Terms of Service


Master terms governing HexaBreach platforms, managed services, training, and professional engagements.

Version 1.0 | Last Revised: June 5, 2026

These Terms of Service (“Terms”) form a legally binding agreement between you (“Customer,” “User,” “Client,” or “you”) and HexaBreach (“HexaBreach,” “we,” “our,” or “us”). By accessing our website, using our software platforms, subscribing to our managed services, enrolling in training, or engaging our professional services, you agree to be bound by these Terms.

Important Notice: Cybersecurity risk cannot be completely eliminated. HexaBreach does not guarantee prevention, detection, or remediation of every cyber incident, breach, outage, data loss, or threat actor activity.

1. Scope of Services

HexaBreach provides cybersecurity, digital forensics, incident response, managed security, software, intelligence, training, and specialized technology services. These may include:

  • Managed Security Services: SOC monitoring, managed detection and response, SIEM, SOAR, endpoint monitoring, vulnerability management, and security operations support.
  • Digital Forensics & Incident Response: Evidence collection, forensic analysis, malware investigation, ransomware response, data recovery, breach investigation, and expert reporting.
  • Software & SaaS Platforms: Access to HexaBreach software, dashboards, portals, automation tools, intelligence platforms, case management tools, and related digital assets.
  • Training & Certification: Technical training, labs, workshops, webinars, certification programs, and learning materials.
  • Professional Services: Advisory, consulting, threat intelligence, penetration testing, readiness assessments, architecture reviews, and specialized engagements.

2. Customer Responsibilities

You are responsible for ensuring that your use of HexaBreach services is lawful, authorized, and consistent with these Terms.

  • You must provide accurate information, instructions, credentials, system access, and authorization required for service delivery.
  • You are responsible for maintaining backups, business continuity plans, and internal security controls.
  • You must ensure that any data, systems, devices, networks, or accounts submitted for assessment or investigation are legally under your control or properly authorized.
  • You remain responsible for decisions made based on reports, alerts, findings, intelligence, or recommendations provided by HexaBreach.

3. Software Access & License

Subject to payment of applicable fees and compliance with these Terms, HexaBreach grants you a limited, non-exclusive, non-transferable, revocable license to access and use applicable software and SaaS platforms for your internal business purposes.

Restrictions

  • You shall not reverse engineer, decompile, copy, modify, resell, sublicense, or attempt to derive the source code of any HexaBreach software.
  • You shall not use HexaBreach platforms to build, train, or operate a competing product or service.
  • You shall not bypass security controls, abuse APIs, overload infrastructure, or attempt unauthorized testing of HexaBreach environments.
  • You shall not use the services for unlawful hacking, surveillance, fraud, malware deployment, harassment, money laundering, or other prohibited activities.

4. Managed Security Services

Managed security services may include continuous monitoring, alert triage, threat hunting, incident escalation, vulnerability visibility, detection engineering, and response coordination. Service levels, response times, reporting cadence, escalation paths, and support obligations are governed by the applicable quotation, subscription plan, statement of work, or service level agreement.

HexaBreach does not warrant that managed security services will identify every vulnerability, detect every attack, prevent every breach, or guarantee uninterrupted operation of customer systems.

5. Digital Forensics & Incident Response

For DFIR, data recovery, malware analysis, evidence handling, and investigative engagements, the following conditions apply:

  • Authorization: You confirm that you have the legal right to authorize examination of the relevant devices, systems, accounts, files, logs, or network environments.
  • Evidence Handling: HexaBreach applies reasonable forensic practices to preserve integrity, but evidence condition may be affected by prior compromise, encryption, physical damage, user activity, or third-party interference.
  • Data Recovery: Recovery outcomes are not guaranteed. Some data may be permanently corrupted, overwritten, encrypted, or unrecoverable.
  • Legal Holds: You must notify HexaBreach if any material is subject to litigation, regulatory investigation, preservation orders, or chain-of-custody requirements.

6. Training & Certification

Training content, courseware, labs, exercises, slides, recordings, assessments, certification materials, and related intellectual property remain owned by HexaBreach or its licensors.

  • You may not reproduce, redistribute, resell, or publicly share training materials without written permission.
  • You may not share exam content, lab answers, credentials, or restricted learning resources.
  • HexaBreach may revoke access or certification where fraud, misconduct, impersonation, or breach of training rules is identified.

7. Data Protection & Privacy

HexaBreach may process personal data, business data, logs, forensic evidence, telemetry, case notes, support records, and other customer information for the purpose of delivering services, maintaining security, providing support, complying with law, and improving service quality.

  • Customer data is handled in accordance with applicable data protection laws and HexaBreach privacy practices.
  • You are responsible for obtaining any required consents, authorizations, and legal grounds for submitting data to HexaBreach.
  • Where required, additional data processing terms may be executed separately.

8. Fees, Billing & Payment

Fees, billing cycles, payment terms, taxes, renewal terms, and service scope are defined in the applicable quotation, proposal, subscription plan, statement of work, purchase order, or written agreement.

  • Unless otherwise stated, fees are non-refundable.
  • Late payment may result in suspension or termination of access, support, monitoring, or active service delivery.
  • You remain responsible for all approved charges, usage-based fees, taxes, and third-party costs associated with the engagement.

9. Confidentiality & Intellectual Property

Each party shall protect confidential information received from the other party using reasonable care. Confidential information includes business information, security findings, forensic results, source code, technical documentation, threat intelligence, credentials, customer records, and non-public operational data.

HexaBreach retains ownership of its software, methods, documentation, reports templates, workflows, playbooks, training materials, algorithms, designs, trademarks, logos, and proprietary technologies. Anonymized threat indicators, patterns, and security intelligence may be used to improve HexaBreach services and protect customers, provided such use does not identify the customer unless authorized.

10. Acceptable Use

You may not use HexaBreach services for unlawful, harmful, abusive, or unauthorized activities.

  • No unauthorized access, hacking, credential abuse, malware deployment, or exploitation of third-party systems.
  • No use of services to facilitate fraud, sanctions evasion, money laundering, harassment, or privacy violations.
  • No tampering with HexaBreach infrastructure, monitoring systems, billing systems, or customer environments.
  • No use that violates export controls, sanctions, data protection laws, intellectual property rights, or applicable regulations.

11. Warranty Disclaimer

To the maximum extent permitted by law, HexaBreach services are provided “as is” and “as available.” HexaBreach disclaims all warranties, including implied warranties of merchantability, fitness for a particular purpose, non-infringement, uninterrupted operation, error-free performance, or complete threat prevention.

12. Limitation of Liability

To the maximum extent permitted by law, HexaBreach’s total liability for any claim arising out of or related to these Terms or the services shall not exceed the amount paid by the customer to HexaBreach during the twelve (12) months preceding the event giving rise to the claim. HexaBreach shall not be liable for indirect, incidental, special, punitive, consequential, or exemplary damages, including lost profits, lost revenue, business interruption, loss of goodwill, or loss of data.

13. Indemnification

You agree to indemnify and hold harmless HexaBreach, its officers, employees, contractors, affiliates, and partners from claims, losses, damages, penalties, liabilities, costs, and expenses arising from your misuse of the services, unlawful instructions, unauthorized data submission, violation of these Terms, or breach of applicable law.

14. Suspension & Termination

HexaBreach may suspend or terminate services where there is non-payment, suspected abuse, security risk, legal requirement, breach of these Terms, or use of services for unauthorized or harmful activity. Termination does not relieve you of unpaid fees or obligations accrued before termination.

15. Force Majeure

HexaBreach shall not be liable for delays or failures caused by events beyond reasonable control, including internet outages, cloud provider failures, power interruptions, natural disasters, civil unrest, war, government action, pandemics, supply chain failures, or third-party service disruption.

16. Governing Law & Dispute Resolution

These Terms shall be governed by the laws of the Republic of Kenya, unless a separate signed agreement states otherwise. The parties shall first attempt to resolve disputes through good-faith negotiation. Where unresolved, disputes may be referred to mediation, arbitration, or the competent courts in Nairobi, Kenya.

17. Changes to These Terms

HexaBreach may update these Terms from time to time. Updated versions may be published on our website or communicated through official channels. Continued use of the services after updates become effective constitutes acceptance of the revised Terms.

18. Contact

For legal inquiries, privacy requests, security reports, or Master Service Agreement requests:

HexaBreach Legal & Compliance Office
Email: legal@hexabreach.com
Privacy: privacy@hexabreach.com
Security: security@hexabreach.com
Support: support.hexabreach.com

Back to Top