Terms of Service

By accessing this website or engaging Abyss Security ("we", "us", "our") for any service, you agree to be bound by these Terms of Service. If you do not agree, please do not use our website or services.

These terms govern the relationship between Abyss Security and any individual or organisation ("Client", "you") that engages our services or submits an enquiry through this website.

Abyss Security provides cybersecurity services including, but not limited to, penetration testing, vulnerability assessments, red team operations, defensive security (SOC), and security integration. The specific scope, deliverables, and timelines for each engagement are defined in a separate Statement of Work (SOW) or service agreement signed by both parties prior to any work commencing.

Services described on this website are for illustrative purposes. Actual service scope is agreed upon individually with each client.

All offensive security engagements, including penetration testing, red team operations, and vulnerability assessments, require explicit written authorisation from the Client before any testing activity begins.

The Client represents and warrants that they have the legal authority to authorise testing of all systems, networks, and applications included in the agreed scope. Abyss Security will not conduct any testing activity without a signed authorisation document in place.

Any testing conducted outside the agreed scope, or without valid written authorisation, is strictly prohibited and not covered by these terms.

All information exchanged between Abyss Security and the Client in the course of an engagement, including findings, reports, architecture details, and credentials, is treated as strictly confidential.

Abyss Security will not disclose Client information to any third party without prior written consent, except where required by law or regulation. This obligation survives the termination of any engagement.

Clients are equally expected to treat Abyss Security methodologies, tooling, and proprietary information as confidential.

All reports, documentation, and written deliverables produced by Abyss Security as part of a paid engagement are the property of the Client upon receipt of full payment.

Abyss Security retains ownership of all pre-existing tools, methodologies, scripts, and frameworks used to conduct engagements. Nothing in these terms transfers ownership of our underlying intellectual property to the Client.

Payment terms are set out in the individual service agreement or invoice. Unless otherwise agreed in writing, invoices are due within 14 days of issuance. Late payments may result in suspension of services.

All prices are exclusive of applicable taxes unless stated otherwise. The Client is responsible for any taxes or duties applicable in their jurisdiction.

Abyss Security will perform all services with reasonable skill and care in accordance with the agreed scope. However, no security assessment can guarantee the identification of every vulnerability or eliminate all risk.

To the maximum extent permitted by applicable law, Abyss Security's total liability to the Client in connection with any engagement shall not exceed the total fees paid by the Client for that specific engagement.

We shall not be liable for any indirect, consequential, incidental, or punitive damages arising from the use of our services or any findings contained in our deliverables.

You agree not to use this website to:

• Submit false or misleading information
• Attempt to probe, scan, or test the website's infrastructure without authorisation
• Violate any applicable local, national, or international law or regulation
• Transmit any unsolicited commercial communications

Either party may terminate an engagement with written notice if the other party materially breaches these terms and fails to remedy the breach within 14 days of written notice.

Abyss Security reserves the right to immediately suspend or terminate services if the Client is found to have provided false authorisation, engaged in fraudulent activity, or directed our services toward systems they do not own or have authority over.

These terms are governed by and construed in accordance with the laws of the Republic of Albania. Any disputes arising under these terms shall be subject to the exclusive jurisdiction of the courts of Albania, without prejudice to either party's right to seek interim relief in any competent jurisdiction.

We may update these terms from time to time. The date at the top of this page reflects the most recent revision. Material changes will be communicated to active clients directly. Continued use of our services after an update constitutes acceptance of the revised terms.

For any questions regarding these terms, contact us at: info@abyss-security.al