Terms of Service

1. Acceptance of Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("User," "you," or "your") and Prober ("Company," "we," "us," or "our"), governing your access to and use of the Prober platform available at prober.app, including all associated services, applications, tools, and APIs (collectively, the "Service").

By creating an account, accessing, or using any part of the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms, as well as our Privacy Policy, which is incorporated herein by reference. If you do not agree to these Terms in their entirety, you must not access or use the Service.

If you are using the Service on behalf of an organization, company, or other legal entity, you represent and warrant that you have the authority to bind such entity to these Terms. In such cases, "you" and "your" shall refer to both you individually and the entity you represent.

You must be at least eighteen (18) years of age to use the Service. By using the Service, you represent and warrant that you meet this age requirement.

2. Service Description

Prober provides AI-powered security testing and threat intelligence services. The Service consists of the following products:

2.1 Prober Penetration. An automated, AI-orchestrated penetration testing and vulnerability assessment platform. Prober Penetration conducts security testing against targets specified by the User, including but not limited to websites, web applications, APIs, network hosts, and infrastructure. Testing is performed by AI agents operating within isolated containerized environments using industry-standard security tools. Testing tiers range from rapid reconnaissance scans to comprehensive deep-dive assessments.

2.2 Prober Scope. An AI-powered threat intelligence and open-source intelligence (OSINT) research platform. Prober Scope aggregates and analyzes publicly available information to produce intelligence reports for travel safety, corporate travel risk, business expansion analysis, vendor vetting, and merger and acquisition due diligence. Prober Scope is currently in development and may be subject to additional terms upon release.

2.3 Expert Services. Prober offers human-led, expert penetration testing and security consulting engagements performed by qualified security professionals. Expert Services are governed by separate engagement terms as described in Section 13.

3. Authorization and Legal Use

3.1 Authorization Requirement. You represent and warrant that, for each and every target system, host, domain, IP address, application, or network that you submit to Prober for testing, you possess explicit, written authorization to conduct penetration testing and vulnerability assessment activities. This authorization must come from one of the following:

• You are the lawful owner of the target system and possess all rights necessary to authorize security testing;
• You have obtained written permission from the lawful owner of the target system, specifically authorizing automated penetration testing and vulnerability scanning of the type performed by the Service;
• You are an authorized employee, contractor, or agent of the organization that owns the target system, and you have been expressly authorized by an appropriate officer or manager of that organization to conduct or commission security testing; or
• You are operating under a valid, executed contract or statement of work that explicitly authorizes penetration testing of the target system (such as a bug bounty program with terms that permit automated scanning, or a client engagement agreement).

3.2 Proof of Authorization. Prober reserves the right to request proof of authorization at any time before, during, or after a testing engagement. Failure to provide satisfactory evidence of authorization upon request may result in immediate suspension of testing, suspension or termination of your account, and reporting of the activity to appropriate authorities. You agree to maintain records of your authorization and to produce such records promptly upon request.

3.3 Prohibited Targets. You shall not use the Service to test any system for which you lack proper authorization. Without limiting the foregoing, you specifically agree not to use the Service to test:

• Systems owned or operated by third parties without their explicit written consent;
• Government or military systems without proper governmental authorization;
• Critical infrastructure systems (including but not limited to healthcare systems, power grids, water treatment facilities, financial clearinghouses, and emergency services systems) without appropriate authorization and safeguards;
• Systems where testing would violate applicable law, regulation, or contractual obligation;
• Third-party systems discovered through or accessible via an authorized target (lateral movement beyond the authorized scope is prohibited).

3.4 User Responsibility for Legal Compliance. You are solely responsible for ensuring that your use of the Service complies with all applicable federal, state, local, and international laws and regulations, including but not limited to the Computer Fraud and Abuse Act (CFAA), the UK Computer Misuse Act, the EU Directive on Attacks Against Information Systems, and any other applicable cybercrime or computer security legislation. Prober does not provide legal advice and makes no representation that your use of the Service is lawful in any particular jurisdiction.

3.5 Prober's Non-Liability for Unauthorized Testing. Prober acts solely as a tool provider and testing platform. Prober does not independently verify your authorization to test any target. Prober shall have no liability whatsoever arising from or related to unauthorized testing conducted by you or on your behalf. You acknowledge that Prober relies entirely on your representations regarding authorization when conducting testing.

4. Account Terms

4.1 Registration. To use the Service, you must create an account by providing a valid email address and any other information requested during the registration process. You agree to provide accurate, current, and complete information during registration and to update such information as necessary to keep it accurate, current, and complete.

4.2 Account Security. You are responsible for maintaining the confidentiality of your account credentials, including your password and any API keys associated with your account. You agree to notify Prober immediately of any unauthorized use of your account or any other breach of security. Prober shall not be liable for any loss or damage arising from your failure to protect your account credentials.

4.3 Account Activity. You are solely responsible for all activity that occurs under your account, whether or not you authorized such activity. This includes all penetration tests initiated, all targets submitted, and all use of generated reports and data. You agree not to share your account credentials with any third party or allow any third party to access the Service through your account without our prior written consent.

4.4 Account Suspension. We reserve the right to suspend or restrict access to your account if we reasonably believe that your account has been compromised, that you are in violation of these Terms, or that your use of the Service poses a risk to Prober, other users, or third parties. We will make reasonable efforts to notify you of any such suspension, except where doing so would compromise security or violate legal obligations.

5. Testing Scope and Limitations

5.1 Scope of Testing. Prober will test only the targets, systems, and scope that you explicitly authorize through the Service interface. Testing is limited to the domains, IP addresses, URLs, and parameters you specify in your scan configuration. Prober will not intentionally test systems outside the scope you define.

5.2 No Guarantee of Completeness. Penetration testing and vulnerability assessment are inherently limited activities. Prober does not and cannot guarantee that all vulnerabilities, weaknesses, or security issues present in your target systems will be identified. The absence of findings in a report does not mean that the target system is free from vulnerabilities. Testing results represent a point-in-time assessment and may not reflect vulnerabilities introduced before, during, or after the testing period.

5.3 System Performance Impact. You acknowledge and accept that penetration testing may temporarily affect the performance, availability, or stability of the target systems. While Prober's automated testing is designed to minimize disruption, security testing inherently involves sending requests and probes that may cause increased load, trigger security alerts, generate log entries, or in rare cases cause service interruptions. You are solely responsible for:

• Ensuring that testing is conducted during appropriate maintenance windows if system availability is critical;
• Maintaining adequate backups of your systems and data before initiating testing;
• Notifying relevant stakeholders (including hosting providers, managed security service providers, and incident response teams) that authorized security testing will be conducted;
• Configuring allow-lists or exception rules for Prober's testing infrastructure where appropriate.

5.4 Assumption of Risk. You expressly assume all risk associated with the use of the Service to test your systems. This includes, without limitation, the risk of system downtime, data corruption, unintended disclosure of information discovered during testing, and triggering of security monitoring or incident response processes.

5.5 Testing Methodology. Prober's automated testing uses industry-standard tools and techniques, orchestrated by AI agents. Testing may include, but is not limited to, port scanning, service enumeration, web application scanning, directory and file discovery, authentication testing, injection testing, and configuration analysis. Prober does not perform destructive testing (such as denial-of-service attacks) or exfiltrate production data from target systems.

6. Credential Handling

6.1 Purpose of Credentials. For authenticated testing engagements, you may provide Prober with credentials (such as usernames, passwords, API keys, or session tokens) to enable the Service to test areas of your application that require authentication. Credentials are used solely and exclusively for the purpose of conducting the authorized security assessment.

6.2 Encryption and Storage. Credentials you provide are encrypted at rest using industry-standard encryption methods. Credentials are decrypted only within the isolated, ephemeral testing environment during the active testing engagement. Credentials are not stored in plaintext at any point in our infrastructure.

6.3 Credential Deletion. Credentials are automatically and permanently deleted within thirty (30) days following the completion of the testing engagement for which they were provided. The ephemeral testing container in which credentials are used is destroyed immediately upon completion of each scan.

6.4 Limited Use. Prober will not use credentials for any purpose other than conducting the authorized testing engagement. Prober will not share, disclose, or transfer credentials to any third party. Prober personnel do not have access to decrypted credentials under normal operating conditions.

6.5 User Responsibility. You are responsible for providing credentials that are scoped appropriately for the testing engagement. We strongly recommend creating dedicated testing accounts with limited privileges rather than providing production administrator credentials. You are responsible for rotating or revoking credentials after testing is complete.

7. Payment Terms

7.1 Pricing. Prober offers testing engagements at various tiers, with pricing currently ranging from $75 to $3,400 per engagement depending on scope, depth, and target complexity. Current pricing is displayed on the Prober website and within the Service interface. Prober reserves the right to modify pricing at any time, provided that any price changes will not affect engagements already purchased or in progress. We will provide at least thirty (30) days' notice of material pricing changes.

7.2 Payment Processing. All payments are processed through Stripe, Inc. ("Stripe"). By submitting payment information, you authorize Prober and Stripe to charge your designated payment method for the amounts due. You agree to abide by Stripe's terms of service as they relate to payment processing. Prober does not store complete credit card numbers or payment card data on its servers.

7.3 Credits and Balances. Certain purchases may be structured as prepaid credits applied to your account. Credits are non-transferable and may not be redeemed for cash. Unless otherwise stated at the time of purchase, prepaid credits expire thirty (30) days from the date of purchase. Prober will make reasonable efforts to notify you before credits expire.

7.4 Refund Policy. Credits that have not been consumed by a completed scan may be refunded within fourteen (14) days of purchase by contacting support@prober.app. Credits consumed by completed testing engagements are non-refundable, as the testing services have been fully rendered. If a scan fails to complete due to a technical error attributable to Prober (and not to target system unavailability, invalid configuration, or other User-side issues), credits will be automatically refunded to your account. All refund requests are subject to review and Prober's determination at its reasonable discretion.

7.5 Taxes. All fees are exclusive of taxes. You are responsible for all applicable sales, use, value-added, and other taxes arising from your use of the Service, excluding taxes based on Prober's net income.

8. Intellectual Property

8.1 Prober Platform. The Service, including its software, algorithms, AI models, user interface, design, documentation, and all underlying technology, is the exclusive property of Prober and is protected by applicable intellectual property laws, including copyright, trademark, trade secret, and patent laws. These Terms do not grant you any right, title, or interest in the Service except for the limited right to use the Service in accordance with these Terms. You shall not copy, modify, distribute, reverse engineer, decompile, disassemble, or create derivative works from any part of the Service.

8.2 Your Reports and Results. Vulnerability reports, findings, and other output generated by the Service from your testing engagements ("Your Reports") belong to you. You may use, distribute, share, publish, or incorporate Your Reports into your own documentation and security processes without restriction. Prober retains no ownership claim to Your Reports. However, Prober may retain anonymized, aggregated statistical data derived from testing (such as aggregate vulnerability frequency data) that does not identify you, your organization, or your target systems.

8.3 User Content. You retain all ownership rights in content you submit to the Service, including target configurations, scan settings, and any information you provide. By submitting content, you grant Prober a limited, non-exclusive, non-transferable license to use such content solely for the purpose of providing the Service to you.

8.4 Feedback. If you provide suggestions, ideas, or feedback about the Service ("Feedback"), you grant Prober a non-exclusive, royalty-free, perpetual, irrevocable, worldwide license to use, modify, and incorporate such Feedback into the Service without any obligation to you.

9. Data Retention and Deletion

9.1 Test Results. Vulnerability reports and scan results are retained for ninety (90) days from the date of scan completion, after which they are automatically and permanently deleted from our systems. You are responsible for downloading and archiving your reports within this retention period. We recommend downloading reports promptly upon completion.

9.2 Account Data. Your account information, including profile details, scan history metadata, and billing records, is retained for as long as your account remains active. Upon account deletion, your personal data will be deleted within thirty (30) days, except where retention is required by law (e.g., financial records required for tax or accounting purposes may be retained for up to seven years).

9.3 Credential Data. As described in Section 6.3, credentials provided for authenticated testing are permanently deleted within thirty (30) days of engagement completion.

9.4 Deletion Requests. You may request deletion of your data at any time by contacting support@prober.app or through your account settings. We will process deletion requests within thirty (30) days. Certain data may be retained where required by law or legitimate business interests (such as preventing fraud or resolving disputes), and we will inform you of any such exceptions.

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL PROBER, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, OR ASSIGNS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, REVENUE, GOODWILL, DATA, BUSINESS OPPORTUNITIES, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR RELATED TO:

• YOUR USE OF OR INABILITY TO USE THE SERVICE;
• ANY UNAUTHORIZED ACCESS TO, USE OF, OR ALTERATION OF YOUR DATA OR TRANSMISSIONS;
• ANY VULNERABILITIES, SECURITY WEAKNESSES, OR OTHER ISSUES NOT IDENTIFIED BY THE SERVICE;
• ANY DAMAGE, DISRUPTION, OR DATA LOSS TO YOUR SYSTEMS OR THIRD-PARTY SYSTEMS ARISING FROM SECURITY TESTING;
• ANY ERRORS, INACCURACIES, OR OMISSIONS IN SCAN RESULTS, VULNERABILITY REPORTS, OR INTELLIGENCE DATA;
• ANY ACTIONS TAKEN OR DECISIONS MADE BASED ON INFORMATION PROVIDED BY THE SERVICE;
• ANY CLAIMS BY THIRD PARTIES ARISING FROM YOUR USE OF THE SERVICE, INCLUDING CLAIMS FROM TARGET SYSTEM OWNERS;
• ANY INTERRUPTION, SUSPENSION, OR TERMINATION OF THE SERVICE.

IN NO EVENT SHALL PROBER'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS OR YOUR USE OF THE SERVICE EXCEED THE GREATER OF (A) THE AMOUNTS YOU HAVE PAID TO PROBER IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) ONE HUNDRED UNITED STATES DOLLARS ($100.00).

The foregoing limitations shall apply regardless of the legal theory upon which the claim is based, whether in contract, tort (including negligence), strict liability, or otherwise, and even if Prober has been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of certain damages, so the above limitations may not apply to you in full.

11. Disclaimer of Warranties

THE SERVICE IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, PROBER DISCLAIMS ALL WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

Without limiting the foregoing, Prober makes no warranty or representation that:

• The Service will identify all vulnerabilities, weaknesses, or security issues in your systems;
• Your systems are secure after a testing engagement, or that no further vulnerabilities exist;
• The Service will be uninterrupted, timely, secure, or error-free;
• The results obtained from the Service will be accurate, reliable, or complete;
• Any defects in the Service will be corrected;
• The Service will meet your specific requirements or expectations;
• Intelligence data provided through Prober Scope is accurate, current, or complete.

You acknowledge that the nature of security testing means that results are inherently point-in-time assessments. New vulnerabilities may emerge at any time, and previously identified vulnerabilities may be remediated or may evolve. You are solely responsible for maintaining the ongoing security of your systems.

12. Indemnification

You agree to indemnify, defend, and hold harmless Prober and its officers, directors, employees, agents, contractors, affiliates, successors, and assigns (collectively, "Prober Parties") from and against any and all claims, actions, demands, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees and court costs) arising out of or related to:

• Your use of the Service, including any testing engagements initiated through your account;
• Your breach or alleged breach of any provision of these Terms;
• Your violation of any applicable law, regulation, or third-party right;
• Any claim by a third party (including target system owners, hosting providers, or governmental authorities) arising from your unauthorized or allegedly unauthorized testing of systems;
• Any claim that your use of the Service caused damage to a third party or third-party system;
• Any misuse of intelligence data obtained through Prober Scope;
• Any misrepresentation by you regarding your authorization to test target systems.

Prober shall provide you with prompt written notice of any such claim and shall cooperate with you (at your expense) in the defense of such claim. Prober reserves the right to assume the exclusive defense and control of any matter subject to indemnification by you, in which event you agree to cooperate with Prober in asserting any available defenses.

13. Expert Services

13.1 Separate Engagement. Human-led expert penetration testing and security consulting services ("Expert Services") are offered separately from the automated Service. Expert Services are governed by a separate Statement of Work ("SOW") or engagement agreement that will be provided to you prior to the commencement of any Expert Services engagement.

13.2 Scope and Terms. The specific scope, methodology, timeline, deliverables, pricing, and terms applicable to each Expert Services engagement will be defined in the SOW. In the event of any conflict between these Terms and the SOW, the SOW shall control with respect to the Expert Services engagement.

13.3 Authorization Requirements. The authorization requirements set forth in Section 3 of these Terms apply equally to Expert Services. You must provide evidence of proper authorization before Expert Services testing commences.

13.4 General Terms. Unless expressly superseded by the SOW, the general provisions of these Terms (including limitations of liability, indemnification, confidentiality, and dispute resolution) apply to Expert Services.

14. Acceptable Use of Scope Intelligence

14.1 Lawful Purpose. Prober Scope may only be used for lawful purposes, including personal safety research, corporate travel risk assessment, business expansion analysis, vendor due diligence, and merger and acquisition research.

14.2 Prohibited Uses. You shall not use Prober Scope for stalking, harassment, or intimidation of any individual; discrimination based on race, ethnicity, religion, gender, sexual orientation, or any other protected characteristic; any purpose governed by the Fair Credit Reporting Act (FCRA) unless you are in full compliance; any illegal surveillance or investigation; or any purpose that circumvents privacy protections or legal restrictions.

14.3 Data Accuracy. Intelligence produced by Prober Scope is aggregated from publicly available sources. Prober does not guarantee the accuracy, completeness, timeliness, or reliability of this information. You are responsible for independently verifying any information before making decisions based upon it.

15. Termination

15.1 Termination by You. You may terminate your account and these Terms at any time by deleting your account through the Service interface or by contacting support@prober.app. Termination does not entitle you to a refund of any fees already paid for completed engagements.

15.2 Termination by Prober. Prober may suspend or terminate your account and access to the Service at any time, with or without cause, including but not limited to: violation of these Terms; unauthorized testing of systems; suspected fraudulent activity; non-payment; or any conduct that Prober, in its sole discretion, determines is harmful to the Service, other users, or third parties. Where practicable, Prober will provide notice of termination, but immediate termination without notice may occur where necessary to prevent harm.

15.3 Effect of Termination. Upon termination, your right to access and use the Service ceases immediately. You must promptly download any reports or data you wish to retain, as Prober may delete your data in accordance with its data retention policies. Any provisions of these Terms that by their nature should survive termination shall survive, including without limitation Sections 3 (Authorization and Legal Use), 10 (Limitation of Liability), 11 (Disclaimer of Warranties), 12 (Indemnification), and 16 (Governing Law and Dispute Resolution).

16. Governing Law and Dispute Resolution

16.1 Governing Law. These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions.

16.2 Dispute Resolution. Any dispute, controversy, or claim arising out of or relating to these Terms or the Service shall first be submitted to good-faith negotiation between the parties for a period of thirty (30) days. If the dispute cannot be resolved through negotiation, it shall be resolved by binding arbitration administered by the American Arbitration Association ("AAA") in accordance with its Commercial Arbitration Rules, with the arbitration to take place in the State of Delaware. The arbitrator's decision shall be final and binding and may be entered as a judgment in any court of competent jurisdiction.

16.3 Class Action Waiver. You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action. You waive any right to participate in a class action lawsuit or class-wide arbitration against Prober.

16.4 Injunctive Relief. Notwithstanding the foregoing, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation, or violation of intellectual property rights or confidential information.

17. Changes to Terms

Prober reserves the right to modify, amend, or update these Terms at any time at its sole discretion. We will provide notice of material changes by posting the updated Terms on this page and updating the "Last updated" date at the top. For changes that materially affect your rights or obligations, we will make reasonable efforts to notify you by email or through an in-app notification at least fifteen (15) days before the changes take effect. Your continued use of the Service following the posting of revised Terms constitutes your acceptance of such revised Terms. If you do not agree to the revised Terms, you must discontinue use of the Service and close your account.

18. Miscellaneous

18.1 Entire Agreement. These Terms, together with our Privacy Policy and any applicable SOW for Expert Services, constitute the entire agreement between you and Prober regarding the Service and supersede all prior and contemporaneous agreements, proposals, and communications, whether oral or written.

18.2 Severability. If any provision of these Terms is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such provision shall be modified to the minimum extent necessary to make it valid and enforceable, and the remaining provisions shall continue in full force and effect.

18.3 Waiver. The failure of Prober to exercise or enforce any right or provision of these Terms shall not constitute a waiver of such right or provision. Any waiver must be in writing and signed by an authorized representative of Prober.

18.4 Assignment. You may not assign or transfer these Terms or any rights hereunder without Prober's prior written consent. Prober may assign its rights and obligations under these Terms without restriction, including in connection with a merger, acquisition, or sale of assets.

18.5 Force Majeure. Prober shall not be liable for any failure or delay in performance resulting from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemics, war, terrorism, labor disputes, power failures, internet disruptions, or governmental actions.

18.6 Notices. Notices to you may be provided via the email address associated with your account or through in-app notifications. Notices to Prober must be sent to support@prober.app or to the mailing address posted on our website.

19. Contact Information

If you have any questions, concerns, or requests regarding these Terms of Service, please contact us at:

• General inquiries and support: support@prober.app
• Legal matters: legal@prober.app
• Privacy matters: privacy@prober.app
• Security issues: security@prober.app