Terms of Service

You must be at least eighteen (18) years of age to create an account, purchase a security assessment, enroll in an academy course, or use any diagnostic tool hosted on this platform. By accessing our services, you represent and warrant that you meet this age requirement.

If you are accessing or using our services on behalf of a business, organization, or other legal entity, you represent and warrant that you have full legal authority to bind that entity to these Terms and to authorize the execution of security testing, network scanning, and reconnaissance activities against the assets specified in your engagement scope.

You are solely responsible for maintaining the confidentiality of your account credentials, including your password, authentication tokens, and any JSON Web Tokens (JWTs) issued upon login. You agree not to share your credentials with any third party.

You agree to use our platform only for lawful purposes and to ensure that all data submitted through booking forms, scoping sheets, and diagnostic interfaces contains accurate, non-malicious inputs. Your specific responsibilities include:

• Protecting your local token and credential stores from unauthorized access or lateral leakage.
• Ensuring that automated scripts, API calls, or form submissions originating from your account contain only validated, authorized data.
• Notifying Fortuna_Security immediately upon discovering or suspecting any unauthorized access to your account or token compromise.

Fortuna_Security reserves the right to immediately suspend or permanently terminate account access exhibiting signatures of multi-origin session reuse, brute-force credential attacks, directory enumeration, API fuzzing, or direct violations of platform rate-limit controls.

All Fortuna_Security diagnostic tools — including the device assessment suite, port scanning utilities, and browser fingerprinting modules — are designed exclusively for lawful, ethical security validation. These tools are scoped to operate against your own devices and connections only.

You are explicitly prohibited from using our tools to target, scan, enumerate, or interact with any network, host, cloud instance, or application for which you do not hold a valid, written authorization. Unauthorized scanning may constitute a violation of the Computer Fraud and Abuse Act (18 U.S.C. § 1030), the Electronic Communications Privacy Act, or equivalent applicable law.

Professional security assessments, penetration tests, port sweeps, vulnerability scans, and diagnostic engagements are governed by a separate Statement of Work (SOW) or engagement agreement executed prior to testing. These Terms apply in addition to, not in lieu of, any such engagement agreement.

• Inherent Testing Risks: Active network probing, port scanning, and configuration auditing carry inherent risks including packet saturation, performance degradation, legacy hardware instability, or unexpected service interruption on misconfigured target nodes. You accept these risks and maintain sole responsibility for offline data backups and business continuity during any testing window.
• No Absolute Security Guarantee: Security assessments are designed to identify exposure within the scope, time window, and access parameters of the engagement. Fortuna_Security makes no warranty, express or implied, that any evaluated system will remain impervious to zero-day exploits, advanced persistent threats, or post-assessment compromises arising from unrelated vectors.
• Remediation Responsibility: Delivery of an assessment report does not transfer operational ownership of remediation. The client retains full responsibility for patch deployment, firewall configuration, credential rotation, and compliance alignment following the receipt of findings.
• Scope Limitation: Testing is restricted strictly to assets explicitly identified in the engagement scope. Any out-of-scope systems contacted during testing — whether through misconfiguration, third-party dependencies, or routing errors — must be reported immediately and testing ceased pending written scope expansion approval.

Course materials, demonstration files, code frameworks, capture-the-flag exercises, and lab architectures deployed through the Fortuna_Security Academy are provided exclusively for educational research, student training, and authorized personal skill development.

As a student, you agree to the following conduct requirements:

• You will not extract, convert, or deploy exploit scripts, scanning methods, payload templates, or custom tools encountered inside academy lab environments for unauthorized use against production systems, public targets, or third-party infrastructure.
• You understand that student terminal behaviors, command sequences, and lab interactions may be reviewed by Fortuna_Security instructors to maintain academic integrity and legal compliance.
• You will not share, redistribute, or commercially exploit course content, lab credentials, flag solutions, or instructional materials without explicit written permission from Fortuna_Security.
• Violation of these conduct requirements may result in immediate course termination, account suspension, and forfeiture of any paid enrollment fees without refund.

All source code, interface components, testing workflows, reporting methodologies, course content, instructional materials, brand assets, and custom tooling remain the exclusive intellectual property of Fortuna_Security LLC, protected under applicable copyright, trade secret, and intellectual property law.

The following are expressly prohibited without prior written corporate authorization:

• Repackaging, mirroring, or distributing platform content via unauthorized repositories or third-party channels.
• White-labeling or reselling diagnostic summaries, assessment reports, or course materials.
• Commercial exploitation of instructional modules, lab frameworks, or methodology documentation.
• Reverse engineering any platform component, proprietary scanning utility, or automated analysis module.

Technical reports, asset inventories, vulnerability parameters, exploitation evidence, and remediation blueprints generated through Fortuna_Security engagements contain sensitive configuration details about your infrastructure. These deliverables are classified as confidential.

You agree to:

• Restrict access to assessment deliverables to authorized technical and executive personnel only.
• Not disclose, publish, or transmit assessment findings to unauthorized parties, competitors, or public channels.
• Apply appropriate access controls to all digital and physical copies of delivered reports.
• Notify Fortuna_Security promptly if any assessment deliverable is lost, stolen, or improperly disclosed.

Fortuna_Security maintains corresponding confidentiality obligations with respect to client data and will not disclose client vulnerability findings to third parties except as required by law or with explicit written client consent.

Certain platform features — including the device assessment suite, browser fingerprinting tool, and DNS leak detection — rely on automated heuristic analysis and programmatic parsing. You acknowledge that automated outputs may include false positives, false negatives, or contextual inaccuracies resulting from network conditions, browser configurations, or tool limitations.

Automated diagnostic summaries represent dynamic awareness data and must not serve as the sole basis for infrastructure risk classification, formal compliance assertions, or legal proceedings without independent validation by a qualified security professional.

Either party may terminate an active service engagement or account relationship with written notice. Fortuna_Security reserves the right to immediately suspend or terminate your account and access to all platform services, without prior notice, for any of the following:

• Violation of any provision of these Terms.
• Unauthorized scanning, credential abuse, or access to restricted platform areas.
• Engagement in fraudulent, abusive, or unlawful activity through the platform.
• Failure to maintain payment obligations for enrolled courses or booked assessments.
• Actions that, in Fortuna_Security's reasonable judgment, pose a security or legal risk to the platform, its users, or third parties.

Upon termination, your right to access the platform ceases immediately. Sections 6 (Intellectual Property), 7 (Confidentiality), 9 (Disclaimers & Liability), and 11 (Dispute Resolution) survive termination and remain in full effect.

These Terms are governed by and construed in accordance with the laws of the State of Texas, United States of America, without regard to conflict of law principles.

Before initiating any formal dispute, you agree to contact Fortuna_Security in writing and attempt good-faith resolution within thirty (30) days of providing notice. If the dispute cannot be resolved informally, the parties agree to binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules, conducted in English in Travis County, Texas.

Nothing in this section shall prevent Fortuna_Security from seeking emergency injunctive or equitable relief in a court of competent jurisdiction where necessary to protect its intellectual property, confidential information, or platform security.

Fortuna_Security reserves the right to modify these Terms at any time. When material changes are made, we will update the "Last Revised" date at the top of this document and, where feasible, notify registered users by email or platform notification at least fourteen (14) days prior to the effective date of such changes.

Your continued use of the platform following the effective date of any modification constitutes your acceptance of the revised Terms. If you do not agree to the modified Terms, you must discontinue use of the platform and may request account closure by contacting us at legal@fortunasecurity.com.

If any provision of these Terms is found by a court of competent jurisdiction to be invalid, illegal, or unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, and the validity and enforceability of the remaining provisions shall not be affected.