cat /legal/terms-of-service

Terms of Service

Please read these Terms of Service carefully before using the PlatformSecurity website. These terms govern your access to and use of our website and services.

Last updated: July 4, 2026

Operator and Trade Name

This website and the services described herein are operated by ProDefense LLC, a limited liability company. ProDefense LLC does business as (DBA) Platform Security. References to 'PlatformSecurity,' 'Platform Security,' 'we,' 'us,' or 'our' in these Terms of Service refer to ProDefense LLC.

Acceptance of Terms

By accessing and using the PlatformSecurity website (platformsecurity.com), you accept and agree to be bound by the terms and provision of this agreement. If you do not agree to abide by the above, please do not use this service.

These Terms of Service apply to all visitors, users, and others who access or use our website and services.

Services Description

PlatformSecurity provides offensive security and security engineering services including:

  • Penetration Testing
  • AI Penetration Testing
  • Red Teaming
  • Zero Day Research
  • Vulnerability Scanning
  • Security Engineering
  • Platform Security
  • Security Program Reviews
  • Security Strategy

All services are provided subject to separate service agreements, statements of work, or engagement letters that will be executed prior to the commencement of any professional services.

The Refund Guarantee

Let's address what you're actually thinking. If you have read this far into a Terms of Service, you are either a lawyer or you are hunting for the clause that quietly lets us wriggle out of the refund we promised on the homepage. We respect the paranoia. So, for the record: there is no such clause. We may be a little psychotic, but the only thing hiding in here is how confident we are that we will find something.

What We Promise

On a qualifying, scoped assessment, if we do not surface at least one critical-severity finding, the engagement fee for that assessment is refunded. No fine-print games, no quietly counting a lower-severity finding, no moving the goalposts after the work is done.

What We Mean by Critical

We hold ourselves to the high bar on purpose. A critical finding is one that, on its own or as a proven exploit chain, gives a real attacker meaningful control over your systems or data — not a theoretical risk on a scanner report. Concretely, that looks like:

  • Unauthenticated remote code execution on a production workload (for example, an RCE on a pod that pivots to IAM user or role access).
  • Full leakage or exfiltration of customer PII, or the ability to read or modify any customer's data across tenant boundaries.
  • Authentication or authorization bypass that yields administrative, account, or full tenant takeover.
  • Access to secrets, keys, or credentials that unlock broader access to your cloud environment or production infrastructure.

These are illustrative, not exhaustive. Severity is rated using the CVSS methodology referenced in your engagement letter, and any finding that methodology scores as critical qualifies.

What 'Qualifying' Means

So the promise is real and not weasel words, a qualifying engagement is simply one where we had a fair shot:

  • The engagement has a defined, mutually agreed scope and a statement of work signed before testing begins.
  • We are given the access, accounts, and environment agreed in that scope for the full testing window.
  • Severity is rated using the standard CVSS methodology referenced in your engagement letter.
  • The guarantee covers the assessment fee for that engagement, not expenses, retests, or separate workstreams.

If your engagement meets those conditions and we come up empty, you do not pay for it. That is the whole trick. The specific terms of any guarantee are restated in your engagement letter, which controls if anything here is ever unclear.

Use of Website

Permitted Use

You may use our website for lawful purposes only. You agree not to:

  • Use the website in any way that violates any applicable federal, state, local, or international law or regulation
  • Attempt to gain unauthorized access to any portion of the website or any systems or networks connected to the website
  • Interfere with or disrupt the website or servers or networks connected to the website
  • Use any robot, spider, or other automatic device to access the website
  • Transmit any viruses, malware, or other harmful code

Intellectual Property

All content on this website, including but not limited to text, graphics, logos, and software, is the property of PlatformSecurity or its content suppliers and is protected by copyright, trademark, and other intellectual property laws.

Disclaimers and Limitations

No Warranties

The information on this website is provided on an 'as is' basis. To the fullest extent permitted by law, PlatformSecurity:

  • Excludes all representations and warranties relating to this website and its contents
  • Excludes all liability for damages arising out of or in connection with your use of this website

Limitation of Liability

PlatformSecurity shall not be liable for any indirect, incidental, special, consequential, or punitive damages resulting from your use or inability to use the website.

Contact Form and Newsletter

Contact Form Submissions

By submitting information through our contact form, you:

  • Agree that the information provided is accurate and truthful
  • Grant PlatformSecurity permission to contact you regarding your inquiry
  • Understand that submission does not create a client relationship
  • Acknowledge that sensitive information should not be included in contact forms

Newsletter Subscription

By subscribing to our newsletter, you:

  • Consent to receive email communications from PlatformSecurity
  • May unsubscribe at any time using the link provided in emails
  • Understand that unsubscribing may take up to 10 business days to process

Confidentiality and Non-Disclosure

PlatformSecurity understands the sensitive nature of security work. However, information submitted through public contact forms or newsletter subscriptions is not considered confidential unless a formal non-disclosure agreement (NDA) is in place.

For confidential matters, please contact us directly at contact@platformsecurity.com to establish appropriate confidentiality protections before sharing sensitive information.

Indemnification

You agree to indemnify, defend, and hold harmless PlatformSecurity, its officers, directors, employees, and agents from and against any claims, damages, obligations, losses, liabilities, costs, or debt, and expenses (including attorney's fees) arising from your use of the website or violation of these Terms of Service.

Modifications to Terms

PlatformSecurity reserves the right to modify these Terms of Service at any time. We will notify users of any material changes by posting the new Terms of Service on this page and updating the 'Last updated' date.

Your continued use of the website after any such changes constitutes your acceptance of the new Terms of Service.

Governing Law

These Terms of Service shall be governed by and construed in accordance with the laws of the State of Arizona, United States, without regard to its conflict of law provisions.

Any disputes arising from or relating to these Terms of Service or your use of the website shall be subject to the exclusive jurisdiction of the courts located in Maricopa County, Arizona.

[*] Questions About Terms of Service

If you have any questions about these Terms of Service, please contact us:

ProDefense LLC d/b/a Platform Security

Email: contact@platformsecurity.com

Location: Chandler, AZ