KMayerStartseiteDienstleistungenKontakt

Tool-Nutzungsrichtlinie

Grenzen der öffentlichen passiven Prüfung, gesteuerte authorized_deep-Kontrollen und die Betriebsregeln für die Produktfamilie.

This policy explains what the tool is designed to do, what it refuses to do, how private verification and noindex results are handled und how read-only connector evidence, trusted exports, vendor ecosystem mapping, passive asset inventory, monitoring, history und KMayer-assisted remediation stay governed.

Prüfung startenSo funktioniert esFAQ zu Microsoft-Infrastruktur, Cybersicherheit und IT-Betrieb

Identität and ownership

Provideridentität and output ownership stay explicit so the tool is not mistaken for a separate company or an unrestricted content source.

Provider- und Tool-Identität

Gesteuerte use
  • KMayer is the provider. KMayer Exposure Lens AI is the tool and service family offered by KMayer for passive Bewertung der externen Sicherheitslage, privat verifizierte Ergebnisse und gesteuerte vertiefende Prüfung when eligible.
  • Der Toolname ist nicht als separates Unternehmen, eigenständiger Managed-Service-Provider oder Identität außerhalb von KMayer zu verstehen.

Copyright, IP und Grenze der Ergebnisnutzung

Internal review
  • © 2026 KMayer. Alle Rechte vorbehalten. KMayer owns the tool interface, report layout, scoring logic, summaries und visual presentation.
  • Private outputs are provided for the requesting recipient's internal review and may not be copied, republished, resold, reverse engineered, or used to create a competing service without written permission from KMayer.

Öffentlicher Modus und Sicherheit

The public lane is useful because it stays bounded, passive und verification-aware.

Public lane exclusions

Passive only
  • The public lane allows no brute force, no exploit workflow, no credential attacks, no intrusive testing in the public lane, no private data access und no bypass attempts.
  • Deeper review requires verified ownership, active engagement, approved scope und explicit consent.

Grenzen der öffentlichen passiven Prüfung

Passive only
  • Every anonymous request starts in passive_public and stays limited to public DNS, mail posture, HTTPS, TLS, visible headers, trust files, indexing signals und a tightly capped set of same-host public pages.
  • The public lane is designed to show what matters first in a passive Bewertung der externen Sicherheitslage. It is not presented as a full security assessment or unrestricted discovery workflow.

No exploit behavior, no brute force, no login attempts und no intrusive testing

No exploit behaviorNo brute force
  • No exploit attempts, no exploit workflow, no credential attacks, no credential spraying, no brute-force discovery, no authenticated interaction, no private data access, no bypass attempts, no hidden-path probing und no offensive testing in the public lane.
  • No active internet-wide scanning, no private endpoint guessing, no intrusive testing in the public lane und no following of unrelated third-party estates discovered in page content.

Private Verifizierung und Zugriffsbehandlung

Verified access
  • Die Verifizierungs-E-Mail wird zuerst gesendet und no private result delivery occurs until the intended recipient completes the verification click.
  • Private routes use opaque tokens, verification-aware access controls, safe reuse or expiry behavior und results-ready email delivery only after verification and completion.

Gesteuerte deeper evidence

authorized_deep, connector-backed evidence und trusted export intelligence remain approval-based and non-offensive.

Voraussetzungen für authorized_deep

Gesteuerte deep review
  • authorized_deep requires verified ownership, active engagement, approved scope und explicit consent for the reviewed domain, account, or evidence source.
  • The deeper lane is not anonymously available and it does not replace the passive boundary that applies to public submissions.

Read-only-Connector-Nachweise

Read-only-Nachweise
  • Only read-only connector evidence is permitted und only when the reviewed tenant or domain is approved for that governed workflow.
  • Connector-backed evidence must stay attributable, bounded und tied back to the reviewed account or domain instead of being used as a broad authenticated scanning path.

Trusted exports, quarantine, review und approved-for-parse controls

Approved export
  • Trusted exports and customer-provided artifacts are not parsed on arrival. They enter quarantine first and remain blocked until scanner or manual review plus approved-for-parse controls allow structured extraction.
  • Ablehnened, unapproved, or out-of-scope artifacts do not become active evidence simply because they were uploaded.

Advanced capability boundaries

Advanced output stays evidence-backed and governed instead of turning into unlimited discovery or public leakage.

Vendor-Ökosystem und passives Asset-Inventar boundaries

Passive only
  • Mapping des Anbieterökosystems und passive Asset-Inventur bleiben evidenzgestützt. Sie nutzen zuerst öffentliche Evidenz und können später genehmigte Connector- oder Exportbestätigungen enthalten, wenn der Workflow geeignet ist.
  • These capabilities do not authorize intrusive subdomain brute forcing, internet-wide active probing, or silent conflict collapse when evidence disagrees.

Monitoring, history und noindex private results behavior

Verified accessPrivates noindex
  • Monitoring and history apply only where that continuity is enabled. The system may retain diffs, alerts, audit trails, suppression context und change explanations so recurring behavior stays explainable instead of noisy.
  • Public informational pages may be indexed, but private results stay noindex, noarchive, nofollow und out of sitemap discovery for the verified recipient journey.

Assisted remediation and deeper review boundaries

Gesteuerte deep review
  • The product is designed to show what matters, why it matters und what to fix first. It is not packaged as a full self-serve remediation playbook for every environment.
  • KMayer can help validate findings, review authorized_deep eligibility, interpret approved evidence sources und move the work into assisted remediation planning when the engagement supports it.

What authorized_deep changes for decision quality

Gesteuerte deep review
  • It can improve provenance, ownership confidence, provider alignment und the quality of remediation sequencing when the engagement is eligible.
  • It does not mean anonymous public scans automatically gain private connector, export, or monitoring context.

What remains intentionally governed

Gesteuerte use
  • Private results are decision-ready on purpose, but raw connector internals, unrestricted artifacts und environment-specific workbooks are not exposed as an open blueprint.
  • KMayer-assisted remediation is the path for deeper control validation, sequencing und change planning when the engagement supports it.

Confidentiality and reliance

Private Zustellung, completeness limits und reliance boundaries stay clear before the tool is promoted more broadly.

Confidentiality and private result URLs

Verified accessPrivates noindex
  • Private results are gated, non-indexed und intended for the verified recipient. Do not forward private result URLs to unauthorized parties.
  • KMayer may use submitted details and governed evidence sources to deliver the review, provide follow-up support und maintain quality, audit und security controls around the workflow.

No guarantee of completeness

Gesteuerte use
  • The tool provides an evidence-backed external posture review, not a guarantee that every issue, dependency, exposure path, or control failure has been discovered.
  • Availability, scope, freshness und confidence can vary based on public evidence quality, approved access, third-party permissions und the governed workflow that applies to the review.

Not legal, compliance, penetration-test, or incident-response advice

Gesteuerte use
  • The output is informational and prioritization-oriented. It is not a legal opinion, a formal compliance attestation, a penetration-testing service, or incident-response advice.
  • If you need environment-specific legal review, full compliance interpretation, offensive testing, or incident response, KMayer can help route the work appropriately instead of implying this tool replaces those Dienste.

User responsibility and acceptable use

Internal review

Use the tool only for domains and evidence sources you own, administer, or are authorized to assess, or for legitimate passive informational analysis where that use is appropriate. Do not use it for harassment, competitor surveillance, phishing, impersonation, unlawful monitoring, unauthorized investigation, or any attempt to bypass the gesteuerte authorized_deep-Kontrollen.

Third-party and visual governance

Connector, dependency und future visual-asset use stay governed so the product is not misrepresented.

Third-party Dienste and dependencies

Gesteuerte use
  • Connector outputs are read-only and remain subject to the permissions, terms, availability, rate limits und current configuration of the third-party Dienste involved.
  • KMayer does not promise uninterrupted access to every external API, platform, or provider surface und evidence depth can change when those dependencies change.

Generated or assisted visual assets

Gesteuerte use
  • Any future generated visual asset requires KMayer approval before deployment and must not imply false certifications, fake customers, fake screenshots, or unsupported metrics.
  • Illustrative visuals must stay consistent with the KMayer brand and should be documented with source, prompt, date und approval state where practical.

Kontakt and escalation path

Gesteuerte use
  • Use the Kontakt page or [email protected] when you need clarification on scope, confidentiality, acceptable use, or a KMayer-led follow-up.
  • If the intended use, submitted evidence, or engagement boundary is unclear, pause and confirm with KMayer before relying on the tool outside its stated operating rules.

Safe-Use-Lesart

Lesen Sie diese Ressourcen zusammen mit der Tool-Richtlinie, wenn Sie Grenzen passiver Prüfungen klären.

The policy remains the operating source of truth. These guides add business-readable context for passive exposure and trust signals.

Safe-Use-LesartPassive External Exposure PrüfungUnderstand what passive public-signal review can show and what it cannot claim.Safe-Use-LesartE-Mail and Web Trust SignalsPrüfung SPF, DKIM, DMARC, TLS, HTTPS, headers und visible trust-signal basics.

Kontakt

Nehmen Sie Kontakt mit KMayer auf

Haben Sie Fragen oder benötigen Sie fachkundige IT-Unterstützung? Wir helfen gerne. Ob Managed Dienste, Cybersecurity-Lösungen oder Cloud-Infrastruktur: Unser professionelles Team ist bereit. Lassen Sie uns Ihr Unternehmen mit maßgeschneiderten IT-Lösungen stärken.

Kontaktieren Sie uns heute

KMayer Ltd | European Trade Centre, 7th Kilometer Business District, 1784 Sofia, Bulgaria | +31 10 8998556

© 2026 KMayer Technology Solution. Alle Rechte vorbehalten.

Clutch Icon
Ausgezeichnet für Qualität: 5-Sterne-Bewertung auf Clutch.co
Call Icon
Gebührenfreie Nummer Niederlande: + 31 10 8998556
Email Icon
DE
KMayer - IT Service Provider
Datenschutzerklärung

Our website is committed to protecting your privacy. We collect and process data to enhance your experience, such as recognizing you when you return and understanding how you interact with our content. Your information is used responsibly to ensure that our Dienste remain valuable, secure und tailored to your needs. For a detailed explanation of how we handle and protect your data, please refer to our Datenschutzerklärung