SpectraStrike – User Registration & Access Policy

SpectraStrike may operate in:

Self-hosted mode
Enterprise managed deployment
SaaS deployment (future)

This document defines user access principles.

1. Account Eligibility

Users must:

Be 18 years or older
Represent an organization OR
Have documented authorization for security testing

Anonymous offensive usage is prohibited.

2. Organizational Responsibility

If registering on behalf of an organization:

You confirm you are authorized
You accept responsibility for team usage
You ensure lawful deployment

3. Access Control Model

SpectraStrike supports:

Role-Based Access Control (RBAC)
Telemetry-scoped permissions
Orchestrator privilege tiers
Audit logging of user actions

Administrative access must be restricted.

4. Logging & Audit

All user actions may be logged for:

Compliance validation
Detection verification
Security auditing
Forensic review

Logs may include:

Task execution metadata
Correlation decisions
Risk scoring events
Configuration changes

5. Prohibited Registrations

Registration will be denied or revoked if:

False identity information is provided
Platform is used for illegal testing
Infrastructure ownership cannot be verified (enterprise mode)

6. Data Responsibility

Users are responsible for:

Secure storage of credentials
MFA enforcement (recommended)
Protecting API keys
Securing telemetry endpoints

Nyxera Labs does not assume responsibility for credential leakage.

7. Account Termination

Nyxera Labs reserves the right to suspend accounts that:

Violate the EULA
Abuse orchestration features
Attempt platform exploitation
Engage in malicious behavior

SpectraStrike is an engineering-grade orchestration platform. Access implies accountability.