Code of Ethics
All usd HeroLab security analysts and usd PentestLab users apply their skills exclusively within the framework of the legislation in force and feel committed to the Code of Ethics of the EC-Councils September 2019, Source EC Council. They undertake to:
01 Privacy Keep private any confidential information gained in her/his professional work, (in particular as it pertains to client lists and client personal information). Not collect, give, sell, or transfer any personal information (such as name, e-mail address, Social Security number, or other unique identifier) to a third party without client prior consent.
02 Intellectual Property Protect the intellectual property of others by relying on her/his own innovation and efforts, thus ensuring that all benefits vest with its originator.
03 Disclosure Disclose to appropriate persons or authorities potential dangers to any e-commerce clients, the Internet community, or the public, that she/he reasonably believes to be associated with a particular set or type of electronic transactions or related software or hardware.
04 Areas of Expertise Provide service in their areas of competence, being honest and forthright about any limitations of her/his experience and education. Ensure that she/he is qualified for any project on which he/she works or proposes to work by an appropriate combination of education, training, and experience.
05 Unauthorized Usage Never knowingly use software or process that is obtained or retained either illegally or unethically.
06 Illegal Activities Not engage in deceptive financial practices such as bribery, double billing, or other improper financial practices.
07 Authorization Use the property of a client or employer only in ways properly authorized, and with the owner’s knowledge and consent.
08 Disclosure Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.
09 Management Ensure good management for any project he/she leads, including effective procedures for promotion of quality and full disclosure of risk.
10 Knowledge Sharing Add to the knowledge of the e-commerce profession by constant study, share the lessons of her/his experience with fellow EC-Council members, and promote public awareness of benefits of electronic commerce.
11 Confidence Conduct herself/himself in the most ethical and competent manner when soliciting professional service or seeking employment, thus meriting confidence in her/his knowledge and integrity.
12 Extreme Care Ensure ethical conduct and professional care at all times on all professional assignments without prejudice.
13 Malicious Activities Not associate with malicious hackers nor engage in any malicious activities.
14 No Compromise Not purposefully compromise or cause to be compromised the client organization’s systems in the course of your professional dealings
15 Legal Limits Ensure all penetration testing activities are authorized and within legal limits.
16 Black Hat Involvement Not partake in any black hat activity or be associated with any black hat community that serves to endanger networks.
17 Underground Communities Not be part of any underground hacking community for purposes of preaching and expanding black hat activities.
18 Legitimate Reference Not to make inappropriate reference to the certification or misleading use of certificates, marks or logos in publications, catalogues, documents or speeches.
19 Clear Record Not convicted in any felony, or violated any law of the land.