Terms of Service

EdgeBreach Terms of Service

Last Updated: February 12, 2026

These Terms of Service ("Terms") govern your access to and use of the EdgeBreach platform and services ("Service") provided by EdgeBreach, Inc., a Delaware corporation ("EdgeBreach," "we," "us," or "our"). By accessing or using the Service, you agree to be bound by these Terms.

If you do not agree to these Terms, do not use the Service.

1. Definitions

  • "Account" means your registered account to access the Service.
  • "Authorized Target" means any system, application, network, or asset that you have legal authority to test using the Service.
  • "Customer Data" means any data, content, or information you submit to the Service, including target configurations, scan results, and reports.
  • "Findings" means vulnerabilities, security issues, and related information discovered through use of the Service.
  • "Reports" means the documentation generated by the Service describing Findings.
  • "Subscription" means your paid access to the Service under a Subscription Agreement.
  • "Subscription Agreement" means the order form or online checkout specifying your subscription tier, pricing, and term.

2. Account Registration and Security

2.1 Account Creation

To use the Service, you must create an Account by providing accurate and complete information. You represent that you are at least 18 years old and have the legal capacity to enter into these Terms.

2.2 Account Security

You are responsible for:

  • Maintaining the confidentiality of your Account credentials
  • All activities that occur under your Account
  • Notifying us immediately of any unauthorized access

We are not liable for any loss resulting from unauthorized use of your Account.

2.3 Account Verification

We may require verification of your identity or authorization to test specific targets before enabling certain features.

3. Authorization Requirements

3.1 Your Warranty of Authorization

THIS IS A CRITICAL TERM. By using the Service to scan any target, you represent and warrant that:

(a) You own the target system, application, or network; OR
(b) You have obtained explicit, written authorization from the owner to conduct security testing; AND
(c) Your testing complies with all applicable laws, regulations, and third-party agreements (including cloud provider terms of service).

3.2 Prohibited Targets

You may NOT use the Service to test any system without proper authorization. Unauthorized testing may violate federal and state computer crime laws, including the Computer Fraud and Abuse Act (18 U.S.C. § 1030).

3.3 Documentation

You agree to maintain documentation of your authorization to test each target and to provide such documentation to EdgeBreach upon request.

3.4 Third-Party Cloud Providers

If your target is hosted on a third-party cloud provider (AWS, Azure, GCP, etc.), you are responsible for complying with that provider’s penetration testing policies and obtaining any required approvals.

4. Acceptable Use

4.1 Acceptable Use Policy

Your use of the Service is subject to our Acceptable Use Policy, which is incorporated into these Terms by reference. The Acceptable Use Policy is available at [URL].

4.2 General Restrictions

You agree NOT to:

(a) Use the Service for any unlawful purpose or in violation of any applicable law
(b) Test any target without proper authorization
(c) Attempt to disrupt, disable, or overload any system, including EdgeBreach infrastructure
(d) Reverse engineer, decompile, or attempt to extract the source code of the Service
(e) Resell, sublicense, or provide the Service to third parties without our written consent
(f) Use the Service to develop a competing product
(g) Circumvent any access controls or usage limits
(h) Interfere with other customers’ use of the Service

4.3 Suspension

We may suspend your access to the Service immediately if we reasonably believe you have violated these Terms, the Acceptable Use Policy, or applicable law. We will attempt to notify you of any suspension, but are not required to do so in cases of emergency or legal obligation.

5. Service Description

5.1 The Service

EdgeBreach provides an AI-powered security testing platform that performs automated penetration testing on Authorized Targets. The Service includes:

  • Black-box (external) security testing
  • White-box security testing (where source code access is provided)
  • Vulnerability discovery and validation
  • Attack chain analysis
  • Evidence collection and reporting
  • Remediation guidance
5.2 Service Modifications

We may modify, update, or discontinue features of the Service at any time. We will provide reasonable notice of material changes that negatively affect your use of the Service.

5.3 No Guarantee of Results

The Service is designed to identify security vulnerabilities, but we do not guarantee that all vulnerabilities will be found. Security testing has inherent limitations. You remain responsible for the security of your systems.

6. Free Trial

6.1 Trial Period

We may offer a free trial of the Service for up to thirty (30) days. During the trial, you have full access to the Service subject to these Terms.

6.2 Trial Conversion

At the end of your trial period, your access will be suspended unless you purchase a Subscription. Any data from your trial will be retained for thirty (30) days, after which it may be deleted.

6.3 Trial Limitations

We reserve the right to limit, modify, or terminate free trials at any time. Trial accounts may not be used for production security testing of systems serving end users.

7. Subscriptions and Payment

7.1 Subscription Agreement

Paid access to the Service is governed by a Subscription Agreement that specifies your subscription tier, fees, and term.

7.2 Fees and Payment

You agree to pay all fees specified in your Subscription Agreement. Fees are due in advance and are non-refundable except as expressly stated in these Terms.

7.3 Taxes

Fees are exclusive of taxes. You are responsible for all applicable taxes, except for taxes based on EdgeBreach’s income.

7.4 Price Changes

We may change our pricing at any time. Price changes will take effect at your next renewal. We will provide at least thirty (30) days’ notice of price increases.

7.5 Late Payment

If payment is not received within fifteen (15) days of the due date, we may suspend your access to the Service until payment is received. We may also charge interest on overdue amounts at 1.5% per month (or the maximum rate permitted by law, if lower).

8. Intellectual Property

8.1 EdgeBreach IP

The Service, including all software, algorithms, models, documentation, and trademarks, is owned by EdgeBreach or its licensors. These Terms do not grant you any rights to our intellectual property except the limited license to use the Service.

8.2 Customer Data Ownership

You retain all rights to your Customer Data. By using the Service, you grant EdgeBreach a limited license to use your Customer Data solely to provide and improve the Service, as described in our Privacy Policy.

8.3 Report Ownership

Reports generated by the Service are your property. You may use, distribute, and modify Reports as you see fit.

8.4 Aggregated Data

We may collect and use aggregated, anonymized data derived from the Service (including successful attack patterns and vulnerability trends) to improve our products and services. This data will not identify you or your targets. See our Privacy Policy for details.

8.5 Feedback

If you provide suggestions, ideas, or feedback about the Service, you grant us a perpetual, royalty-free license to use that feedback for any purpose.

9. Data Handling

9.1 Privacy Policy

Our collection and use of data is governed by our Privacy Policy, available at [URL], which is incorporated into these Terms by reference.

9.2 Data Location

Customer Data is stored and processed in the United States.

9.3 Data Retention

During your Subscription:

  • Scan results and Findings are retained while your Subscription is active
  • Evidence artifacts (screenshots, HTTP captures) are retained for twelve (12) months, then deleted
  • Reports are retained while your Subscription is active

After termination, see Section 13.4.

9.4 Security

We implement reasonable security measures to protect Customer Data. However, no system is completely secure, and we cannot guarantee absolute security.

9.5 Source Code Handling

If you provide source code for white-box testing, that code is processed in memory only and is not stored or retained after the scan completes. We do not use your source code to train our AI models.

10. Confidentiality

10.1 Confidential Information

"Confidential Information" means any non-public information disclosed by one party to the other that is marked as confidential or that reasonably should be understood to be confidential. Your Confidential Information includes your Customer Data and Findings.

10.2 Protection

Each party agrees to:

  • Use the other party’s Confidential Information only as necessary to perform under these Terms
  • Protect Confidential Information using at least the same degree of care it uses for its own confidential information
  • Not disclose Confidential Information to third parties without prior written consent
10.3 Exceptions

Confidentiality obligations do not apply to information that:

  • Is or becomes publicly available without breach of these Terms
  • Was rightfully known prior to disclosure
  • Is independently developed without use of Confidential Information
  • Is disclosed pursuant to legal requirement (with reasonable notice to the other party)

11. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE."

TO THE MAXIMUM EXTENT PERMITTED BY LAW, EDGEBREACH DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING:

  • WARRANTIES OF MERCHANTABILITY
  • FITNESS FOR A PARTICULAR PURPOSE
  • NON-INFRINGEMENT
  • ACCURACY OR COMPLETENESS OF RESULTS
  • UNINTERRUPTED OR ERROR-FREE OPERATION

WE DO NOT WARRANT THAT THE SERVICE WILL IDENTIFY ALL VULNERABILITIES OR THAT YOUR SYSTEMS WILL BE SECURE AFTER USING THE SERVICE.

12. Limitation of Liability

12.1 Exclusion of Damages

TO THE MAXIMUM EXTENT PERMITTED BY LAW, EDGEBREACH SHALL NOT BE LIABLE FOR ANY:

  • INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
  • LOSS OF PROFITS, REVENUE, DATA, OR BUSINESS OPPORTUNITIES
  • COST OF SUBSTITUTE SERVICES

REGARDLESS OF THE CAUSE OF ACTION OR WHETHER EDGEBREACH HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

12.2 Liability Cap

EDGEBREACH’S TOTAL LIABILITY UNDER THESE TERMS SHALL NOT EXCEED THE FEES PAID BY YOU TO EDGEBREACH IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

For free trial users, our total liability shall not exceed one hundred dollars ($100).

12.3 Essential Purpose

THE LIMITATIONS IN THIS SECTION APPLY EVEN IF ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

12.4 Exceptions

The limitations in this Section 12 do not apply to:

  • Your breach of Section 3 (Authorization Requirements)
  • Your indemnification obligations under Section 14
  • Either party’s breach of confidentiality obligations
  • Amounts owed for the Service

13. Term and Termination

13.1 Term

These Terms are effective when you first access the Service and continue until terminated.

13.2 Subscription Term

Your Subscription term is specified in your Subscription Agreement and will automatically renew for successive periods of the same length unless either party provides notice of non-renewal at least thirty (30) days before the end of the current term.

13.3 Termination

Either party may terminate:

  • For convenience, at the end of the current Subscription term with thirty (30) days’ notice
  • Immediately, if the other party materially breaches these Terms and fails to cure within thirty (30) days of written notice (or immediately for breaches of Section 3 or 4)

We may also terminate immediately if required by law or if you fail to pay fees when due.

13.4 Effect of Termination

Upon termination:

  • Your right to access the Service ends immediately
  • You have thirty (30) days to export your Customer Data (we will send reminders at termination, 7 days, and 14 days before deletion)
  • After the 30-day export period, we will delete your Customer Data
  • Anonymized, aggregated data may be retained as described in Section 8.4
13.5 Survival

The following sections survive termination: 8 (Intellectual Property), 10 (Confidentiality), 11 (Disclaimer), 12 (Limitation of Liability), 14 (Indemnification), and 15 (General Provisions).

14. Indemnification

14.1 Your Indemnification

You agree to indemnify, defend, and hold harmless EdgeBreach and its officers, directors, employees, and agents from any claims, damages, losses, and expenses (including reasonable attorneys’ fees) arising from:

(a) Your use of the Service in violation of these Terms
(b) Your breach of Section 3 (Authorization Requirements), including any claims that you tested a system without proper authorization
(c) Your violation of any applicable law
(d) Any third-party claim related to your Authorized Targets or Customer Data

14.2 Indemnification Process

We will:

  • Promptly notify you of any claim
  • Give you reasonable cooperation in the defense
  • Allow you to control the defense and settlement (provided any settlement does not impose obligations on us without our consent)

15. General Provisions

15.1 Governing Law

These Terms are governed by the laws of the State of Delaware, without regard to conflict of law principles.

15.2 Dispute Resolution

(a) Informal Resolution. Before initiating any formal dispute proceeding, you agree to contact us at [EMAIL] and attempt to resolve the dispute informally for at least thirty (30) days.

(b) Arbitration. Any dispute not resolved informally shall be resolved by binding arbitration administered by JAMS under its Streamlined Arbitration Rules. The arbitration shall be conducted in [CITY, STATE] or remotely, at your election. The arbitrator’s decision shall be final and binding.

(c) Class Action Waiver. You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action.

(d) Small Claims Exception. Either party may bring an individual action in small claims court for disputes within that court’s jurisdiction.

(e) Injunctive Relief. Notwithstanding the above, either party may seek injunctive relief in any court of competent jurisdiction to protect its intellectual property or Confidential Information.

15.3 Export Compliance

You represent that you are not located in, under the control of, or a national or resident of any country subject to U.S. trade sanctions or embargoes (including Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions). The Service is not available in such jurisdictions.

15.4 Assignment

You may not assign these Terms without our prior written consent. We may assign these Terms in connection with a merger, acquisition, or sale of assets.

15.5 Notices

Notices to you may be sent to the email address associated with your Account. Notices to us should be sent to: RegisteredAgent@EdgeBreach.com.

15.6 Entire Agreement

These Terms, together with the Privacy Policy, Acceptable Use Policy, and your Subscription Agreement, constitute the entire agreement between you and EdgeBreach regarding the Service.

15.7 Amendments

We may amend these Terms at any time by posting the revised version on our website. Material changes will be notified via email at least thirty (30) days before taking effect. Your continued use of the Service after the effective date constitutes acceptance of the amended Terms.

15.8 Severability

If any provision of these Terms is found unenforceable, the remaining provisions will continue in effect.

15.9 Waiver

Our failure to enforce any right or provision shall not constitute a waiver of that right or provision.

15.10 Force Majeure

Neither party shall be liable for delays or failures in performance resulting from circumstances beyond its reasonable control.

16. Contact Information

EdgeBreach, Inc.
5255 Winthrop Avenue, Suite 135
Indianapolis, IN 46220

Email: hello@EdgeBreach.com

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS OF SERVICE.