HackZero Acceptable Use Policy

Effective date: 2026-06-02 Last updated: 2026-06-02

Plain-language summary. HackZero is an offensive-security platform: at your direction, our autonomous AI agents attack your live applications and read your source code to find and prove real vulnerabilities. That power is lawful only when you point it at systems you are allowed to attack. This Acceptable Use Policy (“AUP”) sets one core rule and several specific limits around it.

• The core rule: you may direct HackZero to test only assets you own or are legally authorized to test, exactly as defined in your signed Rules of Engagement. Pointing our agents at anything else is a serious breach of this AUP and may be a federal and state crime.
• No third-party or shared-tenancy targets: do not scan or exploit systems you do not control, shared cloud infrastructure beyond your own tenancy, or any target where testing would violate a cloud provider’s acceptable-use policy (AWS, Azure, Google Cloud) or an upstream provider’s terms of service.
• No dangerous or illegal use: no testing of safety-critical or human-life systems without explicit written scope, no attacking HackZero or other customers, no bypassing scope or rate limits, no reselling or scraping the platform, no weaponizing the platform against third parties, and no export-controlled or sanctioned destinations.
• Data rules: do not upload regulated data (for example, protected health information) without the required addendum in place.
• Consequences: we may suspend an engagement, trigger the Rules-of-Engagement kill-switch, suspend or terminate your account, and, where the law requires, report conduct to authorities. For breaches that are not egregious, you will normally get a chance to cure first.

This summary is for orientation only. The numbered sections below are the binding terms. Report suspected violations to [email protected].

1. Purpose, scope, and relationship to other documents

1.1 Purpose

This AUP governs how customers and their users may use the HackZero penetration-testing and AI red-team platform and the related websites, dashboard, application programming interfaces, and outputs (together, the “Services”). It is the rulebook that keeps an inherently offensive tool inside the bounds of the law and inside the scope each customer has authorized.

1.2 Who “we” and “you” are

In this AUP, “HackZero”, “we”, “us”, and “our” mean Agentic Security, Inc., a Delaware corporation, doing business as HackZero, with its principal place of business at 2810 N Church St STE 88242, Wilmington, Delaware 19802, United States. “You”, “your”, “Customer”, and “Account” mean the organization that has registered for the Services and the individuals who use the Services under that organization’s account, including its workspace administrators, billing contacts, signers, and Authorized Users. Capitalized terms not defined here have the meanings given in the Terms of Service at /legal/terms, the Rules of Engagement you sign before any scan, or, for Enterprise customers, the negotiated Master Services Agreement (“MSA”).

Business use only. The Services are offered solely to businesses and organizations, and to individuals acting on behalf of a business or otherwise in a commercial or professional capacity. The Services are not directed to, and are not intended for, consumers acquiring them for personal, family, or household purposes. By registering for or using the Services, you represent that you are acting for a business or in a professional capacity. Where a mandatory consumer-protection law nonetheless applies to a particular customer, nothing in these Terms waives or limits a right that cannot be waived under that law.

1.3 How this AUP fits with our other documents

This AUP is incorporated into, and forms part of, the Terms of Service at /legal/terms. It is meant to be read together with, and not in conflict with:

• the Terms of Service at /legal/terms, including its “Authorization to Test” warranty;
• the Rules of Engagement (“RoE”) that every customer signs before any scan runs;
• for Enterprise customers, the MSA, which is the controlling agreement and prevails over this AUP to the extent of any conflict for those customers;
• the Privacy Policy at /legal/privacy;
• the Cookie Policy at /legal/cookies;
• the Data Processing Addendum at /legal/dpa and the Subprocessor List at /legal/subprocessors;
• the AI Transparency Notice at /legal/ai;
• the Vulnerability Disclosure Policy at /legal/security; and
• the Refund and Cancellation Policy at /legal/refunds.

If a term of the RoE or the MSA is more specific or more restrictive than this AUP for a particular engagement, the more specific or more restrictive term controls for that engagement. Nothing in this AUP narrows the warranties, indemnities, or scope controls in the Terms, the RoE, or the MSA.

1.4 Defined terms used here

For clarity, this AUP uses several terms drawn from the RoE and the MSA:

• “Authorized Asset” means a specific target (identified by domain, hostname, IP address or CIDR range, autonomous system number, repository, application, or cloud-account or tenancy identifier) that you have listed as in-scope and that you are entitled to authorize for testing.
• “Authorized Party” means HackZero and its autonomous AI agents, scanners, browser automation, and exploitation skills acting within authorized scope.
• “Authorized User” means a natural person you have designated within the Services with permission to add or remove Authorized Assets, request or authorize executions, and configure schedules.
• “Out-of-Scope Activity” means any direction to test, or any use of the Services against, a target that is not an Authorized Asset, or that exceeds the techniques, timing, rate, or data-handling limits set in the RoE.

2. The core rule: test only what you are authorized to test

2.1 Authorization is the precondition for all testing

You may direct the Services to test only Authorized Assets. For every target you submit, by submitting it you represent and warrant, consistent with the “Authorization to Test” warranty in the Terms at /legal/terms and the customer warranties in your signed RoE, that:

1. you either own the target, or you have obtained, in writing and in advance, the express authorization of the owner or operator to test it;
2. you have authority to authorize access to all systems and data reachable from that target; and
3. the natural person who signs the RoE and the Authorized User who launches each execution have the authority to bind you and to grant that authorization.

This warranty is the gate that makes HackZero’s activity lawful. Under the “gates-up-or-down” test of Van Buren v. United States, 593 U.S. 374 (2021), your written authorization is what supplies the access right that the federal Computer Fraud and Abuse Act, 18 U.S.C. § 1030, and the state and foreign computer-crime statutes listed in Section 9 require. If the warranty is false for a given target, the testing of that target is unauthorized as a matter of law, and you, not HackZero, bear responsibility for it.

2.2 You define and own the scope

Scope is your burden, not ours. You must define your in-scope targets precisely (by IP address or CIDR range, ASN, domain, application, repository, or cloud-account or tenancy identifier) and the techniques you permit, and you warrant the accuracy of that definition. The RoE is the controlling scope document. Listing a target as in-scope does not create authorization where you lack it; an Out-of-Scope Activity is both a breach of this AUP and unauthorized access for purposes of Section 9.

2.3 Per-execution re-affirmation

By starting an on-demand execution, or by configuring or leaving in effect a schedule that later fires, the Authorized User re-affirms, on your behalf, that the warranty in Section 2.1 remains true and that valid authorization from the system owner exists for every Authorized Asset that execution targets. We log each re-affirmation as a hash-chained, append-only audit event as evidence of that authorization.

2.4 Revoking authorization

You may revoke authorization for any Authorized Asset at any time through the Services, and an RoE-wide kill-switch request may be issued through the named contact and channel set out in your RoE. Revocation takes effect prospectively when we receive and can act on it; it does not retroactively un-authorize testing already performed in good-faith reliance on a then-valid authorization. To avoid the revocation-by-conduct ambiguity addressed in Facebook, Inc. v. Power Ventures, Inc., 844 F.3d 1058 (9th Cir. 2016), revocation should be made through the Services or in writing to the named RoE contact, not by informal signal.

2.5 Authorization does not waive third parties’ rights

Your authorization binds you. It does not waive the rights of your employees, contractors, end users, customers, or partners. Where an engagement could capture the communications or stored data of individuals (for example, social-engineering targets, employee mailboxes, or accounts you do not personally control), you are responsible for obtaining any consent those individuals’ rights require under laws such as the federal Stored Communications Act, 18 U.S.C. §§ 2701 to 2712, and the Wiretap Act, 18 U.S.C. §§ 2510 to 2522, and their state and foreign equivalents.

3. Prohibited targets

You must not direct the Services at, and you must not use the Services to scan, probe, or exploit:

3.1 Third-party and non-owned systems

Any system that is not an Authorized Asset, including systems owned or operated by a third party for which you have not obtained prior written authorization from the owner or operator. Discovery of a previously unknown asset during an engagement does not authorize testing it: our agents are designed to hard-stop at the boundary of your listed scope and to seek explicit approval before pivoting to a newly discovered asset, including infrastructure reached transitively through DNS, IP, or application pivots.

3.2 Shared cloud infrastructure beyond your tenancy

Shared, multi-tenant cloud infrastructure to the extent it lies outside your own account, subscription, project, or tenancy. You may authorize testing only of the resources within your own cloud tenancy. You must not direct testing at a cloud provider’s control plane, hypervisor, shared management services, or another tenant’s resources.

3.3 Targets where testing would violate a cloud provider or upstream policy

Any target where the testing would violate the acceptable-use policy, customer agreement, or penetration-testing rules of the underlying cloud or hosting provider, including:

• Amazon Web Services (the AWS Customer Agreement and the AWS Acceptable Use Policy, together with the AWS penetration-testing rules that permit testing only of customer-owned resources and prohibit certain techniques such as denial-of-service simulation without prior approval);
• Microsoft Azure (the Microsoft Online Services Terms, the Acceptable Use Policy, and the Microsoft Cloud Unified Penetration Testing Rules of Engagement); and
• Google Cloud Platform (the Google Cloud Platform Terms of Service and Acceptable Use Policy).

You represent that you have reviewed the terms of service of each third-party vendor hosting or providing your Authorized Assets (including cloud providers, content-delivery networks, payment processors, and infrastructure providers) and that the Authorized Parties’ activity does not violate those terms, or that you have obtained from those vendors any pre-authorization their rules require. This mirrors and supplements the corresponding warranty in your RoE.

3.4 Safety-critical and human-life systems

Industrial control systems, operational-technology environments, medical devices or clinical systems, emergency-services or public-safety systems, utility or energy distribution systems, transportation or avionics or vehicular control systems, nuclear facilities, life-support systems, or any other system where a failure, disruption, or unintended effect of testing could foreseeably result in death, personal injury, or environmental harm. You must not direct the Services at such systems unless that specific testing is expressly described and approved in a written, signed RoE scope that documents the safety controls, the named human contacts, and the abort procedures, and that we have agreed to in writing.

4. Prohibited uses

In addition to the prohibited targets in Section 3, you must not, and must not permit any user or any third party to:

4.1 Illegal activity

Use the Services to violate any applicable law, regulation, or order, or for any unlawful, fraudulent, deceptive, or tortious purpose, in any jurisdiction in which you or your targets are located.

4.2 Attack HackZero or other customers

Use the Services, or any technique learned through them, to attack, disrupt, degrade, or gain unauthorized access to HackZero’s own infrastructure, the Services themselves, or the environments, data, or tenancy of any other HackZero customer. Good-faith security research directed at HackZero’s own systems is governed instead by our Vulnerability Disclosure Policy at /legal/security, which contains the only authorization we grant for testing our own platform.

4.3 Bypassing scope, rate, or Rules-of-Engagement limits

Circumvent, disable, or attempt to defeat any scope boundary, rate limit, technical containment, scheduling control, kill-switch, or other Rules-of-Engagement safeguard; or use any method to exceed the targets, techniques, timing, volume, or data-handling limits set in your RoE or in Section 6.

4.4 Reselling, scraping, and reverse engineering

Resell, sublicense, time-share, or operate the Services as a service bureau for any third party except as expressly authorized in writing; scrape, harvest, or systematically extract content, findings, or data from the Services other than your own outputs; or reverse engineer, decompile, train on, or otherwise duplicate the Services or our models to build a competing product or service, except to the limited extent that applicable law forbids that restriction.

4.5 Weaponizing the platform against third parties

Upload, host, generate, store, or transmit malware, exploits, or attack payloads through the Services for the purpose of weaponizing them against, or delivering them to, any third party or any system that is not an Authorized Asset. The Services may generate and deploy exploit code as a normal part of an authorized engagement; that capability may be used only inside your authorized scope.

4.6 Facilitating real-world intrusion of unauthorized systems

Use the findings, exploit reproductions, captured artifacts, reasoning traces, or other outputs of the Services to facilitate, plan, or carry out the intrusion, compromise, extortion, or disruption of any system you are not authorized to access. Outputs are delivered to help you remediate your own authorized assets, not to serve as an attack kit against others.

4.7 Public dumps and extortion

Publicly disclose unpatched findings about a third party, threaten to do so, or use any finding for extortion. Coordinated disclosure of vulnerabilities in HackZero’s own systems is governed by /legal/security.

4.8 Export controls and sanctions

Use, access, or make the Services available in violation of the export-control and sanctions laws of the United States, including the Export Administration Regulations administered by the U.S. Department of Commerce and the sanctions programs administered by the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”). You represent that you, your Authorized Users, and your targets are not located in, organized under the laws of, ordinarily resident in, or owned or controlled by a party in a country or territory subject to comprehensive U.S. sanctions, and that you are not on, or owned or controlled by a party on, any U.S. restricted-party list (including the OFAC Specially Designated Nationals and Blocked Persons List or the Commerce Department’s Entity List). You must not direct the Services at targets located in, or use them to benefit any person in, an OFAC-restricted destination.

5. Data-handling rules

5.1 Minimum data necessary

Configure engagements so that the Services extract only the minimum data necessary to identify and prove a finding. The Services are designed to capture proof of a vulnerability, not to perform bulk exfiltration of production data. Do not direct the Services to mass-extract production records where a representative sample proves the finding.

5.2 No regulated data without the required addendum

Do not upload, expose to, or direct the Services to process regulated categories of data unless the corresponding contract is in place:

• Protected health information (“PHI”). Do not upload or expose PHI, or point the Services at systems containing PHI, unless a Business Associate Agreement (“BAA”) under the U.S. Health Insurance Portability and Accountability Act (45 C.F.R. Parts 160 and 164) is executed with HackZero. PHI handling is gated to the Compliance tier and requires the BAA; until a BAA is in force, the Services are not authorized for PHI. Where no BAA exists, HackZero is not a Business Associate and the general handling described in /legal/privacy does not extend to PHI.
• Cardholder data. Treat payment-card data within scope under the PCI-DSS 4.0 controls reflected in your RoE; do not direct the Services to extract full primary account numbers where a finding can be proven without them.
• Other regulated data. Where a target environment contains personal data subject to laws such as the California Consumer Privacy Act as amended by the California Privacy Rights Act (Cal. Civ. Code §§ 1798.100 to 1798.199.100), the U.S. comprehensive state privacy laws, Canada’s Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) and Quebec’s Law 25 (CQLR c. P-39.1), Mexico’s Ley Federal de Protección de Datos Personales en Posesión de los Particulares, Brazil’s Lei Geral de Proteção de Dados (Lei 13.709/2018), or the data-protection laws of Argentina, Colombia, Chile, or Peru, you remain the controller of that data and are responsible for having a lawful basis for the testing. HackZero processes such data only as your processor under the Data Processing Addendum at /legal/dpa.

5.3 Customer data, source code, and the no-training commitment

Data we encounter during an engagement (including source code accessed through the read-only GitHub App, captured request and response artifacts, and findings) is your data and is processed under /legal/dpa. We do not use your data to train, fine-tune, or otherwise improve any machine-learning or AI model, as described in the AI Transparency Notice at /legal/ai. Nothing in this AUP authorizes us to do otherwise.

6. Fair use, rate limits, and anti-abuse

6.1 Plan limits and overage

Your subscription tier (Watchdog, Pentest, Compliance, or Enterprise) sets your included scan volume and concurrency. Use of the Services beyond those limits is billed at the per-scan overage rate or requires an upgrade, as described in /legal/refunds and your order. The free tier permits signup only and zero live scans.

6.2 Reasonable use

Do not use the Services in a way that imposes an unreasonable or disproportionate load on the Services, on shared infrastructure, or on any third party; that interferes with other customers’ use; or that is designed to evade metering, scope, or rate controls. We may impose technical rate, concurrency, and volume limits and may throttle or queue executions to protect the stability and security of the Services.

6.3 Account security and integrity

Keep your credentials confidential, configure multi-factor authentication and single sign-on where available, and keep your Authorized User list and your active schedules current and accurate. You are responsible for all activity under your Account. Promptly notify us at [email protected] of any suspected compromise of your Account.

7. Autonomous-agent acknowledgments

You acknowledge that the Services use autonomous AI agents that plan and carry out testing with limited human direction and that can chain techniques and execute exploits. Because of that capability:

1. Scope is a hard technical boundary, not advisory. You must define scope accurately, because the agent treats your listed scope as the limit of its authorization.
2. The agent hard-stops at scope edges. The agent pauses and requires explicit approval before pivoting to a newly discovered asset.
3. Allocation of excursions. As reflected in your RoE and the Terms, an excursion caused by our agent’s reasoning failure (for example, target drift) is our responsibility, while an excursion traceable to your misrepresentation of ownership or scope is your responsibility. Section 9 and the Terms govern this allocation.
4. Non-determinism. Findings are produced by a non-deterministic system and may include false positives or be missed entirely; findings require human validation before you rely on them, as described in /legal/ai. This does not relieve you of the obligations in this AUP.

8. Consequences of violation

8.1 Immediate protective action

If we reasonably suspect an Out-of-Scope Activity, unauthorized targeting, a threat to safety, an attack on HackZero or another customer, or other conduct that exposes HackZero or any third party to imminent harm or legal risk, we may, without prior notice and without liability:

• pause or abort the affected execution;
• trigger the Rules-of-Engagement kill-switch and halt testing; and
• suspend the affected engagement, Authorized User, or Account.

We will use reasonable efforts to notify you promptly of protective action taken under this Section 8.1.

8.2 Cure period for non-egregious breaches

For a breach of this AUP that is not egregious, we will give you written notice (which may be by email or in-product) describing the breach and a reasonable opportunity to cure it, consistent with the cure mechanics in the Terms at /legal/terms. If you cure the breach within the stated cure period, we will restore normal access. A breach is “egregious” (and not subject to a cure period) where it involves unauthorized targeting of a non-owned or non-authorized system, a threat to human safety, illegal activity, an attack on HackZero or another customer, export-control or sanctions violations, or conduct that exposes HackZero or any third party to imminent harm or ongoing legal exposure.

8.3 Suspension and termination

We may suspend or terminate your access to the Services, in whole or in part, for an uncured non-egregious breach or for any egregious breach, as set out in the Terms. Termination for your breach does not entitle you to a refund except as provided in /legal/refunds, and (where applicable) cancellation may affect founding-cohort pricing as described there.

8.4 Reporting to authorities

We are not obligated to monitor your use, and we generally will not report customers. However, where we are required by law, by a valid legal process, or by a binding regulatory obligation to report conduct, we may do so. We may also, in our reasonable judgment, report conduct that presents an imminent risk of serious harm to persons. We will limit any such disclosure to what the applicable law or process requires.

8.5 Preservation of authorization defense

To support the lawful-authorization defense that protects both you and us, we retain immutable, append-only logs of authorization, scope, and execution events. We intend to retain these records for seven (7) years, consistent with the MSA and RoE retention terms, even after an Account closes.

8.6 Cumulative remedies

The remedies in this Section 8 are in addition to, and do not limit, the warranties, indemnities, and remedies in the Terms, the RoE, and (for Enterprise customers) the MSA, including the customer indemnity for claims that access to a target was not authorized.

9. Legal basis: computer-crime statutes and the authorization defense

This Section identifies the laws that make authorization the dividing line between a lawful penetration test and a crime. It is informational; it does not narrow the operative warranties in Sections 2 through 4.

9.1 United States federal law

• Computer Fraud and Abuse Act, 18 U.S.C. § 1030, including § 1030(a)(2)(C) (accessing and obtaining information without authorization), § 1030(a)(4) (access with intent to defraud), and § 1030(a)(5) (causing damage or transmitting harmful code), with a civil claim under § 1030(g). Your authorization supplies the access right under the “gates-up-or-down” test of Van Buren v. United States, 593 U.S. 374 (2021); see also hiQ Labs, Inc. v. LinkedIn Corp., 31 F.4th 1180 (9th Cir. 2022).
• Digital Millennium Copyright Act, 17 U.S.C. § 1201, including the security-testing provisions of § 1201(j) and the good-faith-security-research exemption at 37 C.F.R. § 201.40(b)(11), both of which require the authorization of the owner or operator.
• Stored Communications Act, 18 U.S.C. §§ 2701 to 2712, and the Wiretap Act, 18 U.S.C. §§ 2510 to 2522, which protect third-party communications and stored data and are not waived by your authorization (see Section 2.5).

The U.S. Department of Justice good-faith-security-research charging policy (Justice Manual § 9-48.000, May 19, 2022) reflects federal prosecutorial discretion. It binds only DOJ and is not a defense to state or foreign charges or to civil claims; documented, written authorization remains the operative protection.

9.2 United States state computer-crime statutes

These statutes generally have no federal loss threshold and are not bound by federal charging policy. They include California Penal Code § 502; New York Penal Law Article 156; Texas Penal Code § 33.02; Florida Statutes § 815.06; the Illinois Computer Crime statute, 720 ILCS 5/17-50 et seq.; Massachusetts General Laws ch. 266 § 120F; the Virginia Computer Crimes Act, Va. Code §§ 18.2-152.1 to 18.2-152.15; and Washington’s computer-crime statutes, RCW 9A.90.040 et seq. Your authorization is intended to satisfy the access-authorization element of each.

9.3 Canada

The Criminal Code, R.S.C. 1985, c. C-46, ss. 342.1 (unauthorized use of a computer), 342.2 (possession of a device to commit a computer offence), and 430(1.1) (mischief to computer data). Written authorization from the person lawfully entitled to grant access negates the “without colour of right”, “fraudulently”, and “wilfully” elements; the authorization must come from a person entitled to grant it, match the actual scope, and precede the activity (retroactive consent is no defence).

9.4 Latin America

The Federal Penal Code of Mexico (Código Penal Federal), Articles 211 bis 1 through 211 bis 7; the Brazilian Penal Code (Código Penal), Articles 154-A and 154-B; the Argentine Penal Code (Código Penal), Articles 153 bis, 157 bis, 183, and 184; Colombia’s Law 1273 of 2009 (Ley 1273 de 2009); Chile’s Law 21.459 of 2022 (Ley 21.459 de 2022); and Peru’s Law 30096 (Ley 30096). In each jurisdiction, your prior, scope-matched, written authorization is intended to constitute the consent that makes the Authorized Parties’ activity lawful.

9.5 No authorization beyond scope

Authorization under this Section extends only to activity within the scope you have authorized in the RoE. An Out-of-Scope Activity is not authorized and is not protected by this Section.

10. Reporting violations

Report suspected violations of this AUP, including suspected unauthorized targeting, abuse of the Services, or misuse of outputs, to [email protected]. To report a security vulnerability in HackZero’s own systems, follow the Vulnerability Disclosure Policy at /legal/security and contact [email protected]. For account or billing questions, contact [email protected]; for general inquiries, [email protected].

11. Changes to this AUP

We may update this AUP from time to time. We will post the updated version with a new “Last updated” date and, for material changes, provide advance notice by email or in-product as described in the Terms at /legal/terms. Your continued use of the Services after the effective date of an update constitutes acceptance of the updated AUP, subject to any re-acceptance required for material changes. We preserve prior versions.

12. Contact

Agentic Security, Inc. (d/b/a HackZero) · 2810 N Church St STE 88242, Wilmington, Delaware 19802, United States Legal and notices: [email protected] Security: [email protected] Privacy: [email protected] Support: [email protected] General: [email protected]