Effective date: 30 June 2026
Terms of Service
These Terms of Service govern access to and use of the threats.run website, product pages, AI SOC, AI CTI, APIs, waitlist, communications, and related services. By accessing or using the services, you agree to these terms. If you use the services for an organization, you represent that you are authorized to bind that organization.
If a separate written agreement, order form, pilot agreement, data processing addendum, or security schedule applies, that document controls where it conflicts with these general website terms.
1. The service
threats.run provides security operations software for alert triage, evidence gathering, threat intelligence, detection engineering, external exposure monitoring, brand and domain monitoring, reporting, notifications, and analyst-approved response workflows. The service is designed for defensive security operations and related business use.
Product availability, features, integrations, data sources, and limits may change over time. Some features may be in private access, pilot access, invite-only access, or subject to additional terms.
2. Eligibility and accounts
- You must provide accurate account, contact, and organization information.
- You are responsible for maintaining the confidentiality of credentials, tokens, API keys, and workspace invitations.
- You must promptly notify us if you suspect unauthorized access or compromise.
- You are responsible for activity under accounts, integrations, and API credentials issued to your organization.
- You may not share access with unauthorized users or use another person’s account without permission.
3. Authorized security use
The services are intended for lawful, defensive security operations. You may use threats.run to analyze alerts, investigate indicators, monitor assets you are authorized to protect, draft detection logic, prepare reports, and coordinate response workflows.
You must have appropriate authorization for any assets, domains, accounts, networks, systems, brands, data, or third-party environments you submit, monitor, scan, investigate, or connect to the service.
4. Prohibited use
You may not use the services to:
- Gain unauthorized access to systems, accounts, networks, data, or services.
- Conduct phishing, credential theft, malware delivery, spam, harassment, extortion, or fraud.
- Perform offensive operations against targets without authorization.
- Submit data you are not legally or contractually permitted to process.
- Abuse enrichment, lookup, monitoring, API, notification, or automation features.
- Interfere with, overload, reverse engineer, scrape, bypass limits, or disrupt the services.
- Misrepresent threats.run outputs as final legal, compliance, law-enforcement, or regulatory determinations.
- Use the service in a way that violates applicable law, sanctions, export controls, or third-party rights.
5. Customer data and responsibility
You retain ownership of data you submit to the service. You grant threats.run the rights needed to host, process, transmit, analyze, display, secure, and support that data for the purpose of providing the services and improving security workflows.
You are responsible for the accuracy, legality, quality, and authorization of customer data. You should not submit secrets, credentials, private keys, regulated data, or highly sensitive personal data unless the product agreement and workspace configuration explicitly support that use.
6. Security intelligence and AI-assisted outputs
Security intelligence is time-sensitive and may be incomplete, ambiguous, or wrong. AI-assisted summaries, risk labels, detection logic, recommendations, and response suggestions are provided to support analyst review. They are not a substitute for professional judgment, validation, or your organization’s internal approval process.
You are responsible for reviewing outputs before taking operational action, including blocking infrastructure, disabling accounts, notifying users, filing abuse reports, initiating takedowns, escalating incidents, or deploying detection rules.
7. Integrations and third-party services
The services may connect to third-party systems such as SIEM, EDR, identity, ticketing, messaging, email, SOAR, cloud, webhook, or threat intelligence providers. You are responsible for configuring integrations, permissions, credentials, and destinations correctly.
Third-party services are governed by their own terms and policies. threats.run is not responsible for third-party systems, outages, data handling, API changes, rate limits, content, or actions taken outside our service.
8. Acceptable automation and analyst control
threats.run may generate recommendations, briefs, detections, summaries, and response-ready handoffs. Unless a separate agreement states otherwise, you are responsible for ensuring that human review, approval, and rollback procedures are appropriate for your environment.
You should test detection rules, response actions, notifications, and integrations before using them in production workflows.
9. Confidentiality
During use of the service, each party may receive non-public information from the other. The receiving party must protect confidential information using reasonable care and may use it only for purposes related to the services, unless disclosure is required by law or authorized in writing.
Customer security data, investigation notes, workspace configuration, and product non-public features should be treated as confidential unless the relevant party makes them public or authorizes disclosure.
10. Privacy and data protection
Our Privacy Policy explains how we process personal information. If a workspace involves regulated personal data, cross-border processing, or specific compliance obligations, the parties may need a separate data processing agreement or security addendum.
11. Security
We use reasonable administrative, technical, and organizational safeguards designed to protect the service. You are responsible for secure configuration of your accounts, users, integrations, API tokens, notification channels, and connected systems.
You must not test, scan, exploit, or attempt to bypass threats.run systems without prior authorization. Security issues should be reported to [email protected].
12. Availability and changes
We aim to provide a reliable service, but we do not guarantee uninterrupted availability unless a separate service level agreement applies. We may modify, suspend, limit, or discontinue features for security, reliability, legal, product, or operational reasons.
13. Fees and payment
Paid plans, pilots, usage limits, renewal terms, taxes, and payment obligations will be described in an applicable order form, invoice, or written agreement. Unless otherwise stated, fees are non-refundable except where required by law or agreed in writing.
14. Intellectual property
threats.run and its licensors retain all rights in the services, software, designs, workflows, documentation, models, interfaces, logos, and related technology. These terms do not grant you ownership of threats.run intellectual property.
You may provide feedback, suggestions, or requests. We may use that feedback without restriction or obligation, unless otherwise agreed in writing.
15. Publicity
We will not publicly identify your organization as a customer without permission, unless a separate agreement allows it.
16. Suspension and termination
We may suspend or terminate access if we believe there is unauthorized use, security risk, non-payment, violation of these terms, legal requirement, or harm to the service or others. You may stop using the services at any time. Data export or deletion after termination may be subject to product capability, legal obligations, and any applicable written agreement.
17. Disclaimers
The services are provided on an “as is” and “as available” basis unless a separate written agreement states otherwise. We disclaim warranties of merchantability, fitness for a particular purpose, non-infringement, and uninterrupted or error-free operation to the maximum extent permitted by law.
Threat intelligence, enrichment, AI-assisted outputs, and detection logic may be incomplete, delayed, inaccurate, or not suitable for your environment. You are responsible for validation and operational decisions.
18. Limitation of liability
To the maximum extent permitted by law, threats.run will not be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, including lost profits, lost revenue, loss of data, business interruption, or security incident costs arising from use of the services.
Where liability cannot be excluded, it will be limited to the amount paid for the services giving rise to the claim during the period stated in the applicable written agreement, or if no paid agreement exists, to the maximum extent permitted by law.
19. Indemnity
You agree to defend and indemnify threats.run from claims arising out of your unauthorized use of the services, violation of these terms, unlawful security activity, customer data submitted without proper rights, or misuse of outputs in a way that harms third parties.
20. Governing law
Unless a separate written agreement states otherwise, these terms are governed by the laws of Singapore, without regard to conflict of law rules. Courts in Singapore will have jurisdiction over disputes, unless applicable law requires a different forum.
21. Changes to these terms
We may update these terms as the service, legal requirements, or operational practices change. Material changes will be reflected by updating the effective date and, where appropriate, providing additional notice.
22. Contact
Questions about these terms can be sent to [email protected].