Commercial legal resources for OEM, reseller, white-label, support, data, and scan-scope agreements.
Commercial programs need contract templates that define license rights, partner obligations, customer usage, support, security, data handling, and acceptable scan scope.
Commercial documents
Use these agreement families to convert pilots, partner conversations, procurement reviews, and enterprise deployments into operating terms.
Licensing
Enterprise, embedded, OEM, white-label, offline, air-gapped, academic, startup, and usage-credit licensing.
Security
Security controls for partner licensing, local workers, OEM binaries, tokens, signed outputs, and audit events.
Commercial Contact
Start an OEM, reseller, MSSP, enterprise, private-label, procurement, or deployment conversation.
Contracts that match the commercial model
The legal center organizes the agreement types needed for OEM, reseller, MSSP, private-label, support, DPA, security, acceptable use, and order forms.
OEM Evaluation Agreement
Covers a time-boxed technical evaluation, pilot restrictions, confidential materials, test data, feedback, and conversion path.
OEM Embedded Software License
Defines redistribution rights, customer-org limits, usage restrictions, license keys, support responsibilities, audit rights, and termination.
Reseller Agreement
Defines resale rights, pricing, discounting, lead ownership, customer support boundaries, payment terms, and territory rules.
Private-Label Addendum
Allows partner-branded service delivery while preserving underlying license, evidence, support, and acceptable-use restrictions.
White-Label Addendum
Defines deeper branding rights, attribution controls, output customization, binary metadata, and minimum commercial commitments.
MSSP Addendum
Covers customer-org management, managed delivery rights, support boundaries, reporting responsibilities, and usage rollups.
Support and SLA Addendum
Defines support tiers, response windows, severity levels, escalation, maintenance, availability, and partner obligations.
Data Processing Addendum
Addresses processing roles, retention, subprocessors, local execution, evidence handling, deletion, and privacy obligations.
Security Exhibit
Summarizes commercial security controls, token handling, license signing, output integrity, scan scope, and incident process.
Acceptable Use and Scan Scope Terms
Defines allowed targets, authorization requirements, prohibited activity, customer responsibility, and safe testing boundaries.
Revenue Share Schedule
Defines base fees, customer-org fees, usage credits, revenue share, payment timing, and reporting obligations.
Order Form Template
Captures commercial program, SKUs, license scope, deployment model, support tier, pricing, term, and special conditions.
Default OEM architecture
A partner product keeps its own UI, scheduling, reporting, customer accounts, and workflow while the SecEng engine supplies AI-specific security results.
Partner orchestrator
The partner scanner, Java application, AppSec platform, CI job, or managed-service workflow owns scheduling, customer context, and UI.
SecEng sidecar
A headless binary or localhost API receives bounded scan requests, validates local license state, and runs AI security modules.
Structured outputs
The engine returns JSON, SARIF, markdown, evidence bundles, and normalized finding metadata suitable for native ingestion.
Partner reporting
The partner presents results inside its own product, report, portal, or service workflow without exposing the AI Security LLC UI.
Usage reconciliation
Customer-org usage, credits, license status, and revocation sync to the commercial control plane when the deployment model allows it.
Choose the right commercial model
The Commercial pillar separates how organizations buy, embed, operate, and scale AI Security LLC from the technical capabilities themselves.
Licensing models
Use the licensing shape that matches how the customer or partner wants to buy and operate.
Enterprise Site License
Organizations that want AI security tooling, evidence generation, private workers, Academy access, and negotiated usage capacity.
- Organization-level entitlements
- Private worker support
- Negotiated credits
- Procurement and security review
OEM Embedded License
Scanner vendors and security platforms that want to embed the SecEng engine inside their existing product.
- Partner license
- Customer-org tracking
- Usage rollups
- Redistribution rights
MSSP License
Managed security providers selling AI security assessments and monitoring as a managed service.
- Customer-org reporting
- Managed delivery rights
- Usage credits
- Support boundaries
White-Label License
Strategic partners that need customer-facing brand control, custom report language, and embedded packaging.
- Branding rights
- Output customization
- Higher support obligations
- Audit rights
Deployment options
Commercial packaging should follow the customer data boundary, partner architecture, and procurement expectations.
SaaS control plane
The AI Security LLC web platform governs organizations, credits, entitlements, users, reports, and commercial records.
Local worker
Sensitive repositories, traces, prompts, and artifacts stay local while entitlement and usage sync remains platform-controlled.
OEM sidecar
A partner invokes the SecEng engine through CLI or localhost HTTP and ingests native JSON, SARIF, and evidence outputs.
Air-gapped deployment
Signed offline license grants and controlled update processes support highly sensitive environments.
Support tiers
Support can be matched to the commercial obligation, from pilot support to strategic OEM escalation.
Standard
Early partners, pilots, startups, and small commercial programs.
- Email support
- Pilot guidance
- Documentation support
- Best-effort integration review
Premium
OEM partners, MSSPs, and enterprise programs with customer-facing obligations.
- Partner escalation channel
- Release guidance
- Integration reviews
- Commercial success reviews
Enterprise
Strategic OEM, white-label, air-gapped, and enterprise site-license deployments.
- Escalation path
- Security review support
- Roadmap alignment
- Custom support terms
Commercial path
The fastest route is a scoped pilot that proves technical ingestion and commercial packaging before expanding.
Commercial fit call
Identify partner type, target customers, intended packaging, deployment constraints, support model, and success criteria.
Technical pilot
Prove the CLI or localhost API path against a representative target and confirm JSON, SARIF, and evidence ingestion.
Commercial pilot
Define pricing, customer-org model, support boundary, white-label depth, license controls, and pilot reporting.
Production rollout
Convert to partner agreement, issue production licenses, document integration, and begin customer-org activation.
Representative SKUs
Commercial products should be represented as registry-backed SKUs rather than ad hoc pricing copy.
OEM Pilot
A focused 30-day pilot to prove the SecEng headless engine can be invoked by a partner product and produce ingestible AI security findings.
OEM Base License
Base commercial license for a partner to embed or invoke the SecEng engine across approved internal and customer environments.
OEM Customer Org
Per-customer organization pricing for active OEM customers using partner-distributed SecEng AI security capabilities.
Private-Label Add-on
Private-label packaging where the partner owns customer-facing presentation while AI Security LLC remains available for legal, support, and technical attribution.
MSSP Base License
Commercial base license for MSSPs offering AI security assessments, monitoring, evidence reporting, and customer-org services.
Enterprise Site License
Organization-wide licensing for SecEng workbench access, private workers, evidence generation, Academy content, and custom deployment requirements.
Move from interest to a scoped commercial path
Every commercial conversation should resolve into a clear program, deployment model, license scope, support expectation, and evidence requirement.
Define the commercial motion
Decide whether this is OEM, reseller, MSSP, enterprise, private-label, or procurement-led.
Run a bounded pilot
Use one integration path, one target class, one reporting output, and one commercial success metric.
Move to operating terms
Finalize license scope, customer-org model, support tier, usage controls, and deployment model.
Build the right commercial path
Use a focused pilot to align the technical integration, licensing structure, support model, and customer-facing packaging.