Website terms

Canonical artefact metadata

Owner

CyberSec Legal and Trust Office

Approver

CyberSec Executive Governance

Version

1.0.0

Last reviewed

2026-04-20

Next review due

2026-10-20

Website terms

• Permitted website use and prohibited conduct.
• Public-content and no-professional-advice boundaries.
• Intellectual property rights and brand-usage restrictions.

Service commitments

Public website content describes service direction but does not create service levels or contractual warranties beyond signed commercial agreements.

Authorized security testing services

Public use of this website does not authorize anyone to perform intrusive testing against CyberSec, customer, or third-party systems. Penetration testing, vulnerability assessment, ethical hacking, and similar services are only performed under a signed commercial agreement, written scope, and written authorization from the asset owner or a duly authorized representative.

Customers requesting those services must identify the in-scope targets, testing windows, key contacts, relevant exclusions, and any third-party approvals required for the work. Customers are also responsible for taking reasonable pre-test precautions appropriate to their environment, including backups, stakeholder communications, and change-control coordination where needed.

Authorized security testing can still cause alerts, instability, temporary service interruption, or incidental access to sensitive information even where reasonable care is exercised. Engagement-specific documents govern notification, confidentiality, evidence handling, liability allocation, and any indemnity or hold-harmless terms for the scoped work.

Liability and acceptable use

Website usage must be lawful and non-disruptive. Unauthorized testing, scraping abuse, and harmful activity are prohibited.