Terms of Service
Last updated · March 30, 2026
The agreement between you and TitanDef when you use our platform — written to be read, not skimmed past.
Acceptance of Terms
These Terms of Service ("Terms") govern your access to and use of the TitanDef cybersecurity risk assessment platform and related services ("Service") operated by TitanDef, Inc. ("TitanDef," "we," "us," or "our").
By creating an account or using the Service, you agree to these Terms on behalf of yourself and, where applicable, the organization you represent ("Customer"). If you do not agree, do not use the Service.
The Service
TitanDef is a multi-tenant SaaS platform that helps organizations understand and manage cybersecurity risk. The Service includes:
- Inherent Risk Questionnaire (IR) — a structured assessment of your organization's cybersecurity exposure profile
- Inherent Exposure Review (IER) — the report generated upon completing the IR, including risk scoring, peer benchmarking, and prioritized recommendations
- External Attack Surface Scan — a passive, non-intrusive scan of your organization's publicly accessible infrastructure, powered by TitanDef's OpenClaw scanning engine
- Control Assessment — a follow-on evaluation of security controls in place, producing residual risk scoring and a remediation roadmap
- Executive Reporting — auto-generated reports suitable for board-level review
- Microsoft 365 Integration — optional connection to your Microsoft 365 tenant via OAuth to surface security posture data
- Peer Benchmarking — comparison of your risk profile against similar organizations using aggregated data including IRS Form 990 filings for nonprofits
Feature availability varies by subscription tier. We may add, modify, or discontinue features at any time with reasonable notice.
Accounts and Access
3.1 Account Registration. You must provide accurate, current information when creating an account. You are responsible for all activity under your account.
3.2 Credentials. Keep your login credentials confidential. Notify us immediately at legal@titandef.com if you suspect unauthorized access.
3.3 Organization Accounts and Roles. The Service supports multiple users per organization with role-based access controls (Admin, Editor, Viewer). Admins are responsible for managing user access within their organization.
3.4 MSSP Access. If you are a Managed Security Service Provider (MSSP) using the Service to manage assessments on behalf of client organizations, you are responsible for ensuring each client organization's acceptance of these Terms prior to initiating any assessment or scan on their behalf. Your access is governed by the MSSP role permissions in the platform.
3.5 Minimum Age. You must be at least 18 years old to use the Service.
Acceptable Use
You agree not to:
- Use the Service for any unlawful purpose
- Attempt to reverse-engineer, decompile, or extract the underlying models, scoring algorithms, or proprietary logic of the platform
- Use automated tools to scrape, harvest, or bulk-export data from the Service
- Share account credentials with individuals outside your authorized organization
- Use the Service to conduct active exploitation or offensive security testing against any systems, including your own
- Represent TitanDef's scan results, risk scores, or reports as certified security audits, penetration tests, or professional security opinions
- Interfere with the security, availability, or integrity of the Service or its infrastructure
Assessment Data and External Scanning
5.1 Your Data. Assessment data you submit — questionnaire responses, organizational details, control information — belongs to you. We process it to deliver the Service. We do not sell your data to third parties.
5.2 External Attack Surface Scans. By providing a domain and initiating a scan, you represent that you have authority over that domain or have obtained permission from the domain owner. Scans are passive and non-intrusive — no credentials, agents, or systems access is required or used. You consent to TitanDef performing these scans on your behalf.
5.3 Third-Party Data Sources. The Service may incorporate publicly available data, including IRS Form 990 data via ProPublica's Nonprofit Explorer API, to support peer benchmarking and financial risk analysis. This data is used in aggregate and as context for your risk profile.
5.4 Microsoft 365 Integration. If you connect a Microsoft 365 tenant, you authorize TitanDef to access security posture data via Microsoft Graph API under the permissions you grant during the OAuth consent flow. Token credentials are encrypted at rest using AES-256-GCM. You can revoke this integration at any time through your account settings.
Informational Nature of Outputs
TitanDef's risk scores, IER reports, scan findings, control assessments, AI-generated breach scenarios, and all other platform outputs are informational only. They do not constitute:
- Professional cybersecurity advice
- A penetration test or security audit
- Legal, compliance, or regulatory advice
- A guarantee of security or breach prevention
- Certification against any compliance framework
No output from the Service should be relied upon as the sole basis for security decisions. We recommend you consult qualified cybersecurity professionals for matters requiring expert judgment.
AI-assisted outputs (including attack scenario narratives and risk summaries) are generated programmatically and may not reflect your complete security posture. Review all outputs critically.
Subscription and Payment
7.1 Pricing Tiers. TitanDef offers a one-time Starter tier and annual subscription tiers (Core, Stewardship). Add-on modules, including Fractional CISO Advisory and Pen Testing as a Service, are available on a retainer basis. Qualified 501(c)(3) nonprofit organizations receive the Starter tier at no charge.
7.2 Payment. You agree to provide accurate billing information. Payment is due at the time of purchase or renewal. We use third-party payment processors and do not store full payment card details.
7.3 Renewals. Annual subscriptions renew automatically unless you cancel before the renewal date. We will notify you before renewal.
7.4 Refunds. The Starter one-time fee is non-refundable except where required by law. For annual subscriptions, contact support@titandef.com within 30 days of your billing date to request a refund. Refund requests after 30 days are evaluated case-by-case.
Cancellation
You may cancel your subscription at any time through your account settings or by emailing support@titandef.com. Cancellation takes effect at the end of your current billing period. We do not prorate partial periods.
Upon cancellation, you retain access through the end of your paid period. After that, your account data is retained for 90 days before deletion, giving you time to export your reports.
Data Security
TitanDef follows SOC 2-aligned security practices. All data is encrypted in transit (TLS) and at rest. We apply role-based access controls and conduct regular security reviews.
No security measure is absolute. We cannot guarantee that unauthorized third parties will never circumvent our safeguards. You accept this inherent limitation when you use any internet-based service.
Intellectual Property
10.1 Our Property. The Service, including its scoring models, assessment frameworks, report templates, OpenClaw scanning engine, and all platform content, is owned by TitanDef, Inc. and protected by applicable intellectual property law. You receive a limited, non-exclusive, non-transferable license to use the Service during your subscription term.
10.2 Your Content. You retain ownership of the data and content you submit. By using the Service, you grant TitanDef a limited license to process your data to deliver and improve the Service.
10.3 Feedback. If you provide feedback or suggestions, we may use them without obligation to you.
Confidentiality
Each party agrees to keep the other's confidential information (including pricing, assessment data, and platform features marked as confidential) private and not to disclose it to third parties without consent, except as required by law.
Limitation of Liability
To the maximum extent permitted by law, TitanDef, Inc. and its officers, directors, employees, and affiliates will not be liable for:
- Any indirect, incidental, special, consequential, or punitive damages
- Loss of data, revenue, profits, or business opportunity
- Any security incident, breach, or loss occurring at your organization, even if TitanDef was informed of the possibility
Our total aggregate liability for any claim arising from the Service is limited to the amount you paid to TitanDef in the 12 months prior to the claim.
Disclaimer of Warranties
The Service is provided "as is" and "as available." We make no warranties, express or implied, including warranties of merchantability, fitness for a particular purpose, or non-infringement. We do not warrant that the Service will be uninterrupted, error-free, or that any specific security outcome will result from using the platform.
Indemnification
You agree to indemnify and hold harmless TitanDef and its affiliates from any claims, damages, or expenses (including reasonable legal fees) arising from your use of the Service, your violation of these Terms, or your violation of any third party's rights.
Governing Law and Disputes
These Terms are governed by the laws of the State of Colorado, United States, without regard to conflict of law principles. Any dispute not resolved through good-faith negotiation will be submitted to binding arbitration in accordance with the American Arbitration Association's rules, unless you opt out in writing within 30 days of first accepting these Terms.
Changes to These Terms
We may update these Terms from time to time. For material changes, we will provide at least 30 days' notice via email or in-app notification. Continued use of the Service after the effective date constitutes acceptance of the updated Terms.
Termination
We may suspend or terminate your access if you breach these Terms, fail to pay, or if continued access creates legal or security risk. We will provide notice where practicable. You may terminate your account at any time per Section 8.
Upon termination, your license to use the Service ends. Sections 6, 9, 10, 12, 13, 14, and 15 survive termination.
Contact
If you have any questions about these Terms of Service, please contact us at:
TitanDef, Inc.
Email: legal@titandef.com

