Legal

Terms of Service

Last updated: April 3, 2026

Acceptance of Terms

By accessing and using the Cyber Secify Consulting Pvt Ltd ("Cyber Secify", "we", "us", or "our") website (cybersecify.com) and our services, you agree to be bound by these Terms of Service. If you do not agree to these terms, please do not use our website or services.

Services

Cyber Secify provides penetration testing, security consulting, cyber threat intelligence, and compliance readiness services. All services are provided under separate engagement agreements that define the scope, timeline, deliverables, and terms specific to each project.

Service Delivery Terms

The following terms apply to standard service engagements unless otherwise specified in a signed engagement agreement:

  • Penetration test reports are delivered within 7 to 10 calendar days per scope from the conclusion of active testing.
  • Retests are included at no additional cost if requested within 30 days of the initial report delivery date.
  • Security on Demand (4-hour consultation) is 100% refundable if the client chooses not to continue with a follow-on engagement. If the client proceeds, the full fee (INR 9,999) is adjusted against the cost of the follow-on engagement.
  • Security Retainer (10-hour engagement) has a 30-day validity period from the date of purchase, with one complimentary 30-day extension available upon request. Security Retainer fees are non-refundable.
  • All prices displayed on the website are in Indian Rupees (INR) and exclude applicable taxes (GST or other duties). Tax will be added at the time of invoicing as required by law.

Payment Terms

Unless otherwise specified in a signed engagement agreement, the following payment terms apply:

  • Security on Demand (INR 9,999): Full payment is due before the session. Payment is accepted via UPI or bank transfer (NEFT/RTGS).
  • Security Retainer (INR 24,999): Full payment is due before work begins. Payment is accepted via UPI or bank transfer (NEFT/RTGS).
  • Penetration Testing (Startup & Growth plans): 50% of the engagement fee is due before testing begins. The remaining 50% is due upon delivery of the final report. Payment is accepted via bank transfer (NEFT/RTGS).
  • Audit & Compliance (one-time engagements): 50% of the engagement fee is due before work begins. The remaining 50% is due upon delivery. Payment is accepted via bank transfer (NEFT/RTGS).
  • Cyber Threat Intelligence (one-time engagements): 50% of the engagement fee is due before work begins. The remaining 50% is due upon delivery. Payment is accepted via bank transfer (NEFT/RTGS).
  • Cyber Threat Intelligence (continuous monitoring): Invoiced monthly at the end of each calendar month. Payment is due within 15 days of invoice date via UPI or bank transfer (NEFT/RTGS).
  • Fractional Security (consulting engagements): Invoiced monthly at the end of each calendar month for work delivered during that month. Payment is due within 15 days of invoice date via UPI or bank transfer (NEFT/RTGS).

OpenEASD / Free Security Snapshot

OpenEASD is a free external attack surface discovery tool offered by Cyber Secify. By submitting a domain for scanning, you agree to the following terms in addition to these general Terms of Service:

  • Authorization. You represent and warrant that you are authorized to request a scan of the domain you submit. Submitting a domain you do not own or have authority over is prohibited and may result in your request being declined.
  • External, non-intrusive reconnaissance only. OpenEASD scans are conducted externally and do not attempt to exploit vulnerabilities, access internal systems, or modify any data. Scans may involve connecting to publicly accessible services (such as checking open ports, SSL certificates, and HTTP headers) but do not perform any intrusive testing.
  • No liability for findings. Cyber Secify is not liable for the findings contained in any OpenEASD report, nor for any actions you or any third party take (or fail to take) based on those findings. The report is provided "as is" for informational purposes.
  • Scan frequency limit. Free scans are limited to one scan per domain per 30-day period. Duplicate or excessive requests may be declined.
  • Right to refuse. We reserve the right to refuse, delay, or cancel any scan request at our sole discretion, without providing a reason.
  • Report confidentiality. The OpenEASD report is intended solely for the authorized recipient. You agree not to share, publish, or distribute the report publicly. Sharing findings internally within your organization for remediation purposes is permitted.
  • Anonymized data use. We may use anonymized, aggregated data from scans for research, trend analysis, benchmarking, and improving our services. No personally identifiable information or domain-specific details will be disclosed in such use.

Website Content Disclaimer

The content on this website, including blog posts, articles, guides, pricing information, comparison tables, and technical descriptions, is provided for informational purposes only and does not constitute professional security advice, legal advice, or a guarantee of any outcome. While we make reasonable efforts to ensure accuracy, we do not warrant that all content is complete, current, or error-free.

Blog posts and articles may contain general security guidance that may not be applicable to your specific environment, technology stack, or regulatory requirements. You should not rely solely on website content to make security decisions. Always consult with a qualified professional for advice tailored to your situation.

Pricing information displayed on the website represents entry-level pricing and is subject to change. Final engagement pricing is determined based on scope, complexity, and requirements discussed during consultation.

Use of Automated Tools

Cyber Secify uses automated tools, proprietary scripts, and industry-standard scanning utilities as part of our security assessment methodology. These tools assist with reconnaissance, vulnerability discovery, and data analysis. All findings are manually verified, validated, and documented by our certified security professionals before inclusion in any client deliverable.

Website content, including blog articles and guides, may be assisted by automated tools and is reviewed and edited by our team before publication.

Sample Report Disclaimer

The sample penetration test report available on our website (at /sample-report) is provided for illustrative purposes only. It uses entirely fictional data, including fabricated company names, domains, IP addresses, and vulnerability findings. Any resemblance to real organizations or systems is coincidental.

Actual report content, structure, depth, and findings will vary based on the specific engagement scope, target environment, testing methodology, and vulnerabilities discovered during the assessment. The sample report should not be used as a benchmark for the volume or severity of findings in any real engagement.

No Guarantee of Security

Penetration testing and security assessments are best-effort, point-in-time evaluations based on the scope, access, and information available during the engagement period. A completed penetration test or security assessment does not guarantee that your systems are free from all vulnerabilities, nor does it guarantee that your systems will not be breached in the future.

Security is an ongoing process. New vulnerabilities, attack techniques, and threat actors emerge continuously. Our assessments reflect the state of your systems at the time of testing and cannot account for changes made after the engagement, zero-day vulnerabilities, or threats outside the defined scope.

Cyber Secify shall not be held liable for any security incident, data breach, or loss that occurs after or outside the scope of our engagement.

Scope of Testing

All penetration testing activities are performed only on systems explicitly authorized by the client within a signed scope agreement. We do not test systems without proper written authorization. Clients are responsible for ensuring they have the legal right to authorize testing on the specified systems.

Penetration testing engagements include a Brand Protection Snapshot as part of the reconnaissance phase. This involves external, non-intrusive checks on publicly available information related to the client's brand, including domain typosquatting, leaked credentials, code repository exposure, fake application detection, and social media impersonation. These checks use only publicly accessible sources and do not access private systems or data.

Confidentiality

We treat all client information, including vulnerability findings and assessment reports, as strictly confidential. We will not disclose any information to third parties without your explicit written consent, except as required by law.

Limitation of Liability

While we exercise professional care in performing our services, penetration testing inherently involves testing security controls and may occasionally cause disruptions. To the maximum extent permitted by applicable law:

  • Cyber Secify shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from our services, website content, or any information provided by us.
  • Our total liability for any claim arising from an engagement shall not exceed the fees paid by the client for that specific engagement.
  • We are not liable for damages resulting from the client's failure to implement recommended remediation measures.
  • We are not liable for any loss or damage caused by reliance on information published on our website, blog, or social media channels.

Indemnification

You agree to indemnify, defend, and hold harmless Cyber Secify, its founders, employees, and contractors from any claims, damages, losses, or expenses (including legal fees) arising from: (a) your misuse of our reports, findings, or deliverables; (b) your failure to maintain adequate security controls after our engagement; (c) your provision of inaccurate information about systems in scope; or (d) any unauthorized use of our testing methodologies, tools, or techniques disclosed during an engagement.

Intellectual Property

All content on this website, including text, graphics, logos, and design elements, is the property of Cyber Secify and protected by applicable intellectual property laws. You may not reproduce, distribute, or create derivative works without our express written permission.

Client Obligations

Clients engaging our services agree to provide accurate information about the systems to be tested, ensure proper authorization for all in-scope systems, notify us of any changes to the testing scope or schedule, and not use our reports or findings for any unlawful purpose.

Report Ownership and Usage

Upon completion of an engagement and receipt of full payment, clients receive an exclusive, non-transferable license to use the assessment report and its findings for internal security purposes, compliance audits, and remediation. Clients may share the report with their auditors, investors, or legal counsel on a need-to-know basis.

Clients may not publish, publicly distribute, or share the report with competitors or unauthorized third parties without our written consent. We retain the right to reference the engagement (without disclosing confidential details) for our portfolio, unless otherwise agreed in writing.

Third-Party Tools and Services

Our website may contain links to third-party tools, resources, and services. We do not endorse, guarantee, or assume responsibility for the accuracy, reliability, or safety of any third-party content. Your use of third-party tools and services is at your own risk and subject to those parties' terms and conditions.

Engagement Cancellation

If a client cancels an engagement after the advance payment has been made but before testing begins, Cyber Secify will refund the advance minus any costs already incurred for scoping, scheduling, or preparation. If testing has already begun, no refund is provided for work completed, but the client will not be billed for the remaining balance unless deliverables are provided.

If Cyber Secify is unable to deliver due to circumstances beyond our reasonable control (including but not limited to natural disasters, internet outages, government actions, or client-side access issues), timelines will be extended accordingly. If delivery becomes impossible, we will refund any fees paid for undelivered work.

Price Lock

Once a client accepts a proposal and pays the required advance, the quoted price is locked for that engagement. Price changes on the website do not affect active or paid engagements.

Governing Law and Dispute Resolution

These terms shall be governed by and construed in accordance with the laws of India. Any disputes arising from these terms or our services shall be resolved through good-faith negotiation. If negotiation fails, disputes shall be subject to the exclusive jurisdiction of courts in Bengaluru, Karnataka, India.

Modifications

We reserve the right to modify these Terms of Service at any time. Changes become effective upon posting to this page. Continued use of our website or services after modifications constitutes acceptance of the updated terms.

Contact

For questions about these Terms of Service, please contact us at:

Email: contact@cybersecify.com
Address: Bengaluru, Karnataka, India