Terms of Service

Service Description

Vulnify provides public diagnostic tools, authenticated scanning workflows, reporting features, automation capabilities, premium assessment ordering, and related educational content.

• Public tools and educational pages intended to help users understand security posture and remediation work.
• Authenticated workflows for broader scans, saved reports, recurring execution, exports, and integrations on supported plans.
• Temporary report artifacts or browser-accessible exports that may be generated by supported tool and reporting workflows.
• Supported public-safe redacted pages or public programmatic pages when intentionally published through available sharing mechanisms.
• Premium assessment ordering and delivery tracking for supported engagement types.
• Partner and affiliate workflows where approved by Vulnify.

Accounts, Plans, And Billing

Certain features require an account, an active subscription, a qualifying role, or a separate purchase such as credit packs or premium assessments.

• Public tools may be available without sign-in for quick checks.
• Subscriptions and pay-as-you-go credit purchases are offered according to the pricing page and related checkout workflows.
• Premium assessments are separate paid engagements with their own intake and delivery lifecycle.
• Only currently live premium tiers are available for self-serve ordering, while other tiers may remain staged or unavailable until activated.
• Users are responsible for maintaining accurate account and billing information.

Acceptable Use

You may only use Vulnify on assets you own or are authorized to assess. You are responsible for ensuring your use of the service complies with applicable law, contracts, and policies.

• Do not use Vulnify for unlawful or unauthorized testing.
• Do not attempt to harm the platform, bypass access controls, or abuse automation and API features.
• Do not misuse partner, referral, webhook, or integration workflows for fraud or spam.
• Do not publish, share, or expose report-derived content unless you are authorized to do so for the target and workflow involved.
• Do not share credentials or secrets in ways that create avoidable security risk.

Reports, Guidance, And Educational Content

Reports, guides, fix pages, and public educational content are provided to help users understand risk and remediation options. They are not a guarantee of complete security, legal compliance, or uninterrupted service.

Users remain responsible for how they interpret results, what remediation they apply, and whether additional specialist review is needed.

HTML, PDF, JSON, and similar report outputs may be available in some workflows. Availability, retention, and access characteristics can vary by workflow, and a copied or shared URL does not necessarily represent the same type of output as a public-safe redacted page.

Public Sharing And Indexing

Some workflows may support intentionally published public-safe redacted pages or public programmatic pages. These are separate from normal private workspace history and may be accessible on the public site.

When a public page is intentionally published through a supported workflow, it may be publicly reachable and may be treated as indexable or non-indexable according to the live service configuration for that page.

Integrations, API, And Automation

Some plans and roles can use API keys, webhooks, integrations, and scheduled workflows. Users are responsible for securing secrets, validating outbound destinations, and reviewing automation behavior before using those features in production.

Premium And Affiliate Availability

Premium assessment and affiliate capabilities are offered according to the workflows that are currently live in the service. Referenced pathways may change over time, and some offerings may be staged, limited, invite-based, or available only to approved partners.

Affiliate attribution, rewards, and payout handling may be subject to review, qualification, anti-fraud checks, and other live program rules in effect at the time of the event.

Support, Refunds, And Contact

Support availability, billing handling, and workflow questions are managed through the current live service processes rather than older static marketing promises.

• Support inquiries can be sent to support@vulnify.app.
• Premium assessment and commercial questions can be sent to sales@vulnify.app.
• Refund, billing, and service decisions are handled according to the active purchase and subscription workflows in place at the time of the transaction.