Pentest24 System: A system based on delivering a set of online services for identifying permeability of web apps and other online services.
Pentest24 Team: A group of security experts, responsible for supervising and technical affairs of Pentest24.
System ownership Verification (website – online app): A process through which, the user’s ownership over the website or application gets verified. It can consist of checking the user’s full access to the server and files, domain owner’s name inquiry, etc.
Vulnerability: In terms of Information Security, Vulnerability is a weak point that can be abused by an attacker. ISO27005 standard defines vulnerability as: a weakness in a system or a group of systems that can be exploited by any kind of threat.
Scanner: A tool designed to access useful applications, networks and computer systems.
Hosting/service provider for the Users Website(or online system): A group responsible for hosting and serving the user’s online system (including private and collective hosts).
User or Customer: The individual or legal entity, known as the owner of the website or mobile application, or the one paying subscription in accordance to receiving certain services.
Allowed Usage assurance of the System: Confirming this agreement, the user is allowed to utilize the Pentest24 system for detecting vulnerabilities of the target system, undertaking any consequence of unauthorized utilization of its use cases.
Mutual Communication: To contact Pentest24, the customer should only use the Email address: email@example.com.
Upon change of the user’s contact information, Pentest24 should be informed through valid ways by the user, otherwise Pentest24 takes NO responsibility of consequences or any harm to the users service.
Change of Rules and Regulations: Pentest24 rules, subject to the rules supervising services presentable by Pentest24. Pentest24 holds the right to any future changes to them, providing a link to the rules page in the website, to make the altered rules, publicly available.
Change of Prices: Changes to the prices will be reflected in the website and these prices will act as standard for financial transactions with customers.
Service Upgrade: Before utilization, in any stage of purchasing process, the user can upgrade his/her plan, by emailing the Sales department, considering the difference in plan prices.
Pentest24 Services Include:
The utilization of any kind of access granted to the user, for calculation, software, information, hardware and equipment purposes; provided by Pentest24 or its subsets and representatives.
Any kind of usage or access granted in association with the website.
Any service mentioned in this document.
Any service provided by Pentest24 for customers, whether the user utilizes them or not.
Automatic vulnerability detection and exploration for the website presented by the user.
Manual vulnerability detection and exploration for the website presented by the user, done by Pentest24 experts.
Vulnerability detection and exploration for the website presented by the user through a combination of automatic and manual methods done by Pentest24 experts.
Providing reports considering any of aforementioned services.
Terms and Conditions of Vulnerability Detection Service:
Verifying the possession of the IP/Domain claimed by the user, falls under the user’s responsibility.
Pentest24’s automatic service acts only in accordance to the process explained in the time of service usage.
Pentest24 only examines the website or IP presented by the user, thus takes no responsibility of the consequences of any mismatch or abuse of the system by the user, and the user undertakes the detriments and harms caused due to improper usage of the service. Obviously, Pentest24 holds the right to sue the user upon probably improper usage of the service by the user.
The user admits conducting required coordination with their hosting services provider, before utilizing the service, and in the occasion of blocking or confining the service or other such incidents, takes the full responsibility.
In case of the user’s service blockage/ban for the website or presented IP, Pentest24 has the right to prevent reusing the service at discretion.
In order to prepare for any kind of unforeseen occasion, the user has to backup all the information and keep it in a safe storage.
Also, providing services on subdomains requires separate coordination or a distinct agreement as a contract, and the Pentest24’s automatic service, examines only the certain path provided by the user.
Services’ Quality Confirmation Standard
According to definitions in the IT and security, none of the services can be guaranteed for 100% accuracy or correctness; yet, fully-automatic, semi-automatic and manual services provided are very effective in the context of examining the human factors.
Illegal Customer Activities:
Any utilization of Pentest24 services without informing or getting permission from the target the service is being used on, is deemed illegal and aside from stripping Pentest24 off of its responsibilities, it can also be prosecuted by Pentest24.
Any usage of service for the purpose of harming or hindering any other entity is illegal.
Responsibility of Pentest24:
Pentest24 is responsible for keeping customer documents secure and not sharing them with any third party.
Responsibility of Customer:
The customer admits not to make any changes to the sources, contents, configuration and other properties comparing to the start of the service during the scan and/or utilization of services. Obviously, making any changes during and/or after the utilization of the service, will be taken out of the examining process and the customer holds no objection or prosecution right.
The customer has to keep all payment and purchasing documents until the end of the duration of the service. Pentest24 can claim payment for unblocking a service.
Pentest24 has no responsibility for Its commitments during force major situations like: natural disasters, war, rebellion, social chaos, explosions, strike, governmental limitations and sanctions. Nevertheless, Pentest24 will try its best to minimize the effect of such incidents. Also in a force major situation, the customers are not allowed to violate the terms of services.
Paying an invoice or signing up to the Pentest24 website by the customer will be considered as accepting the rules and customer’s signature won’t be necessary.
Failure to fulfilling a part of terms and rules of Pentest24 related to customer and other parties, will not foreclose Pentest24 from its authority on enforcing the rules.
Running Law and Judgement Reference:
Any agreement and contract including this document, ordering forms, and other service providing contracts between Pentest24 and the customer, will be interpreted based on the running law. The customer acknowledges that any litigation or arbitration will be dealt with in the according jurisdiction and the customer will consent to attend them. Should any part of the contract/terms of services be deemed as not applicable by the competent court, other parts will still remain valid and applicable.
The customer guarantees reading this document thoroughly and has had enough time to examine and understand its legal aspects, or has neglected the examination and thus, has comprehended and consented to all of this document’s terms and conditions.