Skip to content
Security Starts at the Foundation
Layer 0 Security
Get Audit Foundry
Audit Foundry Support
Add new doc from here
Security Starts at the Foundation
Layer 0 Security
Get Audit Foundry
Audit Foundry Support
Add new doc from here
Setup an Audit Foundry Account
Be sure you are secure – no charge. Seriously.
Sign-up for self-managed compliance
Your Organization Name
This will be displayed in your Audit Foundry portal.
The administrator of your Audit Foundry portal
Organization email address of the Administrator
Baseline Cyber Security Controls (CSC) - 50 controls for small/medium enterprises
NIST 800-171 Readiness
Center for Internet Security Controls (CIS) - 18 controls to protect your organization and data from known cyber-attack vectors
PCI SAQ A
PCI SAQ A-EP
Choose which security framework you would like us to build into Audit Foundry for you. Select one.
I would like Layer0 Security to retain access to the admin account to change settings as requested.
I would like someone to contact me about providing consulting support.
I agree to the End User License Agreement.
LAYER0 SECURITY END-USER LICENSE AGREEMENT Please read carefully all the terms and conditions of this license agreement. By clicking “I Accept”, you agree to be bound by the terms and conditions of this license. This Agreement is between the user installing or accessing the Software (the “User”), and Layer0 Security Inc. (Audit Foundry Software Division) (1086 Modeland Rd, Suite 1010-204, Sarnia, Ontario N7S 6L2) (“Layer0 Security”), for the software provided herewith known as “Audit Foundry” (the “Software”) along with any ongoing cloud services provided by Layer0 Security related thereto (collectively the “Product”). 1. License: (a) Layer0 Security hereby grants to the User a non-exclusive, non-transferable, revokable license, (the "License") to use the Product for one user, or as specified in an additional corporate license agreement executed in writing between the User and Layer0 Security. (b) The User may not: i. reproduce the Software or any manuals or material relating to the Product (except for one back-up copy of the Software); ii. use the Product except as authorized herein; iii. assign, sublicense, pledge, sell, lease, rent, or otherwise transfer or share its rights under this Agreement; or iv. reverse engineer, decompile, disassemble, otherwise attempt to derive the source code, perform cryptographic analysis on, or create derivative works from the Software, modify it in any way, or attempt to do so. 2. Support: Support and Updates for the Product may be provided by Layer0 Security as outlined on Layer0 Security’s web site (www.layer0.com) from time to time. Layer0 Security may in its discretion terminate its support for or the provision of any or all versions of the Product at any time. 3. Intellectual Property: All patent, copyright, trademark, trade secret, source code, Internet domain, and other intellectual and intangible property rights relating to the Product or the business of Layer0 Security in general, including all registrations and applications therefore are the sole and exclusive property of Layer0 Security Inc. If the User makes any unauthorized use of any intellectual property or rights that belong to Layer0 Security, or makes negative comments in print, written type, letters, e-mail, Internet newsgroups, computer bulletin board services or through any advertising about Layer0 Security or its products in any fashion whatsoever, it may result in irreparable harm, lost sales or goodwill, or a negative image to Layer0 Security or its products which cannot be adequately compensated for by damages. Layer0 Security shall be entitled to injunctive relief to the extent that such damage is caused by the User, or those for whom in law it is responsible. In the alternative, or in addition, substantial financial damages may result from these actions. 4. Term: (a) This license is perpetual unless earlier terminated pursuant to its terms. (b) Layer0 Security may immediately terminate this license without notice upon the occurrence of any of the following events: i. User fails to comply with any provision of this Agreement, does not abide by Layer0 Security’s Acceptable Use Policy as posted by Layer0 Security on its web site from time to time, or uses the Product in a way that in Layer0 Security’s opinion may attract liability to Layer0 Security; ii. User fails to pay when due Layer0 Security’s standard fees for the Product from time to time; iii. User attempts to assign, sub-license, or otherwise transfer any of its rights under this Agreement without the consent of Layer0 Security; iv. User files an assignment in bankruptcy or is or becomes bankrupt and/or insolvent, upon the appointment of a receiver for all or substantially all of the property or assets of the User, upon the making of any assignment or attempted assignment for the benefit of creditors or on the institution by User of any act or proceeding for the winding up of its business; or v. User utilizes the Product for any use not provided for in this Agreement. Upon termination, User shall destroy all copies of the Software, remove it from its systems, and cease using the Product. 5. Interpretation: Each paragraph and provision of this Agreement is severable, and if one or more paragraphs or provisions are declared invalid, the remaining provisions of this Agreement will remain in full force and effect. Time shall be of the essence in this Agreement. 6. Export Law: The Software may be subject to restrictions and controls imposed under Canadian and U.S. exportation laws. The User may not acquire, ship, transfer, or export, directly, or indirectly, in whole or in part, into any county prohibited under such laws. 7. Limited Warranty: The entire risk arising out of use or performance of the Product is with the User. Without limitation, Layer0 Security and its suppliers and distributors do not warrant that all Product defects may be corrected, nor that the functions contained in the Product will meet all User requirements. The Product is delivered "as is", and Layer0 Security and its suppliers and distributors do not make any warranties or conditions, express or implied, and exclude and disclaim any and all implied warranties or conditions including, without limitation, those of merchantability or fitness for a particular purpose. In no event will Layer0 Security or its suppliers or distributors be liable to the User for any direct, indirect, special, punitive or consequential damages (including but not limited to damages for loss of business profits, business interruption and the like), or any other damages arising in any way (even if Layer0 Security has been advised of the possibility of such damages and regardless of the form of action whether in contract, tort, negligence, strict liability, operation of law, or otherwise) for any matter including without limitation: (a) the availability, use, reliance on, or inability to use the Product; (b) any errors, omissions, or other inaccuracies in any content or any data transmitted using the Product; (c) the reliability or any failure of third party communications systems, including the internet and wired and wireless networks to operate; (d) any delays, inaccuracies, errors or omissions with respect to the Product or the transmission or delivery of all or any part thereof; (e) any unintended or unauthorized access, alteration, theft, corruption or destruction of files, data, transmission facilities or equipment (whether by Layer0 Security or third parties); or (f) any use of the Product for illegal, improper or unacceptable practices including the dissemination of any defamatory, fraudulent, infringing, abusive, lewd, obscene or pornographic material, viruses, trojan horses, time bombs, worms, or other harmful code designed to interrupt, destroy, or limit the function of any software, hardware or communications equipment, unsolicited mass email or other internet based advertising campaigns, privacy breaches, denial of use attacks, spoofing, or impersonation. Some jurisdictions do not allow the exclusion or limitation of direct, indirect, incidental, or consequential damages, so the above limitation may not apply in its entirety to the User. In all circumstances, the maximum amount that Layer0 Security or its suppliers or distributors may be held liable for, for any reason whatsoever is the price paid by the User for the Product during the previous 6-month period. The parties acknowledge that Layer0 Security has set its prices and entered into this Agreement in reliance on the limitations of liability and disclaimers of warranties and damages set forth herein, and that the same form a fundamental and essential basis of the bargain between the parties. They shall apply even if this Agreement is found to have failed in its fundamental or essential purpose or been fundamentally breached.
8. Waiver: Waiver of any default or breach of this Agreement shall not be construed as a waiver of either a subsequent or continuing default. Termination of this Agreement shall not affect a party's liability by reason of any act, default, or occurrence prior to such termination, nor shall it preclude the non-defaulting party from exercising or pursuing any other right or remedy as may be available to it at law or in equity, including a suit for damages or specific performance. 9. Independent Contractors: The User and Layer0 Security are independent contractors, each in full control of its own business. This Agreement does not establish a joint venture or partnership between them. Neither party is the agent of the other and neither has the authority to bind the other in respect of any third party. Neither party will under any circumstances hold itself out to be a partner, employee, franchisee, legal representative, servant or agent of the other 10. Prior Agreement: This Agreement contains the complete and exclusive statement of the Agreement between the parties and supersedes all prior and contemporaneous agreements, purchase orders, understandings, proposals, negotiations, representations or warranties of any kind whether written or oral. No oral or written representation that is not expressly contained in this Agreement is binding on either party. This Agreement cannot be amended or modified, other than by a change made in writing, dated and executed by the parties. 11. Governing Law: This Agreement shall be interpreted in accordance with and governed by the laws of the Province of Ontario, Canada, excluding conflicts of laws provisions and excluding the United Nations Convention on Contracts for the International Sale of Goods. The parties hereby submit to the non-exclusive jurisdiction of the courts of Ontario, and the Federal Court of Canada. Any actions against Layer0 Security must be commenced in the courts of Ontario or the Federal Court of Canada. 12 Evaluation License: Notwithstanding anything else contained herein, if the Product has been provided to the User on the condition that it is for evaluation purposes only, the evaluation is limited to a period of 30 days from the date of the earlier of installation, download or cloud instance creation, at which time the right to use the Product will automatically terminate unless extended by Layer0 Security. Upon termination, the User shall destroy all copies of the Software and remove it from its systems, and cease using the Product.
Comments - When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Media - If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies - If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with - If you request a password reset, your IP address will be included in the reset email.
How long we retain your data - If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data - If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Comments - Visitor comments may be checked through an automated spam detection service.
Audit Foundry, a division of Layer0 Security Inc., abides by the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA’s 10 fair information principles form the ground rules for the collection, use and disclosure of personal information, as well as for providing access to personal information. They give individuals control over how their personal information is handled in the private sector.
In addition to these principles, PIPEDA states that any collection, use or disclosure of personal information must only be for purposes that a reasonable person would consider appropriate in the circumstances.
The OPC has determined that the following purposes would generally be considered inappropriate by a reasonable person (i.e., no-go zones):
collecting, using or disclosing personal information in ways that are otherwise unlawful;
profiling or categorizing individuals in a way that leads to unfair, unethical or discriminatory treatment contrary to human rights law;
collecting, using or disclosing personal information for purposes that are known or likely to cause significant harm to the individual;
publishing personal information with the intent of charging people for its removal;
requiring passwords to social media accounts for the purpose of employee screening; and
conducting surveillance on an individual using their own device’s audio or video functions.
This section sets out organizations’ responsibilities for each of the 10 fair information principles. It outlines how to fulfill these responsibilities and offers some tips.
Principle 1 - Accountability
An organization is responsible for personal information under its control. It must appoint someone to be accountable for its compliance with these fair information principles.
Principle 2 - Identifying Purposes
The purposes for which the personal information is being collected must be identified by the organization before or at the time of collection.
Principle 3 - Consent
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
Principle 4 - Limiting Collection
The collection of personal information must be limited to that which is needed for the purposes identified by the organization. Information must be collected by fair and lawful means.
Principle 5 - Limiting Use, Disclosure, and Retention
Unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.
Principle 6 - Accuracy
Personal information must be as accurate, complete, and up-to-date as possible in order to properly satisfy the purposes for which it is to be used.
Principle 7 - Safeguards
Personal information must be protected by appropriate security relative to the sensitivity of the information.
Principle 8 - Openness
An organization must make detailed information about its policies and practices relating to the management of personal information publicly and readily available.
Principle 9 - Individual Access
Upon request, an individual must be informed of the existence, use, and disclosure of their personal information and be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Principle 10 - Challenging Compliance
An individual shall be able to challenge an organization’s compliance with the above principles. Their challenge should be addressed to the person accountable for the organization’s compliance with PIPEDA, usually their Chief Privacy Officer.
This field is for validation purposes and should be left unchanged.
Save and Continue Later