Terms of Service

1. Acceptance

By creating an account or using DefendML's services (the “Service”), you (“Customer”) agree to these Terms of Service (“Terms”). DefendML is a service operated by Sareth Dustin Sovan trading as DefendML (“DefendML”, “we”, “us”).

2. What the Service Does

DefendML provides offensive AI red team testing — adversarial prompts and attack scenarios sent to AI endpoints you (the Customer) own or are authorized to test, with results delivered as audit-grade evidence reports. The Service is pre-deployment testing only. We do not provide runtime monitoring, runtime defense, or any production-traffic interception.

3. Customer Responsibilities

• You must own or have explicit written authorization to test every AI endpoint you submit to DefendML.
• You are responsible for the legality of any data you provide in connection with the Service, including any system prompts, RAG corpora, or test fixtures.
• You will not use the Service to attack systems you do not own or are not authorized to test. Unauthorized testing may expose you to civil and criminal liability under computer-misuse laws (e.g., US CFAA, UK Computer Misuse Act).
• You will not use DefendML's attack library or evidence reports to build a competing red team testing service.

4. Pricing & Payment

Tier pricing (Free, Pilot, Standard, Growth, Enterprise) is published on /pricing and at defendml.ai. Free tier usage is non-billable. Paid Pilot ($2,500), Standard ($4,999), and Growth ($9,999/month) tiers are invoiced upon engagement scope confirmation. Refunds are evaluated case-by-case if a scan was not completed due to DefendML failure.

5. Intellectual Property

DefendML retains all rights to its 415-prompt attack library, swarm-agent architecture, evidence-report templates, and software. Customers receive a non-transferable license to use the evidence reports they generate for internal security and audit purposes, including sharing with their own auditors and regulators.

6. Limitations of the Service

The Service identifies vulnerabilities in your AI endpoint's response to adversarial prompts. It does not guarantee discovery of every possible vulnerability. DefendML does not certify safety, compliance, or fitness for any regulatory framework. Evidence reports describe what attacks succeeded or were blocked during the test window; they are evidence — not certifications.

The Service does not protect against:

• Nation-state level adversaries
• Internal employee misuse or shadow AI usage
• Data governance failures (e.g. employees pasting sensitive data into third-party AI)
• Runtime attacks that occur after deployment

7. Confidentiality

Customer prompts, system prompts, RAG corpora, and evidence report contents are treated as Customer Confidential Information. DefendML will not share this data across tenants, sell it, or use it for model training. We may use anonymized aggregate signal (e.g. category-level success rates) to improve our attack library and detection methods.

8. Service Availability

The Service is provided “as is” and “as available.” We aim for 24-hour PDF delivery on Pilot and Standard scans but make no SLA commitment outside of executed Enterprise agreements.

9. Termination

Either party may terminate this agreement at any time. On termination, we will retain Customer evidence reports for 90 days for audit-trail continuity, then delete them unless Customer requests earlier deletion.

10. Limitation of Liability

To the maximum extent permitted by law, DefendML's total liability under these Terms is limited to the amount Customer paid in the 12 months preceding the claim. We are not liable for indirect, incidental, or consequential damages.

11. Changes

We may update these Terms with material changes posted at this URL. Continued use after a material change constitutes acceptance.

12. Contact

Questions: dsovan2004@gmail.com