MAXAMINE Pricing Methodology

CONFIDENTIALWORKING DRAFT6/20/07

MAXAMINE Pricing Guidelines

1. Software/Solution Pricing (Perpetual License-PL, Software Subscription-SS,

Software as a Service-SaaS, and Report Distribution Service-RDSaaS)...... 1

II.Per Domain Pricing Methodology

and Pricing Process for PL, SaaS, and RDSaaS...... 3

III.Training & Success Assurance, Maintenance and Support...... 5

IV.Elective Professional Services...... 7

I. Software/Solution Pricing: (Perpetual License-PL, Software Subscription-SS, Software as a Service-SaaS, and Report Distribution Service-RDSaaS)

MAXAMINE is first and foremost committed to the success of our customers and partners. We embrace the simple principle that our success is inextricably tied to your success. As such, we approach all business matters from the perspective of enabling our customers and partners to achieve and sustain uncompromising success. MAXAMINE’s pricing methodology is motivated by our desire to offer as much freedom and flexibility as we reasonably can to allow our customers and partners to utilize MAXAMINE’s solutions in a manner that best meets their unique circumstances.

To this end, MAXAMINE offers four deployment and pricing models as described below. In contrast to conventional pricing models driven by user counts such as the number of “seats,” cpu’s, or servers, MAXAMINE’s pricing is based on the number of domains. MAXAMINE places absolutely no restrictions on the number of software users, report consumers, servers, or pc’s for licensed domains. This approach provides considerable advantages for our customers by eliminating artificial constraints, complexities and additional costs associated with usage and/or user based pricing methods.

However, we recognize that the size and complexity of domains can vary considerably from a few pages to millions of pages. To address this reality, MAXAMINE’s pricing is based on a representative domain benchmark of 20,000 pages as described below. For PL, SaaS and recurring RDSaaS reports, smaller domains (under 1,000 pages) are aggregated into a smaller number of equivalent domains while larger domains are disaggregated into a reasonable number of equivalent domains. This will be further clarified below. In short, while there are many pricing methods to choose from, MAXAMINE’s choice of per-domain pricing provides the highest level of freedom and flexibility to enable our customers to successfully achieve their business objectives.

Given the unique architecture and related cost-performance advantages of MAXAMINE’s solution, we are confident that MAXAMINE’s solution provides unapproachable value to our customers and partners.

Service Options and Related Pricing Models:

The following information describes the available service/solution options and related pricing parameters. Specific price rates are available in the attached pricing schedule (Exhibit A).

A. Software Purchase (Perpetual License-“PL”): PL is the traditional on-premises software installation. PL enables customers to buy perpetual license rights and have full access to the software in order to scan authorized domains and/or sections thereof as frequently as they wish with full benefit of on-the-fly searching and ad-hoc interrogation of the data, in addition to unlimited distribution of html reports for authorized domains.

 Priced per domain in accordance with the pricing schedule. MAXAMINE employs a volume-driven cumulative discounting factor. A 5% volume discount is applied at increments of ten domains. For example, the price for domains 10-19 is 95% of the price for domains 1-9; the price for domains 20-29 is 95% of the price for domains 10-19, and so on up to 100 domains.

 Situations involving more than 100 equivalent domains are addressed on a case by case basis in order to tailor an appropriate enterprise rate.

 The per domain rate for each domain includes development, staging and production domains.

 20% software maintenance and support fee beginning year 2 (see training & service note below).

 Training & Success Assurance priced per day plus reasonable expenses, with two day minimum highly recommended (see Training and Success Assurance below).

B. Software Subscription (“SS”): SS is identical to PL in terms of installation and usage rights. The only difference is that SS is an on-premises subscription based ‘lease’ of the software rather than a purchase of perpetual license rights. SS includes all maintenance, enhancements and upgrades in the subscription rate throughout the relevant term. SS is intended for special circumstances (e.g., certain channel arrangements whereby customers and/or partners may wish to utilize the software in the provision of services to their respective clientele). That said, SS is available to any customer if such arrangement is advantageous to them. SS requires a minimum 3 year term commitment for sale to customers (waver subject to approval).

C. Software as a Service (“SaaS”): SaaS provides functionally equivalent access and usage rights as on-premise PL deployments. The only difference is that the software is hosted off-premises, either at a MAXAMINE facility or at a partner-provided facility.

 Annual subscription-based pricing per domain in accordance with pricing schedule. Price per domain subject to same volume discounting as noted above for PL (i.e., 5% reduction at increments of ten domains).

 Per instance set-up fee for installation of hardware, software, and application infrastructure.

 2-year subscription term standard. 1-year term is available, though annual subscription rate is slightly higher given shorter amortization period for start-up overheads. Additional discounts available on request for extended service terms (three or more years).

 Secure VPN access is available on request (e.g., for secure access and/or development or staging domains). There is no incremental charge (barring any unusual configuration/architecture issues), however, customers must bear related expenses if any; e.g., provisioning of a secure corporate laptop/pc and any incidental costs for VPN set-up.

 Per day Training & Success Assurance service, with two day minimum highly recommended (see Training and Success Assurance below).

D. Report Distribution Service (“RDSaaS”): In the case of RDSaaS, MAXAMINE (or other authorized delivery partner) runs the scans, and compiles, QA’s and distributes standard reports on a specified schedule. RDSaaS is intended for standard reports running on a specified schedule only. While reasonable report customization and/or ad-hoc reporting are available, moderate additional charges apply as described herein.

 Per Report pricing is based on the total number of reports, factoring in both the number of domains and the frequency of the reports (weekly, monthly, quarterly, etc). The recurring per report price decreases with volume based on the same volume discount breaks as PL and SaaS (5% reduction at increments of 10).

 Service Set-Up: There is a one-time initial set-up fee per RDSaaS service. This addresses the establishment of the infrastructure (hardware, software, report distribution system). In the event that a customer wishes to implement a recurring scheduled service following completion of a one-time scan, the Service Set-Up fee is waved for implementation of the recurring service provided that: a) no more than 90 days have lapsed since completion and final report delivery associated with the initial one-time RDSaaS project, and b) no material changes have occurred with respect to the domains in question. The same applies in the event that a customer wishes to resume a service after a period of suspension (i.e., the service set up fee is waved provided no more than 90 days have lapsed since delivery of the most recent report, and the scope and implementation of domains have not materially changed).

 Domain Set-Up: There is a one-time set-up fee per domain. This addresses the establishment and tuning of scan parameters, as well as quality assurance of scans and report outputs. In the event that a domain changes materially following initial set-up (e.g., due to a redesign/re-launch), and such changes necessitate reestablishment and re-tuning of scan parameters and related quality assurance verifications, the changed domain(s) is effectively a new domain and is treated as such with respect to the Domain Set-Up fee (i.e., the set-up fee applies to the initial set-up and to subsequent re-set-ups required pursuant to material changes).

 Ad-Hoc Reporting: Ad-hoc or on-demand (i.e., off schedule) reporting is available upon request for RDSaaS clients. However, since this effectively represents the equivalent of a one-time report, the ad-hoc or unscheduled report delivery fee per domain is equivalent to the one-time per domain report delivery fee. Note, however, that there is neither a service nor domain set-up fee for such ad-hoc reports, unless, of course, the domain has been materially changed and therefore requires an additional domain set-up as described above.

 MAXAMINE offers flexible reporting periods and frequencies, though the standard/default provides for an annual report service with monthly reports.

 Customers may request different frequencies and report contents for different portions of any given domain. For example, a monthly scan of the entire domain along with a weekly scan three clicks deep of the same domain and a daily scan of critical check-out sequences, and so on. In such cases, each individual scan “section” is considered a separate domain for pricing purposes.

II. Per Domain Pricing Methodology and Pricing Process for PL,

SaaS and RDSaaS

MAXAMINE offers three deployment options as described above with corresponding pricing models to provide the flexibility to meet each customer’s unique circumstances. Each of the pricing models is based on the number of equivalent domains for which the software is licensed and/or for which reports are to be provided.

Net Equivalent Domains (NED). As domain sizes vary widely from a few pages to several million, the pricing reference or benchmark is based on the number of Net Equivalent Domains (“NEDs”). A NED is equivalent to 20,000 pages (including static and dynamic pages). Per-domain pricing for RDSaaS set-up is based on discrete domains as described below.

Discrete Domain. A discrete domain for purposes of determining the per domain set-up fee for an RDSaaS implementation is defined as a unique character string between the first two back-slashes and the third back-slash in an http address. For example, and count as one domain. In short, any permutation of would count as variations of a single domain. On the other hand, and would collectively count as three domains (the middle two being variations of the same domain as described above).

NOTE: If identified in advanced by customers, aliases are not considered discrete domains for purposes of per-domain set-up fees for RDSaaS implementations. On the other hand, if aliases are not disclosed, and therefore must be discovered pursuant to the implementation of an RDSaaS service, they will count as discrete domains for purposes of the per domain set-up fee.

Large Domains. Domains in excess of 20,000 pages are disaggregated into a corresponding number of NEDs, rounded to the nearest integer multiple of 20,000. For example, a domain with 84,000 pages yields four (4) NEDs, while a domain of 92,000 pages corresponds to five (5) NEDs. MAXAMINE has found that very large domains consisting of several hundred thousand or even millions of pages can typically be capped at 100,000 pages through application of filters to isolate relevant “container” pages while fully meeting the clients’ business objectives.

Medium Domains. Domains between 1,000 and 20,000 pages are considered stand-alone individual domains for pricing purposes. Domains within this size range typically reflect the breadth, depth and complexities associated with fully functioning operational environments.

Small Domains. Domains smaller than 1,000 pages are generally aggregated into blocks of 1,000 total pages, thereby yielding a reduced number of NEDs.

The above pricing methodology has consistently yielded acceptable results for MAXAMINE customers. Recognizing that there are no perfect benchmarks, and that no two organizations or domain sets are identical, MAXAMINE is committed to establishing mutually acceptable pricing leveraging the above methodology as a consistent frame of reference. Unique characteristics associated with the web environments of each particular situation are taken into account in an effort to ensure that “no-regrets” pricing is fairly established, and that the value delivered and positive impact on client objectives results in world-class renewals.

Enterprise Pricing Options. MAXAMINE’s enterprise options are available for organizations which desire or require the maximum flexibility in using the MAXAMINE solution. The Enterprise option enables customers to scan as many domains as they wish as often and in as many combinations or sections as they like, on-demand and/or with flexible automated scheduling and alerting, while having access to the full software capabilities for on-the-fly searching and data interrogation or interactive querying, for internal and external domains, including development, staging and production environments. Enterprise pricing is determined on a case-by-case basis in consultation with MAXAMINE given the unique circumstances governing each situation.

Pricing Process. Arriving at mutually acceptable pricing typically consists of a very simple interaction between MAXAMINE and the customer organization/representative to determine the effective number of NEDs as well as the most appropriate deployment option (PL, SaaS or RDSaaS). This process is identical for both PL and SaaS deployment options, with some variations for the RDSaaS option as described below. The following sequence of steps is representative of the pricing methodology for large/complex enterprise environments where there are large domains and/or large numbers of domains. The same straight forward approach applies in relatively small environments, though the process is much smaller in scope and often proves to be a relatively trivial (albeit important) exercise.

PL/SS/SaaS Pricing Process.

1. Customer provides MAXAMINE with a list of relevant domains for which they intend to license the use of the software. Whenever reasonably possible, this list should include the estimated size/page-count of these domains.
2. MAXAMINE runs preliminary scans on a selective basis as warranted to establish or confirm estimated page counts for the provided list of domains. In certain cases, third party information obtainable from public sources (e.g., search engine companies like Google, Yahoo, etc), may be used to supplement the size estimates as necessary.
3. MAXAMINE provides client with an assessment of the number of NEDs.
4. The number of NEDs is refined as necessary based on any additional information, clarifications or scoping directives provided by the client.
5. The NED count is entered into the quote generation tool to arrive at appropriate pricing for the solution of interest.
6. Any particular circumstances reflecting the unique aspects of the customer’s environment are taken into account to arrive at final mutually agreeable pricing.

RDSaaS Pricing Process.

Pricing for RDSaaS is based essentially on the same process, though there are some important differences, particularly in the determination of NEDs for initial and subsequent recurring schedule-driven scans. RDSaaS requires additional time and effort for the initial set-up and ongoing quality assurance and distribution of scans and reports. Such activities must be done for each domain, regardless of the size and complexities of the domains. For larger more complex domains, these efforts grow in proportion to the size and complexity of the domains. The RDSaaS pricing process, reflecting these differences, is as follows:

1. Client provides MAXAMINE with an initial list of relevant domains for which reporting is desired. Preferably, this list will include the estimated size/page-count of these domains.
2. MAXAMINE runs preliminary scans to establish or confirm the estimated page-counts, with use of additional third-party estimates as warranted.
3. Domains larger than 20,000 are disaggregated to a corresponding number of NRDSaaS as described above (larger domains require an expanded scope of initial set-up and quality assurance that grow in proportion to domain size/complexity). Note that clients may opt to truncate larger domain scans by isolating relevant “container” pages or through various exclusion filters (this is typically the case). MAXAMINE has found that very large domains consisting of several hundred thousand or millions of pages can typically be capped at 100,000 pages through application of such tactics while still fully meeting the clients’ business objectives.
4. For the initial set of reports only, smaller domains are generally not aggregated as each individual domain must be set-up and quality assured separately, regardless of size.
5. MAXAMINE provides client the total number of NEDs for the initial report set, along with a budgetary estimate for any subsequent reports in the case of recurring report services, in accordance with the RDSaaS pricing matrix. A quote may be generated and delivered at this point as warranted, or may follow pending further iteration to refine NEDs with further client input.
6. Final NEDs are confirmed pursuant to client review and any refinements / clarifications, and terms for initial scanning are finalized; the preliminary quote, if provided earlier, is adjusted as warranted, or a quote is generated.
7. Note that in certain cases, particularly where very large domains or large numbers of smaller domains are concerned, the NEDs and related Per Report pricing and / or project scope may be adjusted as warranted for subsequent / recurring reports based on aggregation of small domains into fewer NEDs.
8. Pursuant to completion and delivery of the initial scanning and related report set, the list of domains is refined based on results of the initial scans. In some cases, new domains are added (e.g., previously unknown domains discovered pursuant to scanning), and/or other domains may be retired (e.g., redundant or inactive domains).
9. After completion of the initial scans and for purposes of refining the NEDs for subsequent scans as warranted, smaller domains (those under 1,000 pages) are aggregated into groups of 1,000 pages, thereby reducing the number of NEDs for subsequent scans and reports.
10. MAXAMINE and client agree on the final list of domains and corresponding number of NEDs to be scanned for recurring report purposes, and subsequent pricing for scheduled reporting is confirmed in accordance with the RDSaaS pricing table. This is typically a smaller number of NEDs, and consequently lower per report pricing, than for the initial set of reports.

Resolving material differences between estimated and actual NED counts and related pricing. In the unusual event of a material difference (25%+/-) between the actual domain sizes discovered pursuant to scanning and the estimated sizes upon which the NED figures and related prices were based, MAXAMINE will notify the customer of the revised NED figure and related pricing for the balance of the RDSaaS project/schedule. The customer may elect to re-scope (e.g., reduce the number of domains, truncate larger domains by isolating key sections, or extend the reporting period/reduce reporting frequency for some or all domains). If such re-scoping is impossible or undesirable, the customer may cancel the balance of the project/schedule, in which case the pricing for initial reports completed and delivered will honor the initial pricing based on original estimates. In the event that the actual NED count is smaller than the estimated figure, MAXAMINE will reduce the pricing for the balance of the project/schedule. Any excess amounts received will be credited against future services/deliveries.