Skip to main content

Terms of Service

Effective Date: January 20, 2025
Previous Version: January 17, 2025

1. Agreement to Terms

By accessing or using the CyberSecFeed API service ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you disagree with any part of these terms, you do not have permission to access the Service.

2. Description of Service

CyberSecFeed provides a comprehensive CVE (Common Vulnerabilities and Exposures) intelligence platform through RESTful APIs. The Service includes:

  • Access to CVE data from multiple authoritative sources
  • Enrichment data including KEV, EPSS, and ACSC information
  • API endpoints for querying and retrieving vulnerability data
  • Usage tracking and quota management

3. API Usage and Restrictions

3.1 API Keys

  • You must use a valid API key for all requests
  • API keys are personal and non-transferable
  • You are responsible for maintaining the confidentiality of your API key
  • Any usage under your API key is your responsibility

3.2 Usage Limits

  • Usage is subject to the quota limits of your subscription plan
  • Free tier includes rate limiting (5 requests/minute)
  • Exceeding quotas will result in request denial until the next billing period

3.3 Prohibited Uses

You may not:

  • Reverse engineer, decompile, or disassemble the Service
  • Use the Service for any unlawful purpose or in violation of any laws
  • Attempt to gain unauthorized access to any portion of the Service
  • Resell, redistribute, or sublicense access to the Service without written permission
  • Use automated systems to create multiple accounts
  • Engage in any activity that interferes with or disrupts the Service
  • Circumvent any rate limiting or quota restrictions
  • Use the Service to create a competing product or service
  • Scrape, harvest, or mass-download data beyond your quota limits
  • Share or publish your API key
  • Use the Service in any manner that could damage our reputation or business

3.4 Security and Abuse Prevention

We reserve the right to:

  • Implement additional security measures at any time
  • Monitor API usage for unusual patterns or potential abuse
  • Temporarily or permanently suspend access for suspected violations
  • Modify rate limits or implement additional restrictions to ensure service quality
  • Require additional verification for high-volume usage

3.5 Compliance and Export Control

You represent and warrant that:

  • You are not located in a country subject to U.S. embargo or designated as a "terrorist supporting" country
  • You are not listed on any U.S. government list of prohibited or restricted parties
  • You will comply with all applicable export and import laws
  • Your use of the Service complies with all applicable laws and regulations

4. Subscriptions and Payment

4.1 Billing

  • Subscription fees are billed monthly in advance
  • All fees are in USD and non-refundable except as required by law
  • Payment processing is handled by Stripe

4.2 Plan Changes

  • You may upgrade or downgrade your plan at any time
  • Upgrades take effect immediately with prorated billing
  • Downgrades take effect at the next billing cycle

4.3 Cancellation

  • You may cancel your subscription at any time
  • Cancellation takes effect at the end of the current billing period
  • No refunds are provided for partial months

5. Data Accuracy and Limitations

5.1 Data Sources

  • CVE data is aggregated from public sources including NVD and MITRE
  • We strive for accuracy but cannot guarantee completeness or real-time updates
  • Data freshness depends on source update frequencies

5.2 Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. TO THE FULLEST EXTENT PERMITTED BY LAW, CYBERSECFEED DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO:

  • IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT
  • WARRANTIES THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR FREE OF HARMFUL COMPONENTS
  • WARRANTIES THAT THE DATA WILL BE ACCURATE, COMPLETE, CURRENT, OR RELIABLE
  • WARRANTIES THAT THE SERVICE WILL MEET YOUR SPECIFIC REQUIREMENTS OR EXPECTATIONS
  • WARRANTIES REGARDING THE SECURITY OF THE SERVICE OR YOUR DATA
  • WARRANTIES THAT DEFECTS OR ERRORS WILL BE CORRECTED

You acknowledge that:

  • The Service relies on third-party data sources that may contain errors or omissions
  • CVE data is subject to delays and may not reflect real-time threats
  • Your use of the Service and any data obtained is at your sole risk
  • CyberSecFeed is not responsible for any damage to your computer systems or data loss resulting from use of the Service

5.3 Service Level Agreement

No service level agreement (SLA) is provided for Free, Plus, or Pro tiers. Enterprise customers may negotiate custom SLAs as part of their agreement.

6. Limitation of Liability

To the maximum extent permitted by law:

  • CyberSecFeed shall not be liable for any indirect, incidental, special, consequential, or punitive damages
  • Our total liability shall not exceed the amount paid by you in the past 12 months
  • These limitations apply regardless of the legal theory under which damages are sought

7. Intellectual Property

7.1 Service Content

  • All Service content, features, and functionality are owned by CyberSecFeed
  • The compilation and presentation of CVE data constitutes our intellectual property
  • Source data remains under the original licenses of NVD, MITRE, and other providers

7.2 Your Rights

  • You retain all rights to any applications or services you build using our API
  • You may cache reasonable amounts of data for performance purposes
  • Attribution to data sources may be required per their respective licenses

8. Indemnification

8.1 Customer Indemnification

You agree to defend, indemnify, and hold harmless CyberSecFeed, its affiliates, and their respective officers, directors, employees, and agents from and against any and all claims, damages, obligations, losses, liabilities, costs, and expenses (including attorney's fees) arising from:

  • Your use of the Service
  • Your violation of these Terms
  • Your violation of any third-party rights, including intellectual property rights
  • Any data, content, or information you submit or use through the Service
  • Your violation of any applicable laws or regulations
  • Any unauthorized access to the Service using your API key

8.2 CyberSecFeed Indemnification

CyberSecFeed will defend, indemnify, and hold harmless you from and against any third-party claims alleging that your authorized use of the Service infringes or misappropriates such third party's intellectual property rights, provided that you:

  • Promptly notify us in writing of the claim
  • Give us sole control of the defense and settlement of the claim
  • Provide reasonable assistance in the defense of the claim
  • Do not admit liability or agree to any settlement without our prior written consent

8.3 Indemnification Exceptions

CyberSecFeed's indemnification obligations do not apply to claims arising from:

  • Your modification of the Service
  • Your combination of the Service with other products or services
  • Your use of the Service after we notify you to stop due to a claim
  • Your use of the Service in violation of these Terms

8.4 Exclusive Remedy

This indemnification is your sole and exclusive remedy for any third-party intellectual property infringement claims.

9. Privacy

Your use of the Service is subject to our Privacy Policy. By using the Service, you consent to our collection and use of information as described in the Privacy Policy.

10. Changes to Terms

We reserve the right to modify these Terms at any time. We will notify users of material changes via email or through the Service. Continued use after changes constitutes acceptance of the new Terms.

11. Termination

We may terminate or suspend your access immediately, without prior notice, for:

  • Breach of these Terms
  • Non-payment of fees
  • Suspected fraudulent, abusive, or illegal activity
  • Upon your request

12. Governing Law

These Terms are governed by the laws of the United States and the State of Delaware, without regard to conflict of law principles. Any disputes shall be resolved in the state or federal courts located in Delaware.

13. Severability

If any provision of these Terms is found to be unenforceable, the remaining provisions shall continue in full force and effect.

14. Force Majeure

Neither party shall be liable for any failure or delay in performance under these Terms due to circumstances beyond its reasonable control, including but not limited to:

  • Acts of God, natural disasters, or severe weather
  • War, terrorism, riots, or civil unrest
  • Government actions, embargoes, or sanctions
  • Labor disputes or strikes
  • Internet service provider failures or network infrastructure issues
  • Cyber attacks, hacking, or malicious activity
  • Pandemic, epidemic, or public health emergencies

The affected party must promptly notify the other party and use reasonable efforts to mitigate the impact of the force majeure event.

15. Additional Terms

15.1 Entire Agreement

These Terms, together with our Privacy Policy, constitute the entire agreement between you and CyberSecFeed regarding the Service and supersede all prior agreements and understandings.

15.2 Assignment

You may not assign or transfer these Terms or your rights under them without our prior written consent. CyberSecFeed may assign these Terms without restriction.

15.3 Waiver

No waiver of any term of these Terms shall be deemed a further or continuing waiver of such term or any other term.

15.4 Notices

All notices must be in writing and sent to [email protected] or to your registered email address.

16. Contact Information

For questions about these Terms, please contact:

CyberSecFeed Support
Email: [email protected]
Website: https://cybersecfeed.com

By using the CyberSecFeed API, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service.