Terms of Service

Last updated: April 22, 2026

1. Acceptance

By using audit.devforgeapp.com ("the Service"), you agree to these Terms. If you do not agree, do not use the Service.

2. Description of Service

DevForge provides automated AWS security auditing. The Service performs read-only checks against your AWS account and generates a PDF report with security findings and SOC 2 readiness assessment.

3. Your Responsibilities

• You must have authorization to grant read-only access to the AWS account being audited
• You are responsible for deploying and managing the IAM role in your AWS account
• You are responsible for acting on the findings in the report
• You must not use the Service to audit accounts you do not own or have explicit authorization to audit

4. What We Provide

• Automated security checks based on AWS best practices and SOC 2 Trust Service Criteria
• A PDF report delivered via presigned S3 URL and email

5. What We Do Not Provide

• Official SOC 2 certification — this is a readiness assessment only, not a formal audit
• Legal or compliance advice — consult a licensed CPA or compliance professional
• Guarantee of completeness — the Service checks known configurations but cannot detect all possible security issues
• Remediation services — we identify issues but do not fix them

6. Disclaimer of Warranties

The Service is provided "as is" without warranties of any kind. We do not warrant that the Service is error-free, complete, or suitable for any particular purpose. Security audit results are informational only.

7. Limitation of Liability

DevForge shall not be liable for any direct, indirect, incidental, or consequential damages arising from your use of the Service, including but not limited to security breaches, data loss, or failed compliance audits, even if we have been advised of the possibility of such damages.

8. AWS Access and Security

• You grant us temporary, read-only access to your AWS account solely for the purpose of performing the audit
• Temporary credentials expire after 15 minutes and are never stored
• You may revoke access at any time by deleting the CloudFormation stack
• We will not attempt to exceed the permissions granted by the read-only IAM role

9. Acceptable Use

You may not use the Service to:

• Audit AWS accounts you do not own or are not authorized to audit
• Attempt to circumvent the read-only access restrictions
• Resell or redistribute audit reports without authorization
• Use the Service for any unlawful purpose

10. Intellectual Property

The Service, including all check logic, report templates, and code, is the intellectual property of DevForge. Audit reports generated for your account are yours to use.

11. Changes to Terms

We may update these Terms at any time. Continued use of the Service after changes constitutes acceptance of the new Terms.

12. Governing Law

These Terms are governed by applicable law. Any disputes shall be resolved through good-faith negotiation before pursuing legal remedies.

13. Contact

Questions about these Terms? Email us at hello@devforgeapp.com