Acceptable Use Policy

Facilitating unauthorized access. Using BreachSpider CVE data or intelligence to plan, prepare, or conduct unauthorized access to any computer system, network, or industrial control system.

Cyberattack planning. Using BreachSpider data to identify targets for cyberattacks, ransomware deployment, or any offensive cyber operation against third parties.

Credential sharing. Sharing account credentials outside your licensed organization or with personnel who do not work for your organization.

Reverse engineering. Attempting to reverse engineer SAGE, BCS scoring methodology, asset matching algorithms, or any proprietary BreachSpider technology.

Data resale or redistribution. Using the API or any platform feature to bulk-export CVE data, enrichment data, or SAGE analysis for resale, redistribution, or to build competing products.

False asset information. Submitting fabricated or intentionally misleading asset information to manipulate CVE matching results or inflate risk scores.

Rate limit circumvention. Attempting to exceed API rate limits through technical means including rotating IP addresses, credential stuffing, or using multiple accounts.

Illegal purposes. Using the platform for any purpose that violates applicable law, including export control laws, sanctions, or computer fraud statutes.

MSSP misuse. MSSP tier customers may not use cross-client visibility features to access data belonging to organizations for whom they do not have a current service agreement.