HomeAcceptable Use Policy

Acceptable Use Policy

Last updated: February 2025

This policy defines acceptable use of the RedCI security scanning platform. All users must comply with these guidelines to maintain a safe and legal testing environment.

Permitted Use

  • Scanning systems you own
  • Scanning systems with documented written authorization
  • Security assessments as part of authorized penetration testing engagements
  • Vulnerability assessments for compliance purposes (PCI-DSS, SOC2, etc.)
  • Bug bounty program participation where explicitly permitted

Prohibited Use

  • Scanning any system without authorization
  • Attempting to bypass ownership verification
  • Denial-of-service attacks or intentional service disruption
  • Scanning critical infrastructure without proper authorization
  • Exfiltrating sensitive data beyond proof-of-concept
  • Using discovered vulnerabilities for malicious purposes
  • Sharing access credentials or verification tokens
  • Automated mass scanning without rate limiting

Enforcement

Violations of this policy will result in immediate account suspension and may be reported to law enforcement. If you become aware of any misuse of the platform, please report it to our abuse contact.