Terms of Service

1. Acceptance of Terms

By creating an account, accessing, or using NeuroStrike, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree to these Terms, you may not access or use the Service.

If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms, and "you" refers to both you individually and that organization.

2. Description of Service

NeuroStrike is an autonomous attack simulation platform that helps organizations identify vulnerabilities across their applications, networks, and APIs. The Service includes:

• Automated vulnerability scanning and detection
• Attack chain analysis and risk assessment
• Remediation guidance and compliance reporting
• API access for integration with development workflows
• Team collaboration and notification features

3. Account Registration

To use the Service, you must create an account. You agree to:

• Provide accurate, current, and complete information during registration
• Maintain the security of your account credentials
• Promptly update your account information if it changes
• Accept responsibility for all activities under your account
• Notify us immediately of any unauthorized access or security breach

4. Authorization Requirements

You may only scan systems that you own or have explicit written authorization to test.

By using NeuroStrike to scan a target, you represent and warrant that:

• You are the owner of the target system, or
• You have obtained explicit written authorization from the owner to conduct security testing
• Your use complies with all applicable laws and regulations in your jurisdiction
• You will not use the Service to scan any system without proper authorization

Unauthorized scanning of systems may violate applicable laws, including the Norwegian Penal Code (§ 204 – Unauthorized access to computer systems), EU Directive 2013/40/EU on attacks against information systems, and similar laws in other jurisdictions.

5. Acceptable Use

You agree not to use the Service to:

• Scan any system without proper authorization
• Conduct denial of service attacks or resource exhaustion attacks
• Exploit discovered vulnerabilities for unauthorized access
• Engage in any activity that violates applicable laws or regulations
• Interfere with or disrupt the Service or servers connected to it
• Reverse engineer, decompile, or disassemble the Service
• Share account credentials or allow unauthorized access
• Use the Service for any competitive analysis or benchmarking

Please review our Acceptable Use Policy for detailed guidelines.

6. Subscription and Billing

6.1 Plans and Pricing

The Service is offered under various subscription plans as described on our platform. Prices are subject to change with reasonable notice. Features and limits vary by plan. All prices are in the currency specified at the time of purchase and are exclusive of applicable taxes (including Norwegian VAT where applicable).

6.2 Payment Terms

• Subscriptions are billed in advance on a monthly or annual basis
• All fees are non-refundable except as required by applicable law (including the Norwegian Right of Withdrawal Act for consumer purchases)
• You authorize us to charge your payment method for all applicable fees
• Failed payments may result in suspension or termination of your account

6.3 Free Trial

We may offer a free trial period. At the end of the trial, your account will automatically convert to a paid subscription unless you cancel. You may be required to provide payment information to start a trial.

6.4 Cancellation

You may cancel your subscription at any time. Cancellation takes effect at the end of the current billing period. You will retain access to the Service until then.

7. Intellectual Property

7.1 Our Rights

NeuroStrike AS and its licensors own all rights, title, and interest in the Service, including all software, algorithms, user interfaces, and documentation. The Service is protected by copyright, trademark, and other intellectual property laws.

7.2 Your Data

You retain all rights to the data you submit to the Service ("Customer Data"). You grant us a limited license to use Customer Data solely to provide and improve the Service.

7.3 Feedback

Any feedback, suggestions, or ideas you provide about the Service may be used by us without compensation or attribution to you.

8. Confidentiality and Data Security

We implement industry-standard security measures to protect your data. However, no system is completely secure. You acknowledge that:

• We encrypt sensitive data in transit and at rest
• Scan results and vulnerability data are treated as confidential
• You are responsible for maintaining the confidentiality of your account credentials
• You should not share sensitive information through unsecured channels

Please review our Privacy Policy for details on how we handle your data.

9. Scanning Risks and Target System Disclaimer

Security scanning inherently involves sending requests to target systems that may cause unintended side effects. By initiating a scan, you accept full responsibility for any consequences to the target system.

You acknowledge and agree that:

• Scans may cause service disruption, performance degradation, or temporary unavailability of target systems
• Scans that interact with forms, APIs, or input fields may create, modify, or delete data on target systems
• Scans may trigger security alerts, rate limits, WAF blocks, or IP bans on target systems
• NeuroStrike AS is not responsible for any damage, data loss, downtime, or other adverse effects caused by scans to any target system, regardless of whether the scan was misconfigured, automated, or initiated by you or on your behalf
• You are solely responsible for configuring scan parameters appropriately, including rate limits, exclusion paths, and scheduling
• You should ensure you have backups of any critical data on target systems before initiating scans

10. AI-Generated Content and No Guarantee of Security

The Service uses artificial intelligence to analyze targets and generate vulnerability reports, remediation guidance, attack chain analyses, and security scores. You acknowledge and agree that:

• AI-generated results are informational only and do not constitute professional security advice, legal advice, or a certified security audit
• AI models may produce false positives (reporting vulnerabilities that do not exist) and false negatives (failing to detect real vulnerabilities)
• A clean scan result or a high security score does not guarantee that your system is secure or free from vulnerabilities
• Remediation guidance may be incomplete, inapplicable to your specific configuration, or incorrect — you should independently verify all recommendations before implementing them
• You should not rely solely on NeuroStrike as your only security testing measure — the Service is intended to supplement, not replace, comprehensive security programs, professional penetration testing, and code review
• NeuroStrike AS is not liable for any breach, data loss, security incident, or other damage arising from reliance on scan results, security scores, or AI-generated recommendations

11. Service Availability

We strive to provide reliable access to the Service, but we do not guarantee any specific level of uptime or availability. The Service may be temporarily unavailable due to:

• Scheduled or emergency maintenance
• Infrastructure failures or third-party service outages
• Security incidents or DDoS attacks
• Force majeure events (see Section 19)

NeuroStrike AS is not liable for any damages, losses, or missed deadlines arising from Service unavailability. Unless you have a separate written Service Level Agreement (SLA) with us, no uptime guarantees apply.

12. Data Loss Disclaimer

While we take reasonable measures to protect your data, you acknowledge that:

• Scan results, reports, and other data stored in the Service may be lost due to system failures, bugs, or other technical issues
• You are responsible for exporting and maintaining your own copies of important scan results and reports
• NeuroStrike AS is not liable for any loss of, or damage to, data stored in the Service, including scan results, vulnerability reports, account configurations, or any other customer data

13. Disclaimer of Warranties

The Service is provided "as is" and "as available" without warranties of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, and completeness of results, to the maximum extent permitted by applicable law.

We do not warrant that:

• The Service will identify all vulnerabilities in your systems
• The Service will be uninterrupted, error-free, or completely secure
• The results, security scores, or recommendations will be accurate, complete, or reliable
• The Service will meet your specific requirements
• Scans will not cause any adverse effects on target systems
• Your systems are secure after receiving a clean scan result

14. Limitation of Liability

To the maximum extent permitted by applicable law, NeuroStrike AS and its affiliates, officers, directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to: lost profits, lost data, business interruption, loss of goodwill, cost of replacement services, or damages arising from security breaches, arising from or related to your use of the Service.

Without limiting the foregoing, NeuroStrike AS shall not be liable for:

• Any damage, disruption, data loss, or downtime caused to target systems by scans initiated through the Service
• Any security breach or incident occurring despite or as a result of your use of the Service or reliance on scan results
• Any actions taken or not taken based on AI-generated recommendations, vulnerability reports, or security scores
• Any claims by third parties (including owners or operators of scanned systems) arising from your scanning activities
• Loss of or damage to data stored in the Service

Our total aggregate liability for any and all claims under these Terms shall not exceed the lesser of: (a) the amount you paid for the Service in the twelve (12) months preceding the claim, or (b) one hundred euros (€100).

Nothing in these Terms excludes or limits liability that cannot be excluded or limited under applicable Norwegian or EU law, including liability for death or personal injury caused by negligence, fraud, or wilful misconduct.

15. Indemnification

You agree to indemnify, defend, and hold harmless NeuroStrike AS and its affiliates, officers, directors, employees, and agents from any and all claims, damages, losses, liabilities, and expenses (including reasonable legal fees) arising from or related to:

• Your use of the Service, including any scans you initiate
• Your violation of these Terms or any applicable policy
• Your unauthorized scanning of third-party systems
• Any damage, disruption, or data loss caused to any target system by scans you initiated or configured
• Any claims by owners, operators, or users of systems you scanned
• Your violation of any applicable laws or regulations
• Any third-party claims arising from your use of scan results, including claims related to false positives or false negatives

16. Account Suspension

We reserve the right to suspend your account access immediately and without prior notice if we reasonably believe that:

• Your account is being used in violation of these Terms, our Acceptable Use Policy, or applicable law
• Your account poses a security risk to the platform or other users
• Fraudulent or unauthorized activity is detected on your account
• You have failed to pay applicable fees after reasonable notice

Upon suspension:

• You will be notified of the suspension and the reason via the email associated with your account
• Your access to the Service will be blocked, but your data will be retained for the duration of the suspension
• You may appeal the suspension by contacting [email protected] within 30 days of the suspension notice
• We will review appeals within 10 business days and notify you of the outcome

Suspension does not relieve you of any payment obligations incurred prior to the suspension.

17. Administrative Access

You acknowledge and agree that authorized NeuroStrike administrators may access your account information, organization data, and usage statistics for the following purposes:

• Platform operation, maintenance, and performance monitoring
• Security monitoring, incident investigation, and fraud prevention
• Billing and subscription management
• Customer support and technical assistance
• Enforcement of these Terms and our policies

All administrative access is subject to strict access controls and is recorded in a comprehensive audit log that includes the administrator identity, action performed, timestamp, and affected resources. These audit logs are retained and may be reviewed periodically for compliance. See our Privacy Policy for more details on how administrative access data is processed.

18. Termination

We may suspend or terminate your access to the Service at any time for:

• Violation of these Terms or our Acceptable Use Policy
• Unauthorized scanning or illegal activity
• Non-payment of fees
• Any other reason with reasonable notice

Upon termination, your right to use the Service ceases immediately. We may retain your data for a reasonable period as required by law or for legitimate business purposes.

19. Force Majeure

Neither party shall be liable for any failure or delay in performing its obligations under these Terms (except payment obligations) where such failure or delay results from circumstances beyond the reasonable control of that party, including but not limited to:

• Natural disasters, epidemics, or pandemics
• War, terrorism, civil unrest, or sanctions
• Government actions, regulations, or embargoes
• Failures of third-party infrastructure, internet service providers, cloud hosting providers, or telecommunications networks
• Power outages or utility failures
• Cyberattacks, including DDoS attacks, against our infrastructure

If a force majeure event continues for more than 90 consecutive days, either party may terminate these Terms by providing written notice to the other party.

20. Governing Law and Disputes

These Terms are governed by and construed in accordance with the laws of Norway, without regard to its conflict of law provisions. Any disputes arising from these Terms or the Service shall be subject to the exclusive jurisdiction of the courts of Oslo, Norway.

For consumers residing in the EEA, this does not affect your rights under mandatory consumer protection laws in your country of residence.

21. Changes to Terms

We may modify these Terms at any time. We will notify you of material changes via email or through the Service at least 30 days before they take effect. Your continued use of the Service after such notice constitutes acceptance of the modified Terms.

22. General Provisions

• Entire Agreement: These Terms, together with our Privacy Policy and Acceptable Use Policy, constitute the entire agreement between you and NeuroStrike AS.
• Severability: If any provision is found unenforceable, the remaining provisions remain in effect.
• Waiver: Failure to enforce any provision does not constitute a waiver of that provision.
• Assignment: You may not assign your rights under these Terms without our consent.

23. Contact Information

For questions about these Terms, please contact us at:

• Email: [email protected]
• Address: NeuroStrike AS, Seljeveien 13, Oslo, Norway