← Back to siteThe rules of the road.
Plain-language terms covering how Soreva can be used, what's in scope, and what we don't promise.
Authorized use
You may only add and assess domains you own or have written authorization to test. Soreva will require proof of ownership before any active workspace is provisioned.
Scope of assessment
Soreva performs read-only, passive external checks. See Privacy and Scanner for what that means in practice. Soreva is not a penetration testing service and does not replace one.
Trust Profiles
You control whether a Trust Profile is published and what domain it represents. You can unpublish at any time. Soreva may remove a profile that misrepresents ownership or violates these terms.
Acceptable use
- Do not use Soreva to test third-party assets without authorization.
- Do not attempt to reverse-engineer or interfere with the service.
- Do not republish raw findings in a way that misleads recipients.
No warranty
Soreva provides best-effort external visibility. We do not guarantee that every issue is detected, that every check is current at every moment, or that posture status implies the absence of risk. See Reports for how we communicate change over time.
Contact
Questions about these terms: info@soreva.tech.