Please Log In

Terms of Service for BestDefense, Inc.

Effective Date: 02/18/2025

1. Introduction

Welcome to BestDefense, Inc. (“Company”, “we”, “us”, or “our”). These Terms of Service (“Agreement”) govern your access and use of BestDefense’s Penetration Testing, Load Testing, and Network Monitoring Platform (“Service”), including any related tools, services, or software provided by BestDefense. By using our Service, you agree to these terms in full. If you do not agree, you must not use our Service.

2. Definitions

  • "User” or “You”: Any individual or entity using our Service.
  • "Authorized Testing”: Security, load, and network assessments conducted with proper ownership verification and within legal and ethical guidelines.
  • "Prohibited Testing”: Any unauthorized, unethical, or illegal security, load, or network testing.
  • "Verification”: Proof of domain ownership via DNS TXT record or domain email verification.
  • "Vortex": Automated vulnerability scans and penetration testing tool.
  • "Maelstrom”: BestDefense’s global-scale load testing system that deploys billions of virtual users to simulate real-world traffic surges.
  • "Echo”: BestDefense’s network monitoring solution that utilizes network honeypots to detect unauthorized network activity and potential CVE exploitation attempts.

3. User Eligibility & Verification

To access and use the Service, you must:

  • Be at least 18 years old and legally capable of entering into a contract.
  • Prove domain ownership using one of the following methods:
    • DNS TXT Record Verification: Adding a unique verification key to your domain’s DNS settings.
    • Domain Email Verification: Using an email address associated with the domain (e.g., admin@yourdomain.com).

By verifying a domain, you confirm that you are authorized to perform penetration, load, and network monitoring tests on it.

4. Acceptable Use Policy

By using the Service, you agree not to:

  • Conduct security, load, or network testing on any system or network that you do not own or have explicit permission to test.
  • Engage in unauthorized hacking, denial-of-service (DoS) attacks, data exfiltration, or illegal activities.
  • Use Maelstrom for malicious Distributed Denial-of-Service (DDoS) attacks or any other offensive cyber activity.
  • Use Vortex for malicious and damaging active scans with intent to damage or negatively impact anybody’s business or personal lives.
  • Use Echo to monitor or intercept traffic without proper authorization from affected parties.
  • Perform penetration, load, or network testing outside the scope of what has been explicitly authorized by the target organization.
  • Use the Service to disrupt production environments or cause harm to third parties.

Violations may result in account suspension, legal action, and notification to relevant authorities.

5. Responsibilities of the User

Users are solely responsible for:

  • Obtaining proper authorization from all parties affected by penetration, load, or network monitoring activities every time you want to use any service ( Vortex, Maelstrom, Echo ).
  • Ensuring compliance with all applicable local, state, federal, and international laws.
  • Minimizing risks and avoiding tests that may cause disruption to services.
  • Reporting any security vulnerabilities responsibly with full visibility and transparency only to those with the permissions to view them..
  • Using Maelstrom only for legitimate load testing purposes and not for any form of cyberattack.
  • Using Echo solely for network visibility, security monitoring, and threat detection within the permitted scope.

6. Compliance with Laws & Regulations Users agree to adhere to all applicable laws, including but not limited to:

  • The Computer Fraud and Abuse Act (CFAA) (USA)
  • The General Data Protection Regulation (GDPR) (EU)
  • The Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada)
  • The Cybersecurity Information Sharing Act (CISA) (USA)
  • The Telecommunications Act (Australia)
  • Any and All Local penetration testing and cybersecurity laws applicable in your jurisdiction

7. Maelstrom-Specific Restrictions & Protections: Maelstrom is designed to simulate realistic user traffic to help companies test infrastructure scalability. You agree that:

  • You will only use Maelstrom to test systems that you own or have explicit permission to test.
  • You must not use Maelstrom for unauthorized stress testing or disruption of third-party networks.
  • You will not use Maelstrom to conduct malicious DDoS attacks or any other form of unauthorized offensive cyber activity.
  • BestDefense retains the right to monitor and restrict test parameters to prevent abuse.
  • BestDefense does not guarantee that using Maelstrom will not lead to unexpected downtime or security vulnerabilities in your tested systems.
  • Any misuse or unauthorized application of Maelstrom will result in immediate suspension and possible legal action.

8. Echo-Specific Restrictions & Protections Echo is designed to enhance network security by identifying suspicious network activity through the use of network honeypots. You agree that:

  • You will only use Echo within networks that you own or have explicit authorization to monitor.
  • You must not use Echo to intercept, analyze, or collect data from third-party networks without proper authorization.
  • You will not use Echo to conduct unauthorized network monitoring, packet sniffing, or any other form of intrusive network activity.
  • BestDefense retains the right to monitor and restrict Echo usage to prevent abuse.
  • Any misuse or unauthorized application of Echo will result in immediate suspension and possible legal action.
  • You grant BestDefense limited access to your cloud infrastructure, including assigning a security group or role to perform actions such as:
    • Reading relevant cloud resource meta.
    • Altering BestDefense-specific resources.
    • Requesting & Accepting Peering Connections

9. Vortex-Specific Restrictions & Protections

  • You will only use Vortex to conduct authorized penetration testing activities on systems that you own or have explicit permission to test.
  • You must not use Vortex to conduct unauthorized penetration testing, vulnerability scanning, or any other form of offensive cyber activity.
  • You will not use Vortex to exploit security vulnerabilities, exfiltrate data, or disrupt third-party networks without proper authorization.
  • BestDefense retains the right to monitor and restrict Vortex usage to prevent abuse.
  • Any misuse or unauthorized application of Vortex will result in immediate suspension and possible legal action.
  • All penetration tests must remain within the defined and approved scope as agreed upon during verification.
  • Any violation of these terms may result in reporting to appropriate legal authorities and affected parties.
  • Users must not conduct unauthorized scans on third-party networks, systems, or applications
  • The use of Vortex for exploitation, data exfiltration, or any form of attack that extends beyond ethical security testing is strictly forbidden.
  • Attempts to bypass authentication mechanisms, escalate privileges without authorization, or interfere with system integrity beyond security testing guidelines are prohibited.
  • Users are responsible for obtaining all necessary permissions from stakeholders before initiating any scan.
  • Users must follow responsible disclosure practices when identifying vulnerabilities and must not disclose security findings to unauthorized parties.
  • Users acknowledge that testing activities may have unintended consequences, and they assume full responsibility for any issues resulting from the use of Vortex.
  • BestDefense is not responsible for any unintended downtime, data loss, or legal consequences arising from the misuse of Vortex.
  • Users acknowledge that using Vortex does not guarantee immunity from cyber threats, and security testing must be complemented with other best practices.

By using Vortex, you confirm that you have read, understood, and agreed to abide by these restrictions and protections to ensure responsible security testing.

10. AI Usage Guidance, Restrictions & Protections

  • BestDefense uses AI algorithms to analyze vulnerability data and provide cybersecurity guidance to users.
  • Users acknowledge that AI-generated insights are based on data analysis and may not always be accurate.
  • Users are responsible for verifying AI-generated insights and making informed decisions based on their own judgment.
  • BestDefense is not liable for any damages or losses resulting from the use of AI-generated insights.
  • AI-generated vulnerability analysis and remediation recommendations are based on existing cybersecurity frameworks and industry best practices.
  • While AI can provide valuable insights, users must validate all recommendations before implementing changes.
  • AI-generated advice is not guaranteed to be free from errors or omissions. Users should consult with cybersecurity professionals before taking action based on AI insights.
  • The AI system continuously learns and updates, but it may not have real-time knowledge of the latest zero-day threats or proprietary security configurations.
  • AI-driven analysis must be used strictly for authorized security assessments and not for any form of malicious or unauthorized activity.
  • Users must not manipulate AI-generated results to misrepresent security findings or to exploit vulnerabilities irresponsibly.
  • BestDefense ensures that AI-powered analysis respects user privacy and does not store sensitive vulnerability data beyond necessary processing requirements.
  • Users are responsible for ensuring that any AI-generated reports or recommendations are shared only with authorized personnel.
  • BestDefense is not liable for any security incidents, system misconfigurations, or damages resulting from the application of AI-generated recommendations.
  • AI-assisted guidance does not replace human expertise, and users must exercise due diligence in applying security measures.

By utilizing AI-powered analysis within Vortex, you confirm that you understand the capabilities and limitations of AI-driven cybersecurity insights and agree to use them responsibly.

11. Limitation of Liability: BestDefense, Inc. is not liable for:

  • Any damages, outages, or legal consequences resulting from your penetration, load, or network monitoring activities.
  • Any loss of data, revenue, or reputation due to the use of our Service.
  • Any third-party claims arising from your use of Maelstrom or Echo.
  • Any unauthorized or prohibited testing activities conducted by you or on your behalf.
  • Any security vulnerabilities or network breaches discovered during authorized testing.
  • Any infrastructural damage or unexpected downtime resulting from the use of Maelstrom, Vortex, Echo and anything penetration testing or vulnerability scanning related.

Our total liability under this Agreement shall not exceed the total amount paid by you for the Service within the last (1) month.

12. Security Findings & Responsible Disclosure: If you discover a security vulnerability:

  • You must not exploit it beyond proof-of-concept testing
  • You must follow responsible disclosure practices.
  • You must report the vulnerability to the effected company immediately.
  • You must not disclose the vulnerability to any third party without explicit permission.
  • You agree that BestDefense may share reports with affected parties.

13. Account Suspension & Termination: BestDefense, Inc. reserves the right to suspend or terminate accounts under the following conditions:

  • Violation of these terms
  • Unauthorized, illegal or prohibited testing activities
  • Misuse of Vortex, Maelstrom or Echo for offensive or destructive purposes.
  • Failure to comply with legal or ethical guidelines
  • Failure to comply with verification requirements.

BestDefense reserves the right to refuse service to any user at our sole discretion.

14. Indemnification:

You agree to indemnify, defend, and hold harmless BestDefense, Inc. and its affiliates from any claims, damages, or legal actions arising from your use of the Service, including but not limited to misuse, unauthorized testing, and legal non-compliance.

15. Governing Law & Dispute Resolution:

This Agreement shall be governed by the laws of the State of Florida, USA. Any disputes shall first be attempted to be resolved through mediation. If mediation fails, the dispute shall be settled by binding arbitration in Clearwater, FL.

16. Changes to Terms:

BestDefense, Inc. reserves the right to modify these Terms at any time. We will notify users of significant changes, and continued use of the Service after changes constitutes acceptance of the updated Terms.

17. Contact Information:

If you have questions about these Terms, please contact us at legal@bestdefense.io.

By using BestDefense’s Penetration, Load Testing, and Network Monitoring Platform, you acknowledge that you have read, understood, and agreed to these Terms of Service.

Risk-

Alert-

CWE IDN/A

Url-

General Settings
Email Notifications
Site Tracking
SMS Alerts
Backup Storage
Audit Logs
System Settings
System Logs
Error Reporting
Applications Logs
Backup Servers
Audit Logs

Pull Request Diff Preview