Terms of Service

Terms of Service

Last Updated April 3, 2026

1. Service Description

Externalsight provides an External Attack Surface Management (EASM) platform. The service maps publicly accessible internet infrastructure, validates DNS and HTTP configurations, and identifies exposed credentials, leaked secrets, and misconfigurations ("The Service").

2. Authorized Use and Compliance

You may solely use The Service to monitor and scan domains, IP addresses, and digital assets that you uniquely own, legally control, or possess explicit, legally binding authorization to assess.

B2B Limitation & Age Restriction: The Service is intended exclusively for Business-to-Business (B2B) usage by cybersecurity professionals, IT operators, and authorized corporate entities. By creating an account, you represent and warrant that you are utilizing the platform on behalf of a business entity and are at least 18 years of age.

By utilizing The Service, you bindingly agree to comply with all applicable local, regional, and international cybersecurity, data protection, and telecommunications laws.

Scanning third-party infrastructure without documented authorization is strictly forbidden, constitutes a material breach of these Terms, and may result in immediate termination of your access and notification of relevant authorities.

3. Prohibited Activities

You agree not to:

  • Utilize The Service for illicit, unauthorized, or malicious purposes.
  • Bypass or tamper with platform rate limits, domain verification requirements, or access controls.
  • Attempt to reverse-engineer The Service or its proprietary deterministic scanning architecture.
  • Use The Service to facilitate distributed denial of service (DDoS) or any intentionally disruptive network activity.

4. Deterministic Scanning Disclaimer

Externalsight utilizes deterministic, explicitly defined network checks and third-party API enrichment to report on security exposures. We do not use Artificial Intelligence or heuristic guessing to formulate vulnerability findings.

You acknowledge that network conditions and third-party intelligence environments are dynamic, and all findings represent a point-in-time snapshot. Externalsight cannot guarantee that conditions observed during a scan remain unchanged afterward.

5. No Guarantee of Complete Security

While Externalsight acts as a vital tool for network visibility, no single platform can identify every conceivable security vulnerability. The Service is intended to supplement, not replace, comprehensive security programs.

We do not warrant that all vulnerabilities will be identified, nor do we guarantee that your environment will be impervious to attack.

6. Limitation of Liability & Indemnification

Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, EXTERNALSIGHT SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, NOR ANY LOSS OF PROFITS, DATA USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, RESULTING FROM (I) YOUR ACCESS TO OR USE OF OR INABILITY TO ACCESS OR USE THE SERVICE; (II) ANY CONDUCT OR CONTENT OF ANY THIRD PARTY; OR (III) UNAUTHORIZED ACCESS TO YOUR SECURE ENVIRONMENT.

Indemnification

You agree to unconditionally indemnify, defend, and hold harmless Externalsight, its affiliates, employees, and operators from and against any claims, damages, liabilities, judgments, and expenses (including reasonable legal fees) arising out of or related to your breach of these Terms. This indemnification explicitly covers any claims resulting from your engagement in unauthorized scanning, assessing infrastructure you do not control, or any negligent or illegal activity performed utilizing the platform.

Force Majeure

Externalsight shall not be held liable for any delay, failure in performance, or service outages resulting directly or indirectly from causes beyond our reasonable control. This includes, but is not limited to, natural disasters, severe internet backbone disruptions, catastrophic failures of third-party infrastructure providers, or unpredictable API rate-limiting enforced by external intelligence providers.

7. Account Responsibilities

You are responsible for safeguarding your authentication credentials and maintaining accurate account and billing information. You must notify us immediately of any suspected unauthorized account access.

8. Billing and Subscriptions

The Service is provided under a subscription model utilizing automated, recurring billing cycles.

  • Payment Obligation: You agree to pay all applicable fees associated with your chosen plan. All payments are securely processed via our integrated third-party payment processors.
  • Suspension: Failure to maintain a valid payment method or settle invoice obligations may result in the immediate suspension of scanning activities and platform access until the outstanding balance is resolved.
  • Refund Policy: All subscription fees and charges are non-refundable. Externalsight does not offer refunds for partial subscription periods or unused scan capacity, except where required by applicable law (including EU consumers' 14-day withdrawal rights under the Distance Selling Directive).

9. Confidentiality

Both parties acknowledge that during the course of operating and utilizing The Service, access to Confidential Information will occur.

  • Definition: Confidential Information explicitly includes your configured target infrastructure, operational logs, account data, resulting security scan data, and all discovered exposure intelligence.
  • Mutual Obligation: Both parties agree to protect this information with the highest degree of care. Externalsight will not disclose your scan results or targets to any third party, except strictly as required by applicable law or valid legal process.

10. Termination Rights

We reserve the right to suspend or terminate your access immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms, specifically regarding the Authorized Use and Compliance requirements.

11. Service Availability

We strive for enterprise-level uptime; however, some public discovery modules depend on internet-accessible data sources and may be affected by rate limits or temporary availability issues with third-party providers.

12. Intellectual Property

The Service, including its original scanning algorithms, features, proprietary discovery methodologies, and UI components, are and will remain the exclusive property of Externalsight and its licensors. As established in our Privacy Policy, you retain all exclusive rights and ownership over your specific scan inputs and generated security data.

13. Governing Law

These Terms shall be governed and construed in accordance with the laws of [Your Jurisdiction], without regard to its conflict of law provisions.

Support & Disputes For account disputes, billing inquiries, or to exercise termination rights, reach our support team.
support@externalsight.com