CxSCA License Types and Restrictions
CxSCA License Types and Restrictions

Version: 2020.05
Last Updated – 14.5.2020
CxSCA License Types and Restrictions
Product Description | License Types (defined below) |
Cx-User | Named User |
Cx-ScannedUnit | Scanned Unit Based |
License Types
- “Named User” means a license is tied to a specific individual named user so that the license may only be used by that individual named user.
- A “Scanned Unit Based” license permits the scanning of a single Scanned Unit during the license term, where the term Scanned Unit is defined as either: (i) 1 Project, or (ii) 10 Microservices.
A “Project” is defined as a single codebase which is maintained over time, and used to build a particular named software module or application.
A “Microservice” is defined as a single codebase up to twenty thousand (20,000) lines of code that is independently deployable with well-defined interfaces and operations, which is part of a suite of modular components or services and supports a specific task or a business goal.
Additional License Restrictions:
A user who either: (i) uses one of the CxSCA user interfaces (i.e., via its user interface, IDE plugin, etc.), or (ii) uses the output of the scans (via APIs, ticketing systems, PDF reports, or any other form that does not require direct access to CxSCA) for the purpose of tracking, resolving, or remediating vulnerabilities detected by CxSCA, must be provisioned as a Named User.
Customer may not: (1) provide access to CxSCA to any individual who does not hold a valid Named User License; or (2) distribute the output generated by CxSCA in violation of the Named User restrictions noted above; however the review of report summaries: (a) by Customer management personnel, or (b) for audit purposes, shall not be deemed to consume a Named User license where such users do not access CxSCA or use the report summaries to remediate vulnerabilities detected by CxSCA.
Named Transfer Rights:
Customer may transfer Named User licenses when an existing Named User resigns, is terminated or permanently no longer requires access to CxSCA. Such transfer is conditioned upon Customer promptly revoking the credentials of the individual who is no longer an authorized Named User and properly credentialing the individual who is the replacement authorized Named User.