Last Updated: March 2026
By accessing or using DriftAlarm ("the Service"), you agree to be bound by these Terms of Service, our Privacy Policy, our Acceptable Use Policy, and (if applicable) our Data Processing Agreement. If you are accepting on behalf of an organization, you represent that you have the authority to bind that organization to these Terms. You must be at least 18 years old to use the Service.
DriftAlarm is an AI-enabled External Attack Surface Management (EASM) platform. The Service provides:
Accounts are created through Microsoft Azure AD External ID (CIAM). You are responsible for maintaining the security of your account. You must promptly notify us of any unauthorized access. Account sharing is prohibited.
All fees are non-refundable except as required by law. We reserve the right to modify pricing with 30 days' email notice. Tier feature availability is subject to current platform capabilities. All subscription actions are processed through sales@driftalarm.com.
You represent and warrant that you have authorization to scan all targets (domains, IP addresses, IP ranges) submitted to DriftAlarm. Authorization means: (a) you own the asset, OR (b) you have explicit written permission from the asset owner.
DriftAlarm performs active reconnaissance including DNS enumeration, port scanning, web crawling, vulnerability detection, SSL/TLS testing, and technology fingerprinting. You are solely responsible for ensuring your scanning activities comply with all applicable laws.
DriftAlarm is not responsible for any consequences of scanning unauthorized targets. We reserve the right to suspend scanning for any target if we receive a complaint or have reason to believe scanning is unauthorized.
DriftAlarm uses Anthropic's Claude AI models to provide:
AI-generated content is advisory only and should not be treated as professional security advice. You should verify all AI recommendations before implementing changes. Scan data (findings, technology data, configurations) is sent to Anthropic's API for processing — see our Privacy Policy for details. Anthropic's commercial API does not use customer data for model training.
API keys are available on Standard+ tiers. API keys use a da_live_ prefix and are SHA-256 hashed for storage — the full key is shown only once at creation. You are responsible for the security of your API keys.
API key usage is subject to per-tier rate limits (Standard: 60/min, Pro: 300/min, Enterprise: 600/min). API keys cannot be used for key management operations (CIAM authentication required). DriftAlarm may revoke API keys that are compromised, abused, or used in violation of these Terms. See our Acceptable Use Policy for API usage guidelines.
DriftAlarm automatically detects changes to your attack surface by comparing scan results against established baselines. 34 built-in alarm rules across 7 categories monitor for security-relevant changes. Custom alarm rules are available (Trial: 5, Standard: 10, Pro: 25, Enterprise: unlimited).
Notifications are delivered via your configured channels (email, Slack, webhooks). Notification delivery is provided on a best-effort basis — DriftAlarm does not guarantee delivery of all alerts. You are responsible for configuring and maintaining your notification channels.
See our Privacy Policy for complete data handling details.
DriftAlarm integrates with the following third-party services:
Each service is subject to its own terms and privacy policies. DriftAlarm is not responsible for the availability or accuracy of third-party service data.
The Service, including its software, design, user interface, and documentation, is owned by DriftAlarm and protected by intellectual property laws. You retain ownership of all data you submit for scanning. Scan results, findings, and analysis generated by the Service are licensed to you for your internal use only. You may not reverse engineer, decompile, or create derivative works from the Service.
THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED. DRIFTALARM.AI SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES. OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT PAID FOR THE SERVICE IN THE PRECEDING 12 MONTHS.
DRIFTALARM.AI IS NOT LIABLE FOR: (a) vulnerabilities missed by scanning, (b) false positives or false negatives, (c) consequences of acting on AI recommendations, (d) unauthorized access to your targets resulting from scanning, (e) third-party service interruptions.
You agree to indemnify and hold harmless DriftAlarm from any claims, damages, losses, or expenses arising from:
We may suspend or terminate your access for violation of these Terms or the Acceptable Use Policy. Upon termination: access is revoked immediately, data is deleted per retention policy (within 90 days). You may cancel your subscription by contacting sales@driftalarm.com.
Sections that survive termination: Limitation of Liability, Indemnification, Governing Law.
We may update these Terms from time to time. Material changes will be communicated via email to your registered address and posted on the Service. Continued use after changes constitutes acceptance. We will provide at least 30 days' notice for material changes.
These Terms are governed by the laws of the State of Texas, United States, without regard to conflict of law principles. Any disputes shall be resolved in the courts located in Texas. You agree to submit to the personal jurisdiction of such courts.
For questions about these Terms, contact us at support@driftalarm.com. For sales inquiries, contact sales@driftalarm.com.