Terms of Service
Last updated: 20 June 2026
These Terms of Service ("Terms") govern your access to and use of the websites, platform, and security-testing services (collectively, the "Services") provided by TrueBreach ("TrueBreach", "we", "us"). By accessing the Services or signing an order form or statement of work with us, you ("Customer", "you") agree to these Terms.
1. The Services
TrueBreach provides AI-assisted penetration testing and exposure-validation services that identify security issues an external attacker could reach and exploit. The specific scope, deliverables, and fees for any engagement are set out in an order form or statement of work ("Order").
2. Authorization & scope
You represent and warrant that you own, or are fully authorized to permit security testing of, every asset, system, account, and repository placed in scope. You are solely responsible for obtaining all necessary authorizations and consents. We will only test assets within the scope you authorize in writing, and you may revoke authorization at any time.
3. Access & credentials
The Services require read-only, least-privilege access to the systems you connect (such as cloud accounts, source-code repositories, and host-management tooling). You are responsible for provisioning, securing, and revoking such credentials. We will use access solely to deliver the Services.
4. Acceptable use
- You will not use the Services to test systems you are not authorized to test.
- You will not use the Services for any unlawful purpose or in violation of third-party rights.
- You will not resell, sublicense, or reverse-engineer the Services except as permitted by law.
5. Customer data & findings
"Customer Data" means data you provide or that we access in delivering the Services, including findings and reports. As between the parties, you own Customer Data and findings relating to your environment. We process Customer Data as described in our Privacy Policy and any applicable data processing addendum.
6. Fees
You agree to pay the fees set out in the applicable Order. Unless stated otherwise, fees are exclusive of taxes and are non-refundable except as required by law.
7. Confidentiality
Each party will protect the other's confidential information with reasonable care and use it only to perform under these Terms. Findings about your environment are your confidential information.
8. Warranties & disclaimers
We will perform the Services with reasonable skill and care. Except as expressly stated, the Services are provided "as is". Security testing cannot identify every vulnerability, and we do not warrant that the Services will detect all issues or that tested systems are secure.
9. Limitation of liability
To the maximum extent permitted by law, neither party will be liable for indirect, incidental, or consequential damages, and each party's aggregate liability arising out of these Terms will not exceed the fees paid by you for the Services in the twelve months preceding the claim.
10. Indemnification
You will indemnify TrueBreach against claims arising from your breach of Section 2 (Authorization & scope), including any claim that testing was not properly authorized.
11. Term & termination
These Terms apply for the duration of your use of the Services. Either party may terminate an Order for material breach not cured within 30 days of notice. Provisions that by their nature should survive termination will survive.
12. Governing law
These Terms are governed by the laws of the jurisdiction stated in your Order, without regard to conflict-of-laws rules. [Insert governing jurisdiction.]
13. Changes
We may update these Terms from time to time. Material changes will be communicated through the Services or by email. Continued use after changes take effect constitutes acceptance.
14. Contact
Questions about these Terms: [email protected].