These terms apply to your use of this website, fire-shield.io, and the content published on it. By using the site you agree to them. If you do not agree, the right move is simple: do not use the site. We have kept the legal language to the minimum the subject allows.

1. Who we are

FireShield ("FireShield", "we", "us") operates this website. We provide continuous penetration-testing services powered by our CloudShark engine, testing client environments under explicit written authorization and reporting what we prove. This website exists to explain that service, publish our research, and give you a way to contact us.

2. Using this website

The site is provided for general information about FireShield and our services. Browsing it, downloading a resource, or submitting a contact form does not make you a client, does not create an engagement, and does not authorize any testing activity — in either direction. If you submit information through a form, you agree to provide details that are accurate and that you are entitled to share. How we handle that information is covered by our privacy notice.

3. Assessments are governed by engagement agreements

Nothing on this website is an offer to test any system, a quotation, or a commitment to any scope, timeline, or result. Every assessment we perform is governed by an individually signed engagement agreement — including rules of engagement, a defined and authorized scope, and a non-disclosure agreement — negotiated and executed before any testing begins.

If anything in these website terms conflicts with a signed engagement agreement, the engagement agreement prevails for everything related to that engagement: scope, authorization, confidentiality, data handling, liability, and all commercial terms. These website terms never expand, narrow, or override what the parties signed.

We do not test systems we have not been authorized in writing to test. Descriptions of techniques on this site are explanations of how our service works — they are not an invitation for anyone to apply them to infrastructure they do not own or have permission to assess.

4. Acceptable use of the site

You may not use this website to break the law, and you may not attack the website itself. Specifically, do not:

  • Probe, scan, or test this site for vulnerabilities, or attempt to bypass its security controls, without our written permission.
  • Interfere with the site's availability — including load attacks, automated request flooding, or bulk scraping.
  • Impersonate FireShield, our staff, or another user in any communication with or through the site.
  • Use content from this site to plan or carry out unauthorized access to any system, ours or anyone else's.

We recognize what we do for a living, so we will say it plainly: if you believe you have found a genuine security issue in this site, we want to hear about it through the process described in our security.txt rather than discover it in our logs.

5. Intellectual property

The FireShield and CloudShark names, the flame-and-shield mark, and the text, graphics, reports, and code on this site belong to us or our licensors. You may view the site, and you may download and share our published resources within your organization for internal, non-commercial use, provided you keep them intact and attributed. Republishing our content, or using our names or marks in a way that suggests endorsement or affiliation, requires our written permission first.

Third-party names and marks that appear on this site — including the researcher platforms listed in our footer — belong to their respective owners.

6. No warranties on site content

Content on this site is provided as-is, for information. Our research and guidance reflect what we have observed across our own assessments; your environment is different from every environment we describe, and reading an article is not a security assessment of anything. Nothing here is legal, regulatory, or professional advice, and we do not warrant that the site will be uninterrupted, error-free, or that its content is complete or current at the moment you read it. What we do warrant about an actual assessment lives in the engagement agreement — where it belongs.

7. Limitation of liability

To the fullest extent permitted by law, we are not liable for indirect or consequential losses arising from your use of, or inability to use, this website or its content — including decisions you make based on material published here. Nothing in these terms excludes or limits liability that cannot lawfully be excluded or limited. Liability connected to an assessment is addressed exclusively in the relevant engagement agreement.

8. Changes to these terms

We may update these terms as the site or the law changes. When we do, we will update the effective date at the top of this page; if a change is significant, we will say so prominently on the site. Continuing to use the site after a change takes effect means you accept the updated terms. Signed engagement agreements are unaffected by changes to this page.

9. Contact

Questions about these terms — or anything else — go through our contact page. For security matters concerning this site, use the process in our security.txt. For how we handle personal data, see the privacy notice.