Terms of Service

VibeSecurely provides one-time, human-led penetration testing of web applications and APIs, along with written reports, remediation guidance, a re-test of fixed issues, and optional consultations.

A penetration test is a point-in-time assessment. It identifies issues that are discoverable within the agreed scope and timeframe; it does not and cannot guarantee that any system is free of all vulnerabilities. The scope, deliverables, timeline, and fees for each engagement are confirmed in a separate quote or statement of work, which forms part of these Terms.

This section matters. You may only ask us to test systems, applications, accounts, and data that you own or are expressly authorized to have tested.

Before testing begins, you must (a) confirm the exact scope in writing, and (b) warrant that you hold all rights and authorizations necessary to permit our testing of the in-scope targets, including any permissions required from hosting providers or other third parties. You are responsible for backing up your systems and data before an engagement.

You must not request, and we will not perform, testing of any system you do not control or are not authorized to test. We may decline, pause, or stop an engagement at any time if authorization is unclear.

We confirm scope and price before any work begins. Fees are as stated in the applicable quote or statement of work and are exclusive of taxes unless stated otherwise. Payment terms are set out in the quote. Except where required by law or expressly agreed, fees are non-refundable once work has begun.

You agree not to misuse the site. In particular, you will not: attempt to gain unauthorized access to the site or its underlying systems; scrape, overload, or disrupt it; submit false information or another person's information through our forms; or use the site or any sample materials to test, attack, or harm any third party without authorization.

The site uses automated protections, including rate-limiting and bot checks. Circumventing them is prohibited.

Any sample report we provide is illustrative, describes a fictional target, and exists only to demonstrate our deliverable. It does not reflect the security of any real system and creates no obligation or warranty.

Once an engagement is paid in full, the report we prepare for you is yours to use internally and to share with your customers, auditors, and advisors as needed. Our underlying methodologies, tools, know-how, and any pre-existing materials remain our property.

The site and its content, excluding your information and any third-party content shown with attribution, are owned by VibeSecurely and protected by intellectual-property laws.

Each party will protect the other's confidential information and use it only for the engagement. Findings, reports, and anything encountered during testing are confidential, and we will not disclose them except as you direct or as required by law.

The site and services are provided “as is” and “as available.” To the fullest extent permitted by law, we disclaim all warranties, express or implied, including merchantability, fitness for a particular purpose, and non-infringement.

We do not warrant that the services will identify every vulnerability, that any system tested will be secure or compliant, or that the site will be uninterrupted or error-free. Security is point-in-time, and new vulnerabilities can emerge after an assessment.

To the fullest extent permitted by law, neither party will be liable for indirect, incidental, special, consequential, or punitive damages, or for lost profits, revenue, data, or goodwill. Our total liability arising out of or relating to the services or these Terms will not exceed the fees you paid us for the engagement that gave rise to the claim. Nothing in these Terms limits any liability that cannot be limited by law.

You will defend and indemnify VibeSecurely against claims, losses, and expenses arising from your breach of these Terms, your misuse of the site, or your failure to hold proper authorization for any system you asked us to test.

We deliver our services with the support of trusted partners, including our testing partner, and operate the site using third-party infrastructure. We are not responsible for third-party websites that we link to.

These Terms apply whenever you use the site or engage us. Either party may terminate an engagement as set out in the applicable quote. Provisions that by their nature should survive, including confidentiality, intellectual property, disclaimers, limitation of liability, and indemnification, survive termination.

These Terms are governed by the laws of residing country, without regard to conflict-of-laws rules, and the courts of that jurisdiction will have exclusive jurisdiction, except where applicable law gives you the right to bring proceedings elsewhere.

We may update these Terms from time to time. We will revise the “Last updated” date above, and material changes take effect when posted. If you keep using the site or our services after changes, you accept them.

Questions about these Terms? Email hello@vibesecurely.com.