARE, AND ANY RELATED SERVICES.

8.4 Essential Basis. YOU ACKNOWLEDGE THAT NSASOFT HAS SET ITS PRICES AND ENTERED INTO THIS AGREEMENT IN RELIANCE UPON THE LIMITATIONS OF LIABILITY AND THE DISCLAIMERS OF WARRANTIES AND DAMAGES SET FORTH HEREIN, AND THAT THE SAME FORM AN ESSENTIAL BASIS OF THE BARGAIN BETWEEN THE PARTIES.


9. INDEMNIFICATION

9.1 Your Indemnification Obligation. YOU SHALL INDEMNIFY, DEFEND, AND HOLD HARMLESS NSASOFT, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, AND ASSIGNS FROM AND AGAINST ANY AND ALL CLAIMS, DEMANDS, ACTIONS, SUITS, PROCEEDINGS, LOSSES, DAMAGES, LIABILITIES, COSTS, AND EXPENSES (INCLUDING REASONABLE ATTORNEYS' FEES AND COURT COSTS) ARISING OUT OF OR RELATED TO:

(a) Your use of the Software, including any Scan Data generated, discovered, stored, disclosed, or processed;

(b) Your breach of any term of this Agreement, including the Authorized Use requirements in Section 5;

(c) Your violation of any applicable law, regulation, or third-party right, including but not limited to unauthorized scanning, unauthorized access, privacy violations, or data protection violations;

(d) Any claim by any third party that Your use of the Software infringed their rights, damaged their systems, disclosed their data, or caused them harm of any kind;

(e) Any claim arising from Scan Data that You shared, disclosed, transmitted, or failed to adequately protect;

(f) Any claim arising from Your use of AI integration features, including any data transmitted to third-party AI providers;

(g) Your negligent or wrongful acts or omissions in connection with the Software.

9.2 Survival. This indemnification obligation shall survive the termination or expiration of this Agreement.


10. EXPORT COMPLIANCE

You shall comply with all applicable export and import laws, regulations, and orders, including the U.S. Export Administration Regulations, U.S. sanctions laws administered by the Office of Foreign Assets Control (OFAC), and all applicable export restrictions of Your jurisdiction. You represent and warrant that You are not located in, under the control of, or a national or resident of any country to which the United States has embargoed goods or services, and that You are not listed on any U.S. Government list of prohibited or restricted parties.


11. TERM AND TERMINATION

11.1 Term. This Agreement is effective upon Your first use of the Software and continues until terminated.

11.2 Termination by You. You may terminate this Agreement at any time by ceasing all use of the Software and deleting all copies in Your possession.

11.3 Termination by Nsasoft. Nsasoft may terminate this Agreement immediately and without notice if You breach any term of this Agreement, including the Authorized Use requirements in Section 5. Upon termination, You must immediately cease all use of the Software and delete all copies.

11.4 Effect of Termination. Sections 5, 6, 7, 8, 9, 10, 12, 13, and 14 shall survive any termination or expiration of this Agreement.


12. ACKNOWLEDGMENTS

By using the Software, You acknowledge and agree that:

12.1 The Software is designed for use by qualified IT and security professionals for legitimate network security auditing, vulnerability assessment, and compliance testing purposes;

12.2 The Software can discover sensitive information, and You bear full responsibility for handling such information in compliance with all applicable laws;

12.3 Unauthorized scanning of computer systems and networks is illegal in most jurisdictions and may result in civil and criminal penalties;

12.4 Nsasoft has no control over, and assumes no responsibility for, how You use the Software or what You do with Scan Data;

12.5 Nsasoft has no ability to monitor, access, or review Your use of the Software or any Scan Data;

12.6 You have been advised to consult with legal counsel regarding the lawfulness of Your intended use of the Software in Your jurisdiction;

12.7 The AI-generated reports and analysis are produced by third-party AI models and may contain inaccuracies, errors, or hallucinations — they are advisory in nature and do not constitute professional security advice;

12.8 The absence of reported findings does not mean the absence of vulnerabilities;

12.9 The cloud-audit features are intended to be used with read-only, least-privilege credentials only (per Section 5.5), the Software does not require write access, and You are solely responsible for ensuring that any cloud credentials You supply to the Software are so scoped and for any consequence of supplying credentials broader than read-only.


13. GOVERNING LAW AND DISPUTE RESOLUTION

13.1 Governing Law. This Agreement shall be governed by and construed in accordance with the laws of the State of Nevada, United States of America, without regard to its conflict of law provisions.

13.2 Jurisdiction. Any legal action or proceeding arising under this Agreement shall be brought exclusively in the state or federal courts located in Clark County, Nevada, and the parties hereby consent to personal jurisdiction and venue therein.

13.3 Arbitration. Any dispute, controversy, or claim arising out of or relating to this Agreement, or the breach, termination, or invalidity thereof, shall be settled by binding arbitration administered by the American Arbitration Association ("AAA") under its Commercial Arbitration Rules. The arbitration shall take place in Las Vegas, Nevada. The arbitrator's decision shall be final and binding. Judgment upon the award rendered by the arbitrator may be entered in any court having jurisdiction thereof.

13.4 Class Action Waiver. YOU AND NSASOFT AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE ACTION. THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON'S CLAIMS AND MAY NOT OTHERWISE PRESIDE OVER ANY FORM OF A REPRESENTATIVE OR CLASS PROCEEDING.

13.5 Injunctive Relief. Notwithstanding the foregoing, Nsasoft shall be entitled to seek injunctive or other equitable relief in any court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation, or violation of Nsasoft's intellectual property rights or confidential information.


14. GENERAL PROVISIONS

14.1 Entire Agreement. This Agreement constitutes the entire agreement between You and Nsasoft with respect to the Software and supersedes all prior or contemporaneous oral or written communications, proposals, and representations.

14.2 Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.

14.3 Waiver. No failure or delay by Nsasoft in exercising any right under this Agreement shall constitute a waiver of that right.

14.4 Assignment. You may not assign or transfer this Agreement or any rights hereunder without Nsasoft's prior written consent. Nsasoft may assign this Agreement without Your consent in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets.

14.5 Notices. Any notices required or permitted under this Agreement shall be in writing and shall be sent to legal@nsasoft.us for Nsasoft, and to the email address associated with Your account for You.

14.6 Force Majeure. Nsasoft shall not be liable for any failure or delay in performance due to circumstances beyond its reasonable control, including acts of God, war, terrorism, pandemic, natural disaster, labor disputes, government actions, or failures of third-party services.

14.7 Third-Party Beneficiaries. This Agreement does not create any third-party beneficiary rights.

14.8 Headings. Section headings are for convenience only and shall not affect the interpretation of this Agreement.

14.9 Language. This Agreement is written in English. In the event of any conflict between the English version and any translation, the English version shall prevail.


15. CONTACT INFORMATION

Nsasoft US LLC 732 S 6TH ST, STE R LAS VEGAS, NV 89101 USA

Legal inquiries: legal@nsasoft.us General support: support@nsasoft.us Website: https://nsauditor.com


BY INSTALLING, COPYING, OR USING THE SOFTWARE, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT, UNDERSTAND IT, AND AGREE TO BE BOUND BY ITS TERMS AND CONDITIONS.



Schedule A — AWS Marketplace Addendum

Applies solely to licenses obtained through AWS Marketplace. Effective June 30, 2026.


This AWS Marketplace Addendum ("Addendum") supplements and, solely for orders placed through AWS Marketplace, modifies the NSAuditor AI End User License Agreement ("EULA") between you ("Licensee," "You," or "Your") and Nsasoft US LLC ("Nsasoft"). It applies only when You obtain a license to the Enterprise Edition of the Software through AWS Marketplace, including through a public offer or a private offer. For all orders not placed through AWS Marketplace, the EULA applies without this Addendum.

Capitalized terms not defined in this Addendum have the meanings given to them in the EULA.

Edition licensed. The product licensed to You through AWS Marketplace under this Addendum is the NSAuditor AI Enterprise Edition. References in the EULA to the Community Edition (which remains separately available under the MIT Expat License at github.com/nsasoft/nsauditor-ai) and to the Pro Edition are provided for context and definitional completeness only; they are not part of, and confer no rights or obligations under, Your AWS Marketplace order. Wherever the EULA refers to the "Pro or Enterprise Edition," for Marketplace orders that grant, and all related rights and restrictions, apply to the Enterprise Edition.

1. Order of Precedence

For any license obtained through AWS Marketplace, if there is a conflict between this Addendum and the EULA, this Addendum controls, and all other terms of the EULA remain in full force and effect. The EULA, as modified by this Addendum, is the governing agreement for the Software. Nsasoft has elected to provide this custom agreement in place of the Standard Contract for AWS Marketplace.

2. Billing, Fees, and Merchant of Record

Notwithstanding EULA Section 4.1, fees for a Marketplace order are those set forth in the applicable AWS Marketplace public or private offer. Billing is administered by Amazon Web Services, Inc. or its applicable affiliate ("AWS") as merchant of record. Any reference in the EULA to prices stated on nsauditor.com, to Stripe, or to a Nsasoft account portal does not apply to Marketplace orders. Applicable taxes are handled through AWS Marketplace.

3. Subscription Term, Renewal, and Cancellation

Notwithstanding EULA Sections 4.2 and 4.3, the subscription term, renewal, and cancellation for a Marketplace order are governed by the terms of the applicable AWS Marketplace offer and by the AWS Marketplace agreement between You and AWS. Where the EULA refers to canceling "through Your account portal," for Marketplace orders that action is performed through AWS Marketplace.

4. Refunds

Notwithstanding EULA Section 4.4, refunds for Marketplace orders are governed by the refund policy published on the AWS Marketplace listing and by applicable AWS Marketplace policies. Nsasoft does not process payments for Marketplace orders.

5. License Delivery and Activation

For Marketplace orders, Your entitlement is fulfilled by delivery of a digitally signed License Key (JWT) that You install and that the Software validates locally using cryptographic signature verification. The Software requires no runtime connection to AWS or to Nsasoft at scan time. Where container images are delivered through AWS Marketplace, that delivery is separate from any offline or air-gapped artifact delivery provided by Nsasoft under the EULA.

6. Zero Data Exfiltration; Billing Metadata

EULA Section 6 continues to apply in full: no Scan Data ever leaves Your environment, and Nsasoft is not a data processor, data controller, sub-processor, or business associate with respect to any Scan Data. For Marketplace orders, the only additional information Nsasoft receives is AWS Marketplace billing and entitlement metadata - for example, Your AWS account identifier, the entitlement or agreement identifier, and the contact email You provide during license registration - used solely to issue, deliver, and manage Your License Key. This billing metadata is categorically separate from, and never includes, any Scan Data.

7. No Change to Risk Allocation

EULA Sections 5 (Authorized Use and Legal Compliance), 7 (Disclaimer of Warranties), 8 (Limitation of Liability), 9 (Indemnification), 10 (Export Compliance), 11 (Term and Termination), and 13 (Governing Law and Dispute Resolution) apply to Marketplace orders without modification, except that nothing in this Addendum or the EULA limits or supersedes any rights or obligations You have under Your separate agreement with AWS governing Your use of AWS Marketplace.

8. Contact

Legal inquiries: legal@nsasoft.us Enterprise and billing: enterprise@nsasoft.us



© 2025–2026 Nsasoft US LLC · Las Vegas, NV
  • NSAuditor AI
  • Enterprise
  • Pricing
  • GitHub
  • Contact
  • Legal