Open Edge Cloud

Abuse Policy

Open Edge Abuse Policy

Effective Date: February 9, 2026

1. Purpose

This Acceptable Use and Abuse Policy (“Policy”) governs the use of all infrastructure services provided by Open Edge, LLC (“Open Edge,” “we,” or “our”), including compute, storage, networking, firewall, load balancing, secrets management, orchestration, and managed application services. This Policy applies to all enterprise customers, their authorized users, and any workloads deployed on Open Edge infrastructure.

Open Edge operates US-sovereign, contract-based managed cloud infrastructure for enterprise organizations. This Policy exists to protect the integrity, performance, and security of our platform and to ensure that all customers receive reliable, predictable service. It supplements the terms of your Master Services Agreement or applicable service contract.

2. Resource Usage

Enterprise customers are allocated infrastructure resources as defined in their service contracts, including compute capacity, storage volumes, network bandwidth, and associated services. All usage must remain within the scope of contracted resource allocations.

The following resource usage practices are prohibited:

  • Sustained consumption that materially exceeds contracted resource allocations without prior coordination with your account team
  • Deploying workloads designed to circumvent resource quotas, metering, or capacity management controls
  • Operating cryptocurrency mining, proof-of-work computations, or similar resource-intensive processes unless explicitly authorized in writing
  • Consuming resources in a manner that degrades platform performance for other customers

Customers approaching or exceeding their contracted capacity should contact their account team to discuss allocation adjustments. Open Edge monitors aggregate platform utilization to maintain service quality and will coordinate with affected customers before taking any corrective action related to resource consumption.

3. Security and Infrastructure Integrity

Maintaining the security and integrity of Open Edge infrastructure is a shared responsibility. The following activities are strictly prohibited:

  • Initiating or facilitating denial-of-service (DoS) attacks, distributed denial-of-service (DDoS) attacks, or any activity intended to disrupt the availability of Open Edge services or third-party systems
  • Unauthorized access attempts against any infrastructure, systems, or accounts not explicitly assigned to your organization
  • Deploying malware, ransomware, botnets, command-and-control infrastructure, or other malicious software
  • Conducting vulnerability scanning, penetration testing, or security assessments against infrastructure or network segments belonging to other customers or to Open Edge platform systems
  • Spoofing, forging, or manipulating network identifiers including IP addresses, MAC addresses, or packet headers
  • Intercepting, monitoring, or exfiltrating network traffic not originating from or destined for your own allocated resources
  • Using Open Edge infrastructure to engage in fraud, identity theft, phishing, or social engineering

Authorized Security Testing: Customers may conduct vulnerability assessments and penetration testing against their own contracted resources without prior approval, provided such testing is confined entirely to infrastructure allocated to their organization and does not impact platform availability or other customers. Customers must notify their account team before conducting any large-scale security exercises.

Coordinated Vulnerability Disclosure: If you discover a potential security vulnerability in Open Edge platform infrastructure or services, we request that you report it to your account team or directly to [email protected] before any public disclosure. Open Edge is committed to prompt investigation and remediation. We will coordinate with reporting parties on disclosure timelines and acknowledge contributions to our platform security where appropriate.

4. Prohibited Content and Conduct

Open Edge infrastructure may not be used to store, process, transmit, or distribute content or conduct activity that violates applicable United States federal or state law. Prohibited uses include, but are not limited to:

  • Hosting or distributing content that is illegal under US law, including child sexual abuse material, content that facilitates human trafficking, or material subject to sanctions and export control regulations
  • Distributing or storing content that infringes intellectual property rights, including copyrights, trademarks, and trade secrets, without lawful authorization
  • Operating services that facilitate illegal gambling, unlicensed financial services, or the sale of controlled substances in violation of applicable law
  • Using Open Edge infrastructure to harass, threaten, or stalk any individual or organization
  • Sending unsolicited bulk communications (spam) or operating infrastructure that supports bulk messaging campaigns in violation of the CAN-SPAM Act or applicable regulations

Open Edge does not proactively monitor customer content. However, we will respond to lawful requests from regulatory and law enforcement authorities and will act on credible reports of prohibited content or conduct in accordance with applicable law and the enforcement procedures described in this Policy.

5. API Usage and Automation

Open Edge provides API access for programmatic management of contracted infrastructure services. To ensure platform stability and equitable access, the following API usage policies apply:

  • API requests are subject to a default rate limit of 120 requests per minute per authenticated credential. Customers requiring higher throughput for legitimate automation workflows should contact their account team to discuss elevated rate allocations.
  • API credentials must be managed securely. Sharing credentials across organizations or embedding credentials in publicly accessible code repositories is prohibited.
  • Automated processes must implement appropriate error handling, including exponential backoff for rate-limited or failed requests.
  • API access may not be used to systematically extract platform metadata, enumerate other customers’ resources, or probe infrastructure beyond the scope of your contracted services.

Open Edge reserves the right to throttle or temporarily restrict API access that jeopardizes platform stability, with prompt notification to the affected customer’s account team.

6. Enforcement and Remediation

Open Edge takes a measured, transparent approach to policy enforcement. Our objective is to resolve issues collaboratively while protecting platform integrity for all customers.

Enforcement follows a graduated process:

  1. Notification and Remediation Period: For non-critical violations, your account team will be notified with a detailed description of the issue and a reasonable remediation period, typically five (5) business days, to resolve the matter. Open Edge will work with your technical team to identify corrective actions.
  2. Service Restriction: If the violation is not remediated within the specified period, or if the violation poses an ongoing risk to platform stability or other customers, Open Edge may restrict specific services or workloads associated with the violation. Restrictions will be scoped as narrowly as possible to minimize operational impact.
  3. Service Suspension: Continued non-compliance or repeated violations may result in broader suspension of contracted services. Suspension will be preceded by written notice to your designated contract and technical contacts, except in circumstances requiring immediate action.
  4. Contract Termination: Persistent or egregious violations may result in termination of the service contract in accordance with the termination provisions of your Master Services Agreement.

Immediate Action: Open Edge reserves the right to take immediate protective action, including service suspension without prior notice, in response to violations that pose an imminent threat to platform security, infrastructure integrity, or legal compliance. In such cases, your account team will be notified as soon as practicable with a full explanation of the action taken and the underlying cause.

7. Appeal Process

Enterprise customers may appeal any enforcement action through the following process:

  1. Initiate an Appeal: Submit a written appeal through your designated account team or directly to [email protected] within fifteen (15) business days of the enforcement action. The appeal should include a description of the circumstances, any corrective actions taken, and the basis for the appeal.
  2. Review: Appeals are reviewed by a senior member of the Open Edge operations team who was not involved in the original enforcement decision. Your account team will serve as your point of contact throughout the review process.
  3. Resolution: Open Edge will provide a written decision within ten (10) business days of receiving a complete appeal. The decision will include the rationale and, if applicable, any conditions for reinstatement of services.

One appeal is permitted per enforcement incident. The appeal decision is final. Open Edge will not impose additional penalties solely as a consequence of a customer exercising the appeal process in good faith.

8. Policy Updates

Open Edge may update this Policy to reflect changes in our services, legal requirements, or operational practices. Material changes will be communicated to active customers through their account team and posted to open-edge.io/abuse-policy at least thirty (30) days before taking effect. Continued use of Open Edge services following the effective date of an updated Policy constitutes acceptance of the revised terms.

Questions about this Policy should be directed to your Open Edge account team or to [email protected].