Terms of Service

These Terms of Service ("Terms") govern your use of the TeNova Axiom platform ("Service") operated by Tenable Nova LLC ("Company," "we," "us"), a Georgia limited liability company. By accessing or using the Service, you agree to be bound by these Terms. If you do not agree, do not use the Service.

TeNova Axiom is an agentless compliance adjudication platform that collects system evidence, evaluates it against public federal standards (NIST 800-53, DISA STIGs, CMMC, FedRAMP, NIST AI RMF), and produces cryptographically anchored compliance verdicts. The Service generates audit artifacts including OSCAL-formatted System Security Plans, Plans of Action & Milestones, and Assessment Results.

You are responsible for maintaining the confidentiality of your account credentials and API keys. You must notify us immediately of any unauthorized access. Each account is scoped to a single tenant organization. You may not share credentials across organizations or allow unauthorized individuals to access the Service.

The Service is offered on a monthly subscription basis. Pricing is published on our website. Payment is processed through Stripe. Subscriptions renew automatically unless canceled before the renewal date. We reserve the right to change pricing with 30 days' written notice.

You retain all ownership rights to your compliance data, evidence, attestations, and configuration. We do not claim any intellectual property rights over your data. You grant us a limited license to process your data solely for the purpose of providing the Service. Upon termination, your data will be deleted in accordance with our Privacy Policy.

Axiom is an evidence engine, not an approval platform. The Service collects, adjudicates, and witnesses compliance evidence using deterministic rules and cryptographic proof. It does not grant certifications, authorize systems, issue ATOs, or replace the professional judgment of a qualified C3PAO assessor, Authorizing Official, or ISSM. The final authority on system authorization rests with the designated authorizing official and their assessment organization.

Compliance verdicts produced by Axiom are based on automated evidence collection and deterministic rule evaluation. They represent a technical assessment at a point in time and should be validated by qualified security professionals before submission to regulatory bodies.

The AI Witness feature records metadata about AI inference operations (model identifiers, latency, token counts, cryptographic hashes). At Clearing Level 1 and above, the Service never receives, stores, or processes raw AI prompts or responses. We cannot and do not evaluate the quality, accuracy, or safety of your AI model outputs. AI Witness provides compliance witnessing, not AI model validation.

You agree not to:

• Use the Service to fabricate, falsify, or misrepresent compliance evidence
• Attempt to access data belonging to other tenants
• Reverse-engineer, decompile, or extract source code from the Service
• Use the Service in violation of any applicable law or regulation
• Resell or sublicense access to the Service without written authorization

The SWT3 Witness Anchor protocol, Sovereign Witness Traceability methodology, and the Axiom platform software are the intellectual property of Tenable Nova LLC. SWT3 and Sovereign Witness Traceability are trademarks of Tenable Nova LLC. Patent pending. All compliance mappings reference publicly available standards published by NIST, DISA, CMMC-AB, and the European Commission. Use of these public standards does not imply endorsement by or affiliation with any government agency.

We make commercially reasonable efforts to maintain Service availability but do not guarantee uninterrupted access. Scheduled maintenance will be communicated in advance when possible. The Service is hosted on US-based infrastructure.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, TENABLE NOVA LLC SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM YOUR USE OF THE SERVICE. OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT PAID BY YOU IN THE TWELVE MONTHS PRECEDING THE CLAIM. THIS LIMITATION APPLIES REGARDLESS OF THE THEORY OF LIABILITY.

You agree to indemnify and hold harmless Tenable Nova LLC from any claims, damages, or expenses arising from your use of the Service, your violation of these Terms, or your submission of compliance artifacts to regulatory bodies based on Service outputs.

Either party may terminate the subscription with 30 days' written notice. We may suspend or terminate your access immediately for violation of these Terms or non-payment. Upon termination, your access to the Service will cease and your data will be handled in accordance with our Privacy Policy.

These Terms are governed by the laws of the State of Georgia, United States, without regard to conflict of law principles. Any disputes shall be resolved in the state or federal courts located in DeKalb County, Georgia.

We reserve the right to modify these Terms at any time. Material changes will be communicated via email to account holders at least 30 days before taking effect. Continued use of the Service after changes take effect constitutes acceptance of the updated Terms.

Tenable Nova LLC
Email: legal@tenovaai.com
Web: sovereign.tenova.io