Skip to Content
LegalAcceptable Use

Acceptable Use Policy

This Acceptable Use Policy defines what is permitted and prohibited when using the Detectify platform. All users must comply with this policy.

Permitted Use

Detectify is designed for authorized security testing of your own assets. You may use Detectify to:

  • Scan assets you own — Domains, subdomains, IPs, and applications that belong to your organization
  • Scan assets you are authorized to test — Assets where you have explicit, documented permission from the owner to perform security testing
  • Integrate with your development workflow — Use the API and integrations to automate security testing as part of your SDLC
  • Export and share results — Share findings with your team, management, and authorized third parties for remediation and reporting purposes

Prohibited Use

The following uses of Detectify are strictly prohibited:

Unauthorized Scanning

  • Do not scan assets you do not own or have permission to test. You must have authorization from the asset owner before scanning any target.
  • Do not use Detectify to attack or disrupt services. The platform is for security testing, not for causing damage or denial of service.

Malicious Activity

  • Do not use findings for malicious purposes. Vulnerabilities discovered through Detectify must be used for remediation, not exploitation.
  • Do not share vulnerability details publicly before the asset owner has had the opportunity to remediate the issue.
  • Do not use Detectify to perform unauthorized data extraction or access data belonging to third parties.

Platform Abuse

  • Do not attempt to circumvent platform controls such as rate limits, scan restrictions, or access controls.
  • Do not share your account credentials or API keys with unauthorized individuals.
  • Do not resell or redistribute Detectify services without authorization.
  • Do not use automated tools to scrape or extract data from the Detectify platform beyond what the API provides.

Your Responsibilities

As a Detectify user, you are responsible for:

  • Maintaining proper authorization for all targets you scan
  • Complying with applicable laws in your jurisdiction regarding security testing
  • Notifying hosting providers that may require advance permission for scanning (see Hosting Provider Permissions)
  • Promptly remediating vulnerabilities discovered through the platform
  • Securing your account by using strong passwords, enabling 2FA, and protecting your API keys

Enforcement

Violation of this Acceptable Use Policy may result in:

  • Temporary or permanent suspension of your account
  • Revocation of API access
  • Termination of your subscription

Detectify reserves the right to investigate suspected violations and take appropriate action.

Reporting Violations

If you become aware of a violation of this policy, contact security@detectify.com.

Last updated on
Cookie PolicyBug Report