Product-Specific Service Terms

Status labels and clearance statements

Any statement in a WVISA tool, report, dashboard, export, or follow-up communication that an issue is "cleared," "resolved," "passed," "good," "lower risk," or similar wording is only a point-in-time observation based on available evidence and conditions at the time of service. It is not a warranty, certification, or guarantee that the issue is permanently fixed, that no related issue exists, or that the environment is secure.

Comparison and buyer guidance language

WVISA comparison pages and tier descriptions are buyer guidance for choosing between assessment, protection, monitoring, managed IT, and active-testing options. Comparisons are not warranties, certifications, guarantees of superiority, or universal statements about every competing tool or provider. Customers should select tools based on their own environment, risk, budget, and required level of support.

Read-only scan and customer-approved remediation

WVISA assessment scans are designed to be read-only and to provide visibility into gaps. Supported remediation commands are optional and do not run during the scan. A customer or authorized operator must choose to run the copied PowerShell command from an elevated session or approve an administrator elevation prompt before any supported fix changes local settings.

Authorized-use only

You may use WVISA only on systems, networks, accounts, and data that you own or are explicitly authorized to assess. You are responsible for obtaining any needed permission from employers, household members, customers, landlords, managed-service providers, network owners, or device owners before running WVISA or providing evidence.

Package delivery and security warnings

While executable code signing is deferred, public WVISA fulfillment may use tier-locked script-only ZIP packages instead of setup EXE downloads. Hashes shown on the paid success page are provided so customers can verify package integrity before use. WVISA does not ask customers to disable antivirus, EDR, browser protections, or Windows security warnings to run a file. If a security product flags WVISA, stop and contact WVISA support for review or an updated delivery option.

A. Proof of Concept

Proof of Concept is a limited introductory security review intended to surface obvious risks and demonstrate the service. It is not comprehensive and must not be relied on as a complete assessment of the customer's environment.

B. Starter Scan

Starter Scan is the entry point for WVISA's fuller automated assessment. It provides device, account, identity, application, and stronger local network review based on the endpoint, permissions, and environment available at the time of testing.

C. Standard Review

Standard Review provides broader automated assessment coverage, including exposure review, router review, DNS and configuration insights, and family-safety and hardening context where supported and authorized. It remains non-destructive and is not a penetration test.

D. Premium Deep Review

Premium Deep Review is the deepest fixed-price WVISA review tier and may include router-assisted context, deeper visibility, stronger prioritization, and fuller fix-first reporting. It does not include phishing, social engineering, exploit development, denial-of-service, or other offensive techniques unless separately contracted in writing.

E. Small Business Security Review

Small Business Security Review is designed for multi-device and segmented environments and aims to provide broader visibility into reachable and evidenced business networks. Visibility depends on reachable networks, local routing, available permissions, supported integrations, and customer-provided authorization.

F. Ongoing Monitoring add-on

Ongoing Monitoring is a separate $20/month add-on that layers monthly local rescans, score tracking, and generated change reporting onto an existing WVISA engagement. It is not a 24/7 managed SOC, emergency monitoring desk, incident response retainer, guaranteed real-time alerting service, or guarantee that all security events or changes will be detected or reported.

G. FamilyShield

WVISA FamilyShield is a family-facing digital safety assessment and guidance service layered on top of existing WVISA scan tiers, parent intake, and written recommendations. FamilyShield may discuss household Wi-Fi, devices, backups, account hygiene, scams, photo/privacy practices, smart-home privacy, and parental-control options, but it is advisory only. WVISA does not request child account passwords, does not provide child monitoring, does not guarantee prevention of harm, does not provide medical, legal, insurance, or identity-recovery advice, and does not replace parental supervision or platform-native safety controls.

Optional external visibility checks

Read-only assessment coverage may include bounded public-IP discovery, public exposure validation against the customer's own public IP, optional Have I Been Pwned account-breach lookup when configured, and supported local-router read requests. These checks are for visibility and do not upload WVISA reports to WVISA.

Customer validation and implementation responsibility

Customers remain solely responsible for implementing, testing, validating, and maintaining remediation steps, patches, configuration changes, access controls, monitoring, backups, and broader security governance after receiving WVISA output. WVISA recommendations are informational and should be validated in the customer's environment before operational reliance.

Separate white-hat authorization requirement

Any service involving active validation, exploit attempts, phishing simulation, social engineering, external-vantage testing, credential testing, wireless testing, lateral movement, or other offensive security activity requires a separate written authorization and Rules of Engagement signed by an authorized representative before testing begins.