Acceptable use policy

This acceptable use policy (“AUP”) governs use of the StrikeOps platform and related services (the “Services”) provided by StrikeOps Inc. (“StrikeOps”, “we”, “us”). It forms part of, and is in addition to, your customer agreement. StrikeOps is professional offensive-security tooling intended solely for lawful, authorised security testing. By using the Services you agree to this AUP and are responsible for all activity conducted through your account.

Authorisation is mandatory

You may only use the Services to test systems, networks, people, or assets that you own or for which you hold prior, explicit, written authorisation from the party with the right to grant it. You must keep records of that authorisation and the agreed scope, and operate strictly within them, including any rules of engagement, time windows, and excluded targets.

Prohibited uses

You must not use the Services to:

• Access, test, attack, or interfere with any system or person without valid authorisation and scope;
• Conduct any activity that is illegal, or that violates applicable computer-misuse, privacy, interception, anti-spam, or fraud laws;
• Cause intentional damage, denial of service, data destruction, or disruption beyond what the authorised engagement permits;
• Exfiltrate, retain, or use data beyond what the engagement scope and applicable law allow, or handle captured credentials or personal data unlawfully;
• Use phishing, social-engineering, or impersonation capabilities except as part of an authorised simulation with documented consent, and never to commit actual fraud or harm;
• Target critical infrastructure, life-safety systems, or third parties outside the authorised scope;
• Infringe intellectual-property rights, or breach confidentiality or contractual obligations owed to others;
• Use the Services in violation of applicable export-control or sanctions laws, or provide access to sanctioned persons or jurisdictions;
• Resell, sublicense, or provide the Services to third parties except as permitted by your agreement, or attempt to circumvent the platform’s security, isolation, or usage controls.

Your responsibilities

• Obtain and retain all necessary authorisations, consents, and legal advice before each engagement;
• Secure your account credentials, encryption keys, agents, and the infrastructure you connect to the Services;
• Comply with all laws applicable to you, your clients, and the targets of testing, across every relevant jurisdiction;
• Handle findings, evidence, and captured data responsibly and in line with your legal obligations.

Reporting misuse

If you become aware of any violation of this AUP or a security issue, report it promptly to security@strikeops.ai.

Enforcement

Violating this AUP may result in suspension or termination of your access, in addition to any remedies under your agreement or at law. Where we reasonably believe use is unlawful or poses a risk of serious harm, we may suspend access immediately and, where required by law, cooperate with relevant authorities. [Counsel to align enforcement, suspension, and cooperation terms with the customer agreement and applicable law.]

Changes

We may update this AUP from time to time. Material changes will be posted here with a revised “last updated” date.

Contact

Questions about acceptable use? Contact legal@strikeops.ai.