Acceptable Use Policy

Effective: June 5, 2026

Cyber+ exists for the information security community: practitioners, researchers, writers, and learners. The Acceptable Use Policy ("AUP") describes what is and isn't allowed on the platform. Violations may result in content removal, account suspension, or termination, and in some cases reporting to law enforcement.

What you can't do

1. Illegal activity

Do not use Cyber+ to plan, advertise, solicit, or facilitate activity that is illegal in the country from which you operate or the country your readers are in.

2. Active attacks

Do not publish working malware, ransomware, stealers, or remote-access trojans intended for offensive use against third parties without their consent. Proof-of-concept code is allowed for defensive research, CVEs, and educational write-ups — but it must be clearly framed as such, not packaged for drop-in use against unconsenting targets.

3. Embargo and disclosure violations

Do not publish vulnerability details before the agreed coordinated disclosure date, and do not dox researchers who have requested anonymity in a write-up. We will honor takedown requests from vendors and researchers asserting an active embargo violation, on a documented basis.

4. Harassment, threats, and hate

No targeted harassment, threats of violence, doxxing of private individuals, or content that promotes violence against people on the basis of race, ethnicity, national origin, religion, sex, sexual orientation, gender identity, age, or disability.

5. Child sexual abuse material (CSAM)

Zero tolerance. Any CSAM is reported to the National Center for Missing & Exploited Children (NCMEC) and to law enforcement immediately. The account is terminated and IP-blocked.

6. Spam and platform abuse

No bulk unsolicited content, no engagement farming with fake accounts, no scraping that violates this policy, no attempts to subvert rate limits or abuse-detection systems.

7. Impersonation and misrepresentation

Do not impersonate companies, brands, or individuals in a way that could reasonably deceive readers (parody and clearly-labeled fiction are fine).

8. Stolen data and credential dumps

Do not publish credential dumps, leaked PII, or proprietary source code obtained without authorization. Linking to dump sites for research analysis is OK if the dump is already widely public and your post adds analytical value.

9. Platform security

No attempts to compromise the Cyber+ platform itself outside the scope of our published responsible disclosure policy. Good-faith security research is welcomed and protected under that policy.

What you can do

  • Publish vulnerability research, post-incident reports, threat write-ups, and PoCs aligned with coordinated disclosure norms.
  • Critique vendors, products, and other public-facing entities — keep it substantive and accurate.
  • Share defensive tools, detection rules, and IOC libraries.
  • Disagree with other writers loudly. Do not personally attack them.
  • Use pseudonyms. Many of our best writers do.

Enforcement

We aim for proportional responses. The usual ladder is: notify and request edit → unpublish a post → suspend the account → terminate. Egregious violations (CSAM, credible threats, active malware distribution) skip straight to termination and law-enforcement referral where appropriate.

If we remove your content, we will tell you which clause it violated and, where possible, give you a chance to appeal at appeals@gocyberplus.com.

Reporting violations

Use the "Report" button on a post or comment, or email abuse@gocyberplus.com. For CSAM, use the report button or email immediately; do not republish or screenshot.


This policy is intentionally short. We'd rather you read it. If you're unsure whether something is OK to publish, email trust@gocyberplus.com first.