Terms of Use
EFFECTIVE DATE
| April, 2025
These Terms of Use (“Terms”) are a binding agreement between you (“you” or “user”) and NULLZEC Inc. (“Company”, “we”, “our”, or “us”). These Terms govern your access to and use of the website located at [www.nullzec.com] (“Site”) and any related products, features, services, software applications (including IsolateX and ShadowMask C2), and other offerings made available by NULLZEC through the Site, whether accessed via desktop, mobile, or other platforms (collectively, the “Services”).
By using the Site and Services, you agree to be bound by these Terms. If you are acting on behalf of an entity (e.g., your employer), you represent and warrant that you are authorized to bind such entity to these Terms.
IF YOU DO NOT AGREE WITH THESE TERMS, YOU MUST NOT USE THE SITE OR ANY SERVICES PROVIDED BY NULLZEC.
1. Use of the Site and Services
Authorized Use
You are granted a limited, revocable, non-transferable license to access and use the Site and Services for cybersecurity awareness, evaluation, procurement, and implementation purposes. Any use must be compliant with applicable laws, regulations, and industry standards related to cybersecurity and data protection.
Prohibited Use
You agree not to:
Use automated tools (bots, scrapers, crawlers) to extract data from our Site or Services.
Reverse-engineer, decompile, or tamper with the binary or source code of our proprietary software (e.g., IsolateX, ShadowMask C2).
Launch denial-of-service attacks or engage in any activity aimed at compromising system availability or integrity.
Attempt unauthorized access to any part of our platform, infrastructure, or customer data.
Exploit vulnerabilities or security misconfigurations in any NULLZEC system.
NULLZEC reserves the right to monitor system logs and audit your usage for cybersecurity assurance, intrusion detection, and compliance monitoring purposes.
Privacy and Data Security
We collect minimal personal and corporate data necessary to deliver secure and functional cybersecurity services. This includes:
Full name, business email address, and contact number.
Job role and department.
Organization name, size, and industry sector.
Metadata such as login timestamps and platform interaction logs.
Your information is encrypted at rest and in transit using TLS 1.3 or higher and stored in compliance with applicable privacy laws such as PIPEDA (Canada), CCPA (California), and GDPR (EU) where applicable.
Our detailed Privacy Policy outlines how data is handled securely, including:
End-to-end encryption practices.
Access controls and audit trails.
Multi-factor authentication for user access.
Data retention and deletion protocols.
Intellectual Property and Security Tools
All technology, platforms, source code, documentation, and threat intelligence solutions offered by NULLZEC, including IsolateX (our browser isolation platform) and ShadowMask C2 (our offensive testing and red-teaming framework), are the intellectual property of NULLZEC Inc. or its licensors.
All content is protected by copyright, trademark, and cybersecurity intellectual property laws. Unauthorized use, replication, or integration of our cybersecurity tools or methodologies is strictly prohibited.
Security advisories, custom detection signatures, exploit emulation techniques, and internal test reports developed by NULLZEC remain our sole property unless explicitly transferred via signed contract.
Security Disclaimer and Limitation of Liability
While NULLZEC makes every effort to secure our Services using industry best practices such as:
Containerized microservices
Role-based access control (RBAC)
Endpoint detection and response (EDR) logging
Threat intelligence correlation
we provide all Services “as-is” and without warranties of uninterrupted protection or total threat elimination.
We cannot guarantee:
Absolute protection from zero-day threats or targeted APTs (Advanced Persistent Threats).
Uninterrupted service in the event of a sophisticated supply chain attack.
That vulnerabilities in third-party integrations will not impact the Services.
TO THE EXTENT PERMITTED BY LAW, OUR MAXIMUM LIABILITY FOR DAMAGES ARISING FROM YOUR USE OF THE SITE OR SERVICES SHALL NOT EXCEED USD $100.
Cybersecurity Product Descriptions
Our solutions include:
IsolateX: A browser isolation system that eliminates web-based threat vectors through containerization, air-gapping, and zero trust access controls.
ShadowMask C2: A red-team Command-and-Control (C2) framework simulating real-world attacks for adversary emulation and breach assessment.
Descriptions, diagrams, and use-case scenarios provided on the Site are for demonstration and evaluation purposes only. Actual product performance may vary based on implementation environment, user policies, network infrastructure, and adversarial sophistication.
Cybersecurity-Induced Indemnification
You agree to indemnify and hold harmless NULLZEC Inc., its directors, officers, affiliates, and security engineers from:
Any liability arising from improper implementation of our cybersecurity solutions.
Misuse of red teaming platforms (e.g., launching offensive tools outside of a legal engagement).
Breaches resulting from your failure to follow documented configuration best practices or incident response procedures.
NULLZEC reserves the right to assume control over defense in any legal matter and approve settlements related to cyber incidents involving misuse or misrepresentation of our tools.
Third-Party Threat Intelligence and Integrations
Our Services may reference or integrate with third-party security feeds, open-source intelligence (OSINT), or tools such as MITRE ATT&CK®, Shodan™, or VirusTotal. NULLZEC does not endorse or control these external resources.
We are not liable for:
Inaccurate or outdated vulnerability signatures from external feeds.
Delays in detection due to third-party dependency.
Exposure caused by unaudited third-party code.
You use such integrations at your own risk, and any usage must comply with their respective licenses and policies.
Amendments to These Terms
Due to the evolving nature of cybersecurity threats, we may revise these Terms periodically to reflect changes in technology, legislation, or internal policy. Material changes will be communicated via:
In-platform notifications
Email notices to registered users
You are responsible for reviewing these Terms periodically. Continued use of the Site or Services after such updates constitutes acceptance of the revised Terms.
Legal Compliance and Governing Law
These Terms are governed by the cybersecurity, privacy, and commercial laws of:
The Province of Ontario, Canada; and
The State of Delaware, United States.
You agree that any dispute or claim will be subject to the exclusive jurisdiction of the courts located in Toronto, Ontario or Wilmington, Delaware.
You are also responsible for complying with export control laws and regulations regarding the use of cybersecurity tools, including the U.S. Export Administration Regulations (EAR).
Contacting NULLZEC
If you have questions or concerns about these Terms or our Services, please contact us at:
NULLZEC Inc
Ontario, Canada & Delaware, United States
Email: [email protected]
Website: www.nullzec.com