By accessing the website at https://penthack.com, you are agreeing to be bound by these terms and conditions, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you shall not use or access this website. The materials contained in this website are protected by applicable copyright and trademark law.
1.1.“Attack”: attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.
1.2.“Cookie”: a set of data that can be transmitted to the User’s browser by the web website connected to by the latter. The web browser stores it for a certain period, depending on the nature of the Cookie, and returns it to the web server each time the User connects to it again. Cookies serve essentially to memorize an identifier that tracks the user’s browsing for statistical purposes.
1.3.“Environment”: A system, network, technology, infrastructure, application, software or other environment communicated and/or made available by a Customer on the Platform, for the purpose of having its security tested.
1.4.“Ethical hacking”: The process of attempting to penetrate a network or computer system and bypass system security, for the purpose of identifying potential security vulnerabilities. Ethical hacking may also entail an attempt to exploit such encountered vulnerabilities, in order to determine to what extent unauthorised access and/or other malicious activities could be possible. Ethical hacking is considered “ethical” because no malicious intentions are available and the ethical hacker discloses found Vulnerabilities to the concerned organisation, so that the organisation could improve its system security.
1.5 “Level of Risk”: magnitude of a risk expressed in terms of the combination of consequences and their likelihood.
1.6.“Penthacker”: An ethical hacker specifically selected to identify vulnerabilities in organizations.
1.7.“Personal data”: in accordance with Article 4 of the General Data Protection Regulation of 27 April 2016 (GDPR), it is any information concerning an identified person or one that can be identified directly or indirectly by an identification number or particulars specific to the said person. To determine where a person is identifiable, one should consider all the means at the disposal of the data controller or anyone else for identifying the said person.
1.8.“Platform”: The dashboard where penthackers submit vulnerabilities identified. It can be found at https://portal.penthack.com
1.9.“Researchers”: independent security researchers (ethical hackers), whether companies or natural persons, willing to offer their services.
1.10“Reward(s)”: means bounties, grants, pay for effort payments, and other financial or non-financial rewards that are awarded to Penthackers participating in an event or program.
1.11.“Submission”: A notification that a Vulnerability was found in (one of) Customer’s Environment(s). Submissions are submitted by Researchers through the Platform and describe the Vulnerability and how it was discovered.
1.12.“Threat”: potential cause of an unwanted incident, which can result in harm to a system or organization
1.13.“Vulnerability”: a bug, defect or a weakness, execution error, an absence of alignment to the most recent state of the art, or any other (technical) error which compromises the security of the information or communication technologies. A vulnerability might lead to an unexpected or unwanted event and might be exploited by malicious third parties, for the purpose of compromising the integrity, availability or confidentiality of a system and/or to cause damage.
1.14.“Risk assessment”: Risk management is the process of identifying, quantifying, and managing the risks that an organisation faces; it is a process aimed to obtain efficient balance between realizing opportunities for gains and minimizing vulnerabilities and losses. As an integral part of management practices and an essential element of good governance, risk management needs to be recurrent seeking to support organisational improvement, performance and decision making.
All Rights Reserved, Penthack is a registered trademark of Penthack LDA, the publisher of the website. The website (including all the accessible information, in particular the texts, photos, images, audio, data and databases) is protected by Intellectual property rights and/or other rights that penthack holds or is authorized to use. The user has no Intellectual property rights to the website or to its content. Any total or partial reproduction of this brand and logo for any reason whatsoever, in particular for advertising purposes, without the prior written consent of the trademark holder is prohibited on pain of legal action.
The user may on no account store, reproduce, represent, modify, transmit, publish or adapt any parts of the website on any medium whatsoever, by any means whatsoever, or use them in any manner whatsoever, without the prior written consent of penthack.
Each party is and remains the owner, as far as they are concerned, of their distinctive marks, namely trademarks, company and other names, trade names, signs and domain names. Reproduction, imitation or partial or total affixing of trademarks and designs and models belonging to penthack is strictly prohibited without its prior written consent.
Users shall not attempt to modify or manipulate pages of the website so as to conceal, misappropriate or modify it. It is also prohibited to create any work or website deriving in full or in part from this website, or to resell or redistribute Penthack’s data.
It is prohibited to: (i) use and/or access the website for any purposes other than those permitted by these Terms and Conditions; (ii) reproduce, modify, adapt or affect the website and/or its content; (iii) create derivative works; (iv) access or try to access the website’s source code using decompiling or reverse engineering techniques or any other means whatsoever; (v) put restricted parts of the website or content at the disposal of third parties.
Users shall not to infringe any legal standard or use the website for illegal purposes, or include any false, incomplete or inaccurate information, virus, Trojan Horse, worm, time bomb or any other program designed to cause damage, have a detrimental effect, intercept or counter any system, data or personal information
The Services may contain links to third party websites or resources. Penthack provides these links only as a convenience and is not responsible for the content, products, or services on or available from those websites or resources or links displayed on such websites. Penhtack has not reviewed all of the websites linked to its own website and is not responsible for the contents of any such linked website. The inclusion of any link does not imply endorsement by Penthack of the website.
Penthack cannot control the content of such external sources, the user recognizes that the publisher assumes no liability regarding the provision of such resources, their content, any collection and transmission of Personal data, installation of cookies or any other processes intended for the same ends. The use of any linked website is at the user’s own risk and discernment. Each customer and penthacker acknowledges sole responsibility for and assumes all risk arising from such use of any third party websites or resources.
The materials on Penthack’s website are provided on an ‘as is’ basis. Penthack makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties including, without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights.
Further, in no event shall Penthack or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption) arising out of the use or inability to use the materials on Penthack’s website, even if Penthack or a authorised representative has been notified orally or in writing of the possibility of such damage.
In the event of a dispute concerning the interpretation, formation, validity or performance of these Terms and Conditions of Use or the use of the website, penthack and its Users expressly recognize that only French law applies.
Failing out-of-court settlement of any dispute concerning the interpretation, formation, validity or performance of these Terms and Conditions of Use and barring an agreement or compromise settlement, penthack and the users assign jurisdiction expressly and exclusively to the courts under the jurisdiction of Portuguese laws notwithstanding multiple respondents or emergency proceedings or claims for third-party contributions or interim measures. If the user fails to fulfil its obligation to try and seek alternative dispute resolution, which is his or her responsibility, Penthack shall not be deemed liable in this respect.