Atomic Edge Acceptable Use Policy & Security Rules

Acceptable Use Policy

Effective Date: November 8, 2025

This AUP applies to all use of Atomic Edge, including traffic proxied through our reverse-proxy network, dashboards, APIs, security research tools, and support channels. It is incorporated by reference into the Terms of Service.

1. Security & Network Abuse

Do not use the Service (or allow others to use your account/origin) to: (a) launch or route DDoS/DoS, floods, reflection/amplification; (b) host/distribute malware or operate C2; (c) conduct credential stuffing, brute-force, password spraying, or MFA bombing; (d) run malicious scraping/botnets or headless swarms to degrade third parties; (e) operate open resolvers/proxies/relays to anonymize unlawful activity; (f) engage in unauthorized cryptomining; (g) spoof IP/headers or otherwise manipulate routing.

2. Illegal Content & Conduct

Prohibited: CSAM; content inciting violence/terrorism; doxxing/targeted harassment; fraud/phishing/brand impersonation/money laundering/sanctions evasion; infringement (copyright/trademark/trade secret); illegal gambling/unlicensed regulated activity; spyware/stalkerware.

3. Email/Messaging & Anti-Spam

Comply with CASL, CAN-SPAM, and EU ePrivacy/GDPR. No bulk unsolicited messages, purchased lists without documented consent, header spoofing, or deceptive routing. Transactional security notifications permitted.

4. Sanctions, Export & Prohibited Jurisdictions

Do not use the Service in/for sanctioned persons/entities or embargoed jurisdictions. Screen end-users/customers and avoid prohibited end-uses (e.g., weapons development, safety-of-life systems).

5. High-Risk Use

The Service is not designed for safety-critical or high-risk environments (medical devices, aviation, nuclear, life support).

6. Fair Use & Configuration

You control WAF rules, allow/deny lists, rate limits, and TLS. Aggressive settings can block legitimate traffic. You remain responsible for origin security and lawful use. We may throttle/shape/block traffic that degrades our platform or exceeds plan limits.

7. Vulnerability Testing & Safe Harbor

Good-faith testing is allowed only on your own assets behind Atomic Edge. No DDoS/DoS, social engineering, or high-rate scans without coordination. Report findings to security@atomicedge.io with steps to reproduce and impact. If you follow this policy and avoid privacy harm, we will not pursue legal action for testing of your assets. This safe harbor applies only to testing of assets you own or are authorized to assess and does not extend to the use of generated PoC code against third-party systems.

8. Vulnerability Research Tools & Proof-of-Concept Code

The Service may include features that analyze publicly disclosed vulnerabilities (e.g., CVEs) and generate technical output, including proof-of-concept (“PoC”) code, based on differential analysis of vulnerable and patched software versions.

These features are provided solely for security research, educational purposes, and defensive analysis.

You agree that:

(a) You will only use any generated PoC code or technical output in controlled environments or on systems you own or are explicitly authorized to test;

(b) You will not use the Service or its outputs to exploit, access, disrupt, or attempt to compromise any third-party system, network, or application without prior authorization;

(c) You will not use the Service to develop, distribute, or operationalize malware, automated exploitation tools, or attacks against live systems;

(d) You understand that all PoC code is generated for demonstration purposes only and may be incomplete, inaccurate, or unsafe for production use;

(e) You are solely responsible for how you use any output generated by the Service.

The Service does not perform active scanning, targeting, or exploitation of external systems. All analysis is limited to publicly available source code and disclosed vulnerabilities.

We reserve the right to restrict access to these features if they are used in a manner that violates this AUP or applicable law.

9. Enforcement; Reporting; Appeals

We may filter/block traffic, override rules, or suspend/terminate accounts to protect the Service and others, and we may preserve logs and cooperate with lawful requests. Report violations to abuse@atomicedge.io with domains, UTC timestamps, and evidence. You may appeal any enforcement action via abuse@atomicedge.io; restoration may require remediation.