Terms of Service

1. About These Terms

These Terms of Service (the "Terms") form a legal agreement between you ("Customer", "you") and CipherSentinel ("we", "us", "our") for use of our threat intelligence and external attack-surface scanning platform (the "Service") accessible at app.ciphersentinel.io and related domains.

By creating an account, clicking "I agree" during signup, or using the Service, you accept these Terms. If you don't agree, don't use the Service.

2. The Service

CipherSentinel provides:

• A REST API and web dashboard for looking up indicators of compromise (IOCs) — IP addresses, domain names, URLs, and file hashes — in our threat intelligence database
• External security scans against internet-facing hosts you own or are authorized to assess
• Brand monitoring alerts for phishing certificates, lookalike domains, and credential exposure tied to keywords you register
• Markdown and PDF reports summarizing scan findings, attack grades, and remediation guidance

The exact features available to you depend on your subscription tier. See our pricing page for current tier details.

3. Your Account

To use the Service, you must:

• Be at least 18 years old (or the age of legal majority in your jurisdiction)
• Provide accurate, current account information
• Keep your password and API keys confidential — they're the credential that authenticates as you
• Notify us immediately at jason@ciphersentinel.io if you suspect your credentials have been compromised

You're responsible for all activity that occurs under your account, including activity by API keys you've issued.

4. Subscription Plans, Billing & Cancellation

Plans. We offer free and paid subscription tiers. Current pricing and feature lists are at /dashboard/upgrade. We may change pricing, tier limits, or feature inclusions; if we do, changes take effect at your next billing cycle, and we'll give you at least thirty (30) days' notice for paid customers.

Billing. Paid subscriptions are billed monthly or annually in advance through our payment processor, Stripe, Inc. We don't store credit card numbers — Stripe does. By subscribing, you authorize recurring charges in the amount and at the cadence you selected until you cancel.

Refunds. Subscriptions are non-refundable except where required by law. If we materially reduce a feature you were actively using, we may issue a pro-rated refund at our discretion. Contact us at jason@ciphersentinel.io with refund requests.

Cancellation. You can cancel anytime from the billing portal or by emailing us. Cancellation takes effect at the end of your current billing period — you keep paid-tier access until then. We won't refund the remainder of a period unless required by law.

Failed payments. If a payment fails, we'll retry per our payment processor's standard schedule. After thirty (30) days of failed retries, we may downgrade your account to the Free tier or suspend access.

5. Acceptable Use

You may only use the Service to scan or query indicators related to:

• Internet-facing assets you own
• Assets you have explicit written authorization to assess (e.g., from a client engaging you for penetration testing or security assessment)
• Public threat indicators (malware IPs, phishing domains, etc.) that you're investigating for legitimate security purposes

You may NOT use the Service to:

• Scan assets you don't own or have authorization to scan (this is illegal in most jurisdictions, including under the U.S. Computer Fraud and Abuse Act)
• Stalk, harass, or attack any individual or organization
• Attempt to circumvent rate limits, tier restrictions, or authentication on the Service
• Resell, sublicense, or redistribute Service output as a standalone threat intelligence product (this is reserved for Enterprise customers under separate agreement)
• Reverse-engineer the Service, except to the extent expressly permitted by applicable law
• Use the Service in violation of any law, regulation, or third-party right

We may suspend or terminate your account immediately, without refund, if we determine in good faith that you've violated these Acceptable Use rules. Repeat or severe violations may be reported to law enforcement.

6. Threat Intelligence Data Aggregation KEY CLAUSE

This section is the foundation of our threat intelligence product and how it stays valuable for everyone. Please read it carefully.

When you run a scan through CipherSentinel, our scanner modules analyze the target host for security weaknesses, certificate configuration, exposed services, malware indicators, and post-quantum cryptographic readiness. Scan findings are processed in three streams:

(a) Your private scan report. The full, detailed scan output — including the target hostname, your account identifier, the specific findings, evidence, severity scores, attack-grade ratings, and remediation guidance — is stored in your private account and visible only to you and authorized users on your account.

(b) The Aggregate Pool (anonymized, shared). When a scan identifies a CRITICAL, HIGH, or MEDIUM severity indicator (typically a malicious or compromised IP, domain, URL, or hash) that already appears in one or more public threat feeds (e.g., Abuse.ch, CISA KEV, Emerging Threats, ThreatFox), an anonymized cross-reference record is added to our Aggregate Pool. This record contains only:

• The indicator value (IP, domain, URL, or hash)
• The indicator type and threat category
• A severity bucket and confidence score
• The scanner module that produced the finding
• First-seen and last-updated timestamps
• The source label ciphersentinel_scan

The Aggregate Pool is queryable by other CipherSentinel customers through our API and may be made available as a bulk-download threat-feed license to third parties.

(c) The Proprietary Pool (private, owner-only). When a scan identifies a CRITICAL, HIGH, or MEDIUM severity indicator that does not appear in any public threat feed at the time of discovery — i.e., it is genuinely novel intelligence — an anonymized record is added to our Proprietary Pool. The Proprietary Pool is not queryable by other CipherSentinel customers, is not exposed via any public API, and is licensed separately as a premium threat-feed product to qualified third parties (typically government agencies, large MSSPs, enterprise SOCs, and threat-intel platforms). Proprietary Pool records contain only the indicator metadata listed in (b) above, with no identifying information about you or your organization.

We commit that neither the Aggregate Pool nor the Proprietary Pool ever contains: your name, company name, account email, account identifier, IP address, payment information, or any other information that identifies you or your organization. Both pools contain only indicator values and threat metadata.

Your grant to us. By using the scanning service, you grant CipherSentinel a perpetual, worldwide, royalty-free, irrevocable license to:

1. Aggregate anonymized indicators derived from your scans into both the Aggregate Pool and the Proprietary Pool, as determined by the routing logic above
2. Make the Aggregate Pool queryable by other CipherSentinel customers through our API, dashboard, and bulk-download channels
3. License or sell the Aggregate Pool, the Proprietary Pool, or extracts from either, to third parties as part of separate threat intelligence products and partnerships
4. Continue to use, retain, and license pool entries derived from your scans even after you cancel your subscription or close your account

This data aggregation is fundamental to the Service. If you do not consent to it, you cannot use the Service. Enterprise customers may negotiate custom data-handling terms in a separate written agreement.

Public-feed enrichment. The Aggregate Pool also includes indicators we license, scrape, or ingest from public threat feeds (e.g., Abuse.ch, CISA KEV, Emerging Threats). Those entries are labeled with their original source. Your use of the Service does not grant you ownership of those public-feed contributions.

7. Your Data and Confidentiality

You own your scan reports. The detailed scan outputs we generate for you, your account metadata, and your billing information remain yours. We will not share your private scan reports with any third party except:

• Our payment processor (Stripe) for billing
• Where required by law (e.g., valid subpoena or court order)
• To protect against fraud, abuse, or threats to the Service

Anonymized contributions. As described in Section 6, anonymized IOC entries from your scans contribute to the Aggregate Pool, which IS shared with other customers and licensees. We've designed the anonymization to make re-identification impractical, but you acknowledge that the anonymized indicator value (e.g., a hostname) may itself be identifying — i.e., if you're the only customer scanning your-company.com, others querying that hostname may infer that you've scanned it. We mitigate this by aggregating across many customers' scans over time.

See our Privacy Policy for full details on what we collect, how we use it, and your data rights.

8. Intellectual Property

We own the Service software, the design and structure of the Aggregate Pool, our brand and trademarks, and all related intellectual property. You receive a non-exclusive, non-transferable, revocable license to use the Service for your internal business purposes during your subscription.

You retain ownership of your scan inputs (hostnames you submit), your private scan reports, and your account data. You grant us the rights needed to operate the Service for you (storing, processing, and displaying your data within your account) and the rights described in Section 6 for anonymized aggregation.

9. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING (BUT NOT LIMITED TO) MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, ACCURACY, OR COMPLETENESS.

Threat intelligence is inherently incomplete and time-sensitive. Indicators we report may be false positives. Indicators we do NOT report may still be malicious. The Service is one tool in a defense-in-depth security program; it is not a substitute for qualified security professionals, independent verification, or a comprehensive security strategy.

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, CIPHERSENTINEL'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THE SERVICE OR THESE TERMS IS LIMITED TO THE GREATER OF: (a) the amount you paid us in the twelve (12) months preceding the event giving rise to the claim, or (b) one hundred U.S. dollars ($100).

WE WILL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR FOR LOST PROFITS, LOST REVENUE, LOST DATA, OR BUSINESS INTERRUPTION, EVEN IF WE'VE BEEN ADVISED OF THE POSSIBILITY.

11. Indemnification

You agree to indemnify and hold CipherSentinel harmless from third-party claims arising out of: (a) your violation of these Terms (especially Section 5 Acceptable Use), (b) scans you ran against assets you didn't own or weren't authorized to scan, or (c) your violation of any law or third-party right.

12. Term and Termination

These Terms apply from when you sign up until your account closes.

You can terminate by canceling your subscription and closing your account through the dashboard or by emailing us.

We can terminate or suspend immediately for: violation of Section 5 (Acceptable Use), failed payment after the cure period in Section 4, fraud, or as required by law. We may also terminate the Service entirely on at least ninety (90) days' notice to all paid customers.

What survives termination. Sections 6 (data aggregation rights), 7 (data ownership), 8 (IP), 9 (warranties), 10 (liability), 11 (indemnification), 14 (law), and 15 (contact) survive any termination. Aggregate Pool entries derived from your scans remain in our database after termination, as you've granted us a perpetual license in Section 6.

13. Changes to These Terms

We may update these Terms occasionally. If we make material changes, we'll notify you by email and post the new version at this URL with an updated effective date. Continued use of the Service after changes take effect means you accept the updated Terms. If you don't accept, cancel before the effective date.

14. Governing Law and Disputes

These Terms are governed by the laws of the State of Alabama, without regard to its conflict-of-laws rules. Any dispute arising out of or related to these Terms or the Service will be resolved in the state or federal courts located in Alabama, and you consent to personal jurisdiction there.

Before filing any lawsuit, you agree to attempt to resolve the dispute informally by contacting us at jason@ciphersentinel.io and giving us at least thirty (30) days to respond.

15. Contact

Questions, notices, or legal requests should be directed to:

CipherSentinel
Email: jason@ciphersentinel.io
Website: ciphersentinel.io

These Terms are version 1.1, effective May 29, 2026. Prior versions and a change log are available on request.