Trust Center
AI & Automation Disclosure
Privacy Policy
Acceptable Use & Security Policy
Mission Order Framework
Master Services Agreement

CDA.SECURITY, LLC ACCEPTABLE USE & SECURITY POLICY

Version 1.0

Effective Date: 2026-01-01

This Acceptable Use & Security Policy (“AUP”) is incorporated by reference into the CDA.Security, LLC Master Services Agreement (the “Agreement”). It governs the use of all Services provided by CDA.Security. Capitalized terms used but not defined herein have the meanings given in the Agreement.

1. GENERAL CONDUCT

Customer agrees to use the Services only for lawful purposes and in a manner consistent with the intended purpose of the Services as described in the applicable Mission Order.

2. PROHIBITED ACTIONS

Customer may not, and may not authorize any third party to:

2.1. Use the Services to engage in, promote, or support any illegal activity.

2.2. Request that CDA.Security perform Services on any systems, networks, or assets for which Customer does not have explicit, verifiable authorization.

2.3. Provide false or misleading information to CDA.Security regarding its identity, authorization, or the scope of the Services requested.

2.4. Use the Services to probe, scan, or test the vulnerability of any system or network other than those explicitly defined and authorized in a Mission Order.

2.5. Use any information or Deliverables provided by CDA.Security to harm, disrupt, or gain unauthorized access to any third-party system or network.

2.6. Attempt to interfere with or disrupt the integrity or performance of CDA.Security’s own systems, networks, or service delivery infrastructure.

3. CUSTOMER SECURITY RESPONSIBILITIES

Customer is solely responsible for:

3.1. Authorization and Governance. Maintaining internal governance, risk, and compliance policies. Customer retains ultimate responsibility for all decisions and authorizations granted to CDA.Security.

3.2. Access Credentials. Securely managing and protecting all credentials, accounts, and access keys provided to CDA.Security for the performance of Services. Customer must immediately notify CDA.Security of any suspected unauthorized use of such credentials.

3.3. Data Backup. Maintaining appropriate backups of its own data and systems. The Services are not a data backup or disaster recovery solution.

3.4. Environment Safety. Ensuring that the target environment for the Services is sufficiently stable. Customer must inform CDA.Security of any known sensitivities, production-critical systems, or other conditions that could be adversely affected by the performance of the Services. Customer acknowledges that security testing carries inherent risks of service disruption and accepts such risks for all authorized activities.

4. VIOLATIONS

A violation of this AUP may result in the immediate suspension or termination of the Services and the Agreement, at CDA.Security’s sole discretion, without refund. CDA.Security reserves the right to cooperate with legal authorities and third parties in the investigation of any suspected or alleged crime or civil wrong.

Plan your next cybersecurity mission
Start Foundational Recon
Outcome-based cybersecurity,
delivered through missions, not meetings.
[Core]
Home
Pricing
Under Attack?
Mission Library
Company
[Operation Model]
How CDA Operates
Foundational Recon Mission
Cyber Mission
Cyber CAMPAIGN
Cyber War
[Domains]
Domain Overview
DPS
Data Protection & Sovereignty
IAT
Identity, Access, & Trust
RGA
Risk, Governance, & Assurance
SPH
Security Posture & HygienE
TID
Threat Intelligence & Defense
VSD
Vulnerability & Surface Defense
© 2026 CDA.Security, LLC. All rights reserved.
Trust center