Terms of Service

Last updated: April 2, 2026

Summary: Use Aegis to protect your AI agents. Don't use it to attack others. We'll keep your data secure and your service running. If something goes wrong, we'll make it right.

1. Agreement

By using Aegis ("the Platform"), you agree to these terms. If you're using Aegis on behalf of an organization, you represent that you have authority to bind that organization.

2. What Aegis Does

Aegis is a security monitoring and vulnerability assessment platform for AI agents. We provide:

  • Real-time behavioral monitoring of connected AI agents
  • Automated vulnerability scanning aligned with OWASP Agentic Top 10
  • Threat detection and alerting for prompt injection, tool misuse, and other agent-specific attacks
  • Compliance reporting for EU AI Act, NIST AI RMF, ISO 42001, and SOC 2

Aegis is a defensive security tool. It identifies threats — it does not guarantee prevention of all attacks.

3. Your Responsibilities

  • Authorized use only: You may only connect agents and systems you own or have explicit authorization to monitor
  • Account security: You are responsible for maintaining the security of your account credentials
  • Accurate information: You agree to provide accurate account and billing information
  • Compliance: You are responsible for ensuring your use of AI agents complies with applicable laws — Aegis helps you monitor, but does not provide legal advice
  • No offensive use: Aegis scan capabilities must not be used to probe, attack, or exploit systems you do not own

4. Acceptable Use

You may NOT use Aegis to:

  • Scan or monitor AI agents belonging to third parties without authorization
  • Develop offensive attack tools or techniques using our vulnerability data
  • Reverse engineer the Platform's detection algorithms
  • Resell access to the Platform without written agreement
  • Attempt to breach the Platform's own security (report vulnerabilities to security@aegis-security.com instead)

5. Data Ownership

5.1 Your Data

You retain all ownership of your data — agent configurations, scan results, vulnerability reports, and any content you upload. We process your data solely to provide the service.

5.2 Our Platform

Aegis retains ownership of the Platform, its algorithms, detection models, and aggregated threat intelligence. Anonymized, non-identifiable threat patterns derived from platform-wide analysis are our intellectual property.

5.3 Vulnerability Disclosure

If you discover a vulnerability in the Aegis Platform itself, we encourage responsible disclosure. Contact security@aegis-security.com. We will not take legal action against good-faith security research.

6. Service Level

  • Uptime target: 99.9% monthly uptime for the monitoring API
  • Incident response: Critical security incidents acknowledged within 1 hour, status updates every 4 hours
  • Data durability: Scan results and vulnerability data backed up with 99.99% durability
  • Maintenance: Scheduled maintenance announced 48 hours in advance via email and status page

7. Limitation of Liability

Aegis is a security monitoring tool, not a guarantee against all threats. Specifically:

  • We do not guarantee detection of all possible attack vectors — AI agent security is an evolving field
  • Scan results and risk scores are assessments, not certifications
  • Compliance reports assist your compliance efforts but do not constitute legal compliance certification
  • Our total liability is limited to the amount you paid for the service in the 12 months preceding the claim

8. Termination

  • By you: Cancel anytime from your dashboard. Your data is retained for 30 days after cancellation, then permanently deleted.
  • By us: We may suspend accounts that violate these terms. We will provide 7 days notice for non-critical violations. Immediate suspension for violations that threaten other users' security.
  • Data export: You can export all your data before or during the 30-day retention window.

9. Changes

We may update these terms. Material changes are communicated via email 30 days in advance. Continued use after changes take effect constitutes acceptance.

10. Governing Law

These terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions. For EU customers, mandatory consumer protection laws of your jurisdiction apply where they offer greater protection.

11. Contact

Questions about these terms: legal@aegis-security.com

Security concerns: security@aegis-security.com