// terms_of_service

1. Acceptance of Terms

By accessing or using intel.threadlinqs.com (the "Platform"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to all of these Terms, you must not access or use the Platform. These Terms constitute a legally binding agreement between you and Threadlinqs ("we," "us," "our").

2. Eligibility

You must be at least 18 years old to use the Platform. By creating an account, you represent and warrant that you are at least 18 years of age and have the legal capacity to enter into these Terms. If you are using the Platform on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms.

3. Account Terms

• You must provide a valid email address to create an account.
• You are responsible for maintaining the confidentiality of your account credentials.
• You are responsible for all activity that occurs under your account.
• One account per individual is permitted. Automated account creation is prohibited.
• You must notify us immediately of any unauthorized use of your account.
• We reserve the right to refuse, suspend, or terminate accounts at our sole discretion.

4. Subscription Tiers, Billing, and Payment

4a. Tier Structure

The Platform offers multiple subscription tiers with varying levels of access:

• Blue Analyst (Free): Basic threat intelligence access upon email verification
• Red Professional ($4.99/month): Enhanced access including IOC data and detection rules
• Purple SME ($11.99/month): Full access including simulations, C2 intelligence, advanced correlations, and MCP server
• Gold Enterprise (Custom pricing): Full access with additional enterprise features

Feature availability is determined by your active subscription tier. Attempting to bypass tier restrictions through technical means, API manipulation, automated tools, or any other method constitutes a material breach of these Terms and may result in immediate account termination without refund.

4b. Payment Processing

All payment processing is handled by Stripe, Inc. By subscribing to a paid tier, you agree to Stripe's Terms of Service and Privacy Policy. Stripe processes your payment card data directly — we never receive, transmit, or store your full card number. You acknowledge that Stripe is a third-party payment processor and that Threadlinqs is not responsible for Stripe's handling of your payment information.

4c. Automatic Renewal

AUTOMATIC RENEWAL NOTICE: Paid subscriptions automatically renew at the end of each billing cycle (monthly) at the then-current subscription price unless canceled before the renewal date. By subscribing, you authorize recurring charges to your payment method on file. You may cancel your subscription at any time through the Stripe Customer Portal accessible from your Profile page or by contacting contact@threadlinqs.com. Cancellation takes effect at the end of the current billing period — you retain access to paid features until that date.

4d. Refund Policy

Subscription fees are generally non-refundable. However, if you experience a material deficiency in service or were charged in error, you may request a review by contacting contact@threadlinqs.com within 14 days of the charge. Refund determinations are made at our sole discretion. No refunds are issued for partial billing periods after voluntary cancellation.

4e. Free Trials

We may offer free trial periods at our discretion. At the end of a free trial, your subscription will automatically convert to a paid subscription at the stated price unless you cancel before the trial period ends or no payment method is on file. Trial eligibility is limited to one trial per user.

4f. Price Changes

We reserve the right to change subscription prices. Price changes for existing subscribers will take effect at the start of the next billing cycle following at least 30 days' written notice. If you do not agree to a price change, you may cancel your subscription before the new price takes effect.

5. Acceptable Use Policy

The Platform is intended for legitimate cybersecurity research, threat intelligence analysis, detection engineering, and authorized security testing. You agree NOT to:

1. Use the Platform or any content obtained from it for offensive cyber operations against systems, networks, or organizations you are not explicitly authorized to test;
2. Redistribute, resell, or sublicense threat intelligence reports, detection rules, IOC data, or any other Platform content for commercial purposes without prior written consent;
3. Scrape, crawl, or systematically extract Platform content for use in competing products or services;
4. Attempt unauthorized access to the Platform's infrastructure, APIs, databases, or any systems connected to the Platform;
5. Use the Platform to conduct denial-of-service attacks, spam, or any form of abuse;
6. Reverse-engineer, decompile, or disassemble any aspect of the Platform;
7. Share your account credentials with others or operate multiple accounts;
8. Circumvent or attempt to circumvent rate limits, tier restrictions, or access controls;
9. Use the Platform in violation of any applicable local, state, national, or international law or regulation;
10. Upload, transmit, or distribute malicious code to or through the Platform.

6. Threat Intelligence Data Disclaimer

The threat intelligence provided on the Platform — including threat reports, indicators of compromise (IOCs), MITRE ATT&CK mappings, CVE references, threat actor profiles, and related analysis — is derived from publicly available and open-source information. This intelligence is aggregated, processed, and analyzed autonomously.

YOU ACKNOWLEDGE AND AGREE THAT:

1. Threat intelligence data is provided for informational and research purposes only and does not constitute professional cybersecurity advice;
2. The accuracy, completeness, timeliness, and reliability of threat intelligence data cannot be guaranteed;
3. Threat landscapes evolve rapidly and information may become outdated;
4. You are solely responsible for independently verifying any threat intelligence before acting upon it;
5. Threadlinqs is not associated with, endorsed by, or affiliated with any third-party threat intelligence provider, government agency, or law enforcement organization;
6. The presence or absence of specific threats, IOCs, or detection rules on the Platform does not constitute a comprehensive assessment of any organization's security posture;
7. Decisions made based on Platform intelligence are made at your own risk and discretion.

7. Detection Rules Disclaimer

Detection rules provided on the Platform (including but not limited to Splunk SPL queries, Microsoft KQL queries, and Sigma rules) are provided "AS IS" for use in authorized defensive security operations within your own organization or organizations for which you have explicit authorization.

YOU ACKNOWLEDGE AND AGREE THAT:

1. Detection rules may produce false positives or false negatives in your specific environment;
2. Detection rules must be tested, tuned, and validated in your environment before deployment to production systems;
3. Threadlinqs does not warrant that detection rules will identify all instances of a given threat, attack technique, or malicious activity;
4. You are solely responsible for any consequences arising from deploying detection rules in your environment;
5. Detection rules are provided for defensive security purposes only — use for unauthorized surveillance, monitoring of individuals without legal authority, or any purpose that violates applicable law is strictly prohibited.

8. Attack Simulation Disclaimer

The Platform may provide attack simulation scripts, adversary emulation procedures, and security testing commands (collectively, "Simulation Content"). This content is provided exclusively for authorized security testing, red team exercises, purple team operations, and security research within environments you own or have explicit written authorization to test.

WARNING: SIMULATION CONTENT MAY INCLUDE COMMANDS AND SCRIPTS THAT, IF EXECUTED, CAN MODIFY SYSTEM CONFIGURATIONS, CREATE FILES, ESTABLISH NETWORK CONNECTIONS, MANIPULATE PROCESSES, OR OTHERWISE ALTER THE STATE OF COMPUTER SYSTEMS. UNAUTHORIZED USE OF SIMULATION CONTENT AGAINST SYSTEMS YOU DO NOT OWN OR DO NOT HAVE EXPLICIT WRITTEN AUTHORIZATION TO TEST MAY VIOLATE THE COMPUTER FRAUD AND ABUSE ACT (18 U.S.C. § 1030), STATE COMPUTER CRIME LAWS, AND INTERNATIONAL CYBERCRIME LAWS.

BY ACCESSING OR USING SIMULATION CONTENT, YOU REPRESENT AND WARRANT THAT:

1. You have obtained explicit written authorization from the system owner(s) before executing any simulation against any system, network, or application;
2. You will only execute simulations in isolated, authorized testing environments unless you have specific written authorization for production testing;
3. You understand that simulation commands may have real and potentially destructive effects on target systems;
4. You assume all responsibility and liability for any consequences resulting from your use of Simulation Content;
5. You will comply with all applicable federal, state, local, and international laws governing computer security testing;
6. Threadlinqs bears no responsibility for any damage, data loss, service disruption, legal liability, or other consequences arising from your use or misuse of Simulation Content.

THREADLINQS PROVIDES SIMULATION CONTENT FOR EDUCATIONAL AND AUTHORIZED DEFENSIVE SECURITY PURPOSES ONLY. WE DO NOT CONDONE, SUPPORT, OR ENCOURAGE THE USE OF SIMULATION CONTENT FOR UNAUTHORIZED ACCESS, OFFENSIVE CYBER OPERATIONS, OR ANY ILLEGAL ACTIVITY.

9. Intellectual Property

1. Platform Content: All threat intelligence reports, detection rules, analysis, visualizations, user interface designs, and original content created by Threadlinqs are the intellectual property of Threadlinqs and are protected by copyright and other intellectual property laws.
2. Open Source Data: Where Platform content incorporates publicly available information (CVE identifiers, MITRE ATT&CK framework references, public advisories), such information retains its original licensing and attribution. MITRE ATT&CK is a registered trademark of The MITRE Corporation.
3. Detection Rule License: Detection rules may be used internally within your organization for defensive security purposes. Redistribution, resale, or incorporation of detection rules into commercial products or services requires prior written consent.
4. API Output: Data retrieved through the Platform's API is subject to the same intellectual property restrictions as data accessed through the web interface.
5. User Content: You retain ownership of any content you create or upload to the Platform (such as notes or custom configurations). By submitting content, you grant Threadlinqs a non-exclusive, royalty-free license to store and display such content as necessary to provide the Platform services.
6. Feedback: Any suggestions, ideas, or feedback you provide about the Platform may be used by Threadlinqs without restriction or obligation to you.

10. Disclaimer of Warranties

THE PLATFORM AND ALL CONTENT, FEATURES, SERVICES, DATA, DETECTION RULES, INDICATORS OF COMPROMISE, SIMULATION CONTENT, AND THREAT INTELLIGENCE PROVIDED THROUGH THE PLATFORM ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED.

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THREADLINQS DISCLAIMS ALL WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO:

1. IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT;
2. WARRANTIES THAT THE PLATFORM WILL BE UNINTERRUPTED, ERROR-FREE, SECURE, OR FREE FROM VIRUSES OR OTHER HARMFUL COMPONENTS;
3. WARRANTIES REGARDING THE ACCURACY, COMPLETENESS, RELIABILITY, OR TIMELINESS OF THREAT INTELLIGENCE DATA, DETECTION RULES, IOC DATA, OR ANY OTHER CONTENT;
4. WARRANTIES THAT THE PLATFORM WILL MEET YOUR SPECIFIC REQUIREMENTS;
5. WARRANTIES THAT DETECTION RULES WILL DETECT ALL THREATS OR THAT IOC DATA WILL IDENTIFY ALL MALICIOUS ACTIVITY IN YOUR ENVIRONMENT;
6. WARRANTIES THAT THREAT INTELLIGENCE WILL PREVENT SECURITY INCIDENTS OR DATA BREACHES.

YOU ACKNOWLEDGE THAT CYBERSECURITY IS AN INHERENTLY UNCERTAIN DOMAIN AND THAT NO THREAT INTELLIGENCE PLATFORM CAN GUARANTEE COMPLETE PROTECTION AGAINST ALL THREATS.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

1. IN NO EVENT SHALL THREADLINQS, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR AFFILIATES BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO: LOSS OF PROFITS, LOSS OF DATA, LOSS OF BUSINESS, BUSINESS INTERRUPTION, LOSS OF GOODWILL, COST OF PROCUREMENT OF SUBSTITUTE SERVICES, SECURITY BREACHES, UNAUTHORIZED ACCESS TO YOUR SYSTEMS, OR DAMAGES ARISING FROM YOUR USE OR INABILITY TO USE THE PLATFORM, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE) AND EVEN IF THREADLINQS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
2. THREADLINQS'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS OR YOUR USE OF THE PLATFORM SHALL NOT EXCEED THE GREATER OF: (I) THE TOTAL AMOUNT YOU HAVE PAID TO THREADLINQS IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE CLAIM, OR (II) ONE HUNDRED UNITED STATES DOLLARS (USD $100).
3. WITHOUT LIMITING THE FOREGOING, THREADLINQS SHALL HAVE NO LIABILITY FOR: ACTIONS TAKEN OR NOT TAKEN BASED ON THREAT INTELLIGENCE PROVIDED THROUGH THE PLATFORM; SECURITY INCIDENTS, DATA BREACHES, OR CYBER ATTACKS THAT OCCUR DESPITE USE OF THE PLATFORM; DETECTION RULE PERFORMANCE, ACCURACY, OR SUITABILITY IN YOUR SPECIFIC ENVIRONMENT; CONSEQUENCES OF EXECUTING ATTACK SIMULATION SCRIPTS OR COMMANDS; LOSS OR CORRUPTION OF DATA; SERVICE INTERRUPTIONS, OUTAGES, OR DOWNTIME; THIRD-PARTY ACTIONS, INCLUDING ACTIONS BY STRIPE OR CLOUDFLARE.
4. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. IN SUCH JURISDICTIONS, OUR LIABILITY IS LIMITED TO THE MAXIMUM EXTENT PERMITTED BY LAW.

12. Indemnification

You agree to indemnify, defend, and hold harmless Threadlinqs and its officers, directors, employees, agents, and affiliates from and against any and all claims, demands, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or related to:

1. Your use or misuse of the Platform, including any threat intelligence, detection rules, IOC data, or Simulation Content;
2. Your violation of these Terms;
3. Your violation of any applicable law, regulation, or third-party rights;
4. Your execution of attack simulation scripts or security testing commands against any system, network, or application;
5. Any claim by a third party resulting from your use of Platform content;
6. Your failure to obtain proper authorization before conducting security testing using Platform content;
7. Any content you submit to or through the Platform.

This indemnification obligation survives termination of your account and these Terms.

13. Account Termination

1. Termination by You: You may cancel your subscription at any time through the Stripe Customer Portal or by contacting contact@threadlinqs.com. Cancellation takes effect at the end of the current billing period. You may request full account deletion at any time.
2. Termination by Us: We may suspend or terminate your account immediately and without prior notice if we reasonably believe you have violated these Terms, including but not limited to: misuse of Simulation Content, unauthorized redistribution of Platform content, attempts to bypass tier restrictions, or use of the Platform for illegal purposes.
3. Effect of Termination: Upon termination, your right to access the Platform ceases immediately. We are not obligated to retain or provide access to your data after termination, except as required by applicable law. Termination does not relieve you of the obligation to pay any fees owed. Sections that by their nature should survive termination (including Disclaimer of Warranties, Limitation of Liability, Indemnification, and Governing Law) shall survive.
4. No Refund on Termination for Cause: If your account is terminated for violation of these Terms, no refund will be issued for any remaining subscription period.

14. API Terms

Access to the Threadlinqs API is subject to these Terms and any additional API-specific terms. You agree to:

1. Use the API only for purposes consistent with these Terms;
2. Respect rate limits and usage quotas associated with your subscription tier;
3. Not use the API to scrape, mirror, or reproduce the Platform;
4. Include appropriate attribution when displaying Platform data retrieved via the API;
5. Secure your API credentials and not share them with unauthorized parties.

API access may be revoked at any time for violation of these terms or abuse.

15. Governing Law and Dispute Resolution

1. Governing Law: These Terms are governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions.
2. Dispute Resolution: Any dispute arising out of or relating to these Terms shall first be attempted to be resolved through good-faith negotiation. If not resolved within 30 days, the dispute shall be resolved by binding arbitration in accordance with the rules of the American Arbitration Association, conducted in the State of Delaware.
3. CLASS ACTION WAIVER: YOU AND THREADLINQS AGREE THAT ANY DISPUTE RESOLUTION PROCEEDINGS WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION. YOU WAIVE ANY RIGHT TO PARTICIPATE IN A CLASS ACTION LAWSUIT OR CLASS-WIDE ARBITRATION.
4. Small Claims Exception: Notwithstanding the foregoing, either party may bring an individual action in small claims court.
5. Injunctive Relief: Threadlinqs may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent the actual or threatened infringement of intellectual property rights.

16. General Provisions

1. Entire Agreement: These Terms, together with the Privacy Policy, constitute the entire agreement between you and Threadlinqs regarding the Platform.
2. Severability: If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.
3. Waiver: The failure of Threadlinqs to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision.
4. Assignment: You may not assign or transfer your rights under these Terms without our prior written consent. We may assign our rights without restriction.
5. Force Majeure: Threadlinqs shall not be liable for any failure or delay in performance due to causes beyond its reasonable control, including but not limited to natural disasters, acts of war or terrorism, pandemics, power outages, internet service failures, or government actions.
6. Export Compliance: You agree to comply with all applicable export control laws and regulations, including United States Export Administration Regulations and sanctions programs administered by OFAC.
7. Notices: We may provide notices to you via the email address associated with your account or by posting notices on the Platform.
8. Headings: Section headings are for convenience only and have no legal effect.