Terms of Service

By accessing the SecureFirst website or engaging our security audit services, you agree to be bound by these Terms of Service ("Terms"). SecureFirst is a service operated by HK Solution (Business Registration: 740-05-03702). If you do not agree to these Terms, do not use our services.

SecureFirst provides AI-powered security audit and penetration testing services for web applications, APIs, databases, and related systems. Our services include: • External security scanning and reconnaissance • Authorized penetration testing • Database security audits • Authentication and authorization review • Payment system security testing • AI/LLM security assessment • Vulnerability remediation assistance • Ongoing security monitoring

Client Authorization Required: All penetration testing and security audits beyond basic external scanning require explicit written authorization from the system owner. Scope Agreement: Before commencing any audit, we will agree on the scope, timeline, and methods in writing. We will not exceed the agreed scope without additional authorization. Legal Compliance: Our testing methods comply with applicable cybersecurity laws. We do not perform any testing that could constitute unauthorized access under Korean or international law.

As a client, you agree to: • Provide accurate information about your systems and the scope of testing • Ensure you have legal authority to authorize testing on the specified systems • Provide necessary access credentials for authorized testing • Not hold us liable for temporary service disruptions during authorized testing • Review and act upon critical findings in a timely manner • Maintain confidentiality of our testing methodologies

Mutual Confidentiality: Both parties agree to maintain confidentiality of all information exchanged during the engagement. Audit Findings: All security findings, vulnerabilities, and technical details discovered during audits are strictly confidential and will not be disclosed to any third party without written consent. Anonymized Case Studies: We may use anonymized, non-identifiable descriptions of findings for marketing purposes (e.g., "A SaaS platform had unprotected database tables"). No company names, URLs, or identifying details will be used without explicit permission. NDA Available: We are happy to sign a Non-Disclosure Agreement (NDA) upon request.

Pricing: Our service fees are as listed on our website or as agreed in a custom proposal. Payment Terms: Payment is due within 14 days of invoice unless otherwise agreed. Free Assessment: Initial assessments are provided free of charge with no obligation to purchase further services. Refund Policy: If we are unable to deliver the agreed report within the specified timeframe, a full refund will be provided.

Best Effort: Security audits are performed on a best-effort basis. While we use advanced tools and methodologies, no security audit can guarantee the discovery of all vulnerabilities. No Guarantee of Security: Our reports represent findings at a point in time. New vulnerabilities may emerge after our audit. Liability Cap: Our total liability for any claim arising from our services shall not exceed the fees paid for the specific engagement giving rise to the claim. Exclusions: We are not liable for: • Damages resulting from client's failure to remediate reported vulnerabilities • Third-party breaches occurring after our audit • Loss of business or data not directly caused by our testing

Client Ownership: All audit reports and findings specific to your systems belong to you. Our Tools: Our testing tools, methodologies, and proprietary analysis techniques remain our intellectual property. Report Use: You may share our reports with your team, board, or regulators. You may not publicly publish our reports without our written consent.

Either party may terminate an engagement: • By mutual written agreement • If the other party breaches these Terms and fails to remedy within 14 days of notice • Immediately if required by law or regulation Upon termination, we will deliver any completed work and securely delete all client data within 30 days.

These Terms are governed by the laws of the Republic of Korea. Any disputes shall first be attempted to be resolved through good-faith negotiation. If negotiation fails, disputes shall be submitted to the jurisdiction of the Daejeon District Court, Republic of Korea.

We reserve the right to modify these Terms at any time. Changes will be posted on this page. Continued use of our services after changes constitutes acceptance of the modified Terms. Material changes will be communicated directly to active clients.

HK Solution Email: hksolution2025@gmail.com Phone: +82 10-5769-4366 Address: 53 Biraeseoro, Daedeok-gu, Daejeon 306, South Korea