Upgrade

Terms and Conditions

Last Updated: May 7, 2026

Welcome to RiskRancher. These Terms and Conditions ("Terms") govern your access to and use of the RiskRancher software, websites, and services provided by Kuebiko LLC ("Company", "we", "us", or "our").

By downloading, installing, or using RiskRancher, you agree to be bound by these Terms. If you do not agree to these Terms, do not use the software.

1. The Dual-License Model

RiskRancher operates under a dual-licensing model depending on the version of the software you choose to deploy:

  • RiskRancher CORE: Our open-source offering, governed by the Apache License 2.0.
  • RiskRancher PRO: Our premium, closed-source offering, governed by a proprietary commercial license.

2. RiskRancher CORE (Open Source)

RiskRancher CORE is free and open-source software. It is licensed to you under the Apache License, Version 2.0 (the "Apache License").

Under the Apache License, you may freely use, reproduce, modify, and distribute the CORE software, subject to the conditions outlined in the official Apache 2.0 License agreement. RiskRancher CORE is provided "AS IS", without warranties or conditions of any kind.

3. RiskRancher PRO (Commercial License)

RiskRancher PRO is proprietary software. Upon purchasing a subscription, Kuebiko LLC grants you a revocable, non-exclusive, non-transferable, limited license to download, install, and use the PRO binary strictly in accordance with these Terms.

Under the PRO License, you are strictly prohibited from:

  • Reverse Engineering: Decompiling, reverse engineering, disassembling, or attempting to derive the source code of the PRO binary or the offline licensing mechanism.
  • Unauthorized Distribution: Copying, distributing, reselling, or sublicensing the PRO software or your cryptographically minted RSA License Key to any third party.
  • SaaS-ification: Hosting RiskRancher PRO as a public Software-as-a-Service (SaaS) or offering it as a managed service to external organizations without an explicit partnership agreement from Kuebiko LLC.
  • License Tampering: Attempting to bypass, modify, or extend the expiration date of your offline license key.

4. Payment and Subscriptions

RiskRancher PRO requires an active, paid subscription. Payments are processed securely via Stripe. Subscriptions automatically renew annually unless canceled prior to the renewal date. You may cancel your subscription at any time via the Stripe Customer Portal linked in the footer of our website. Upon cancellation or payment failure, your software will safely degrade, and PRO features will lock upon your offline key's expiration.

5. Air-Gapped Architecture & Data Privacy

RiskRancher is designed to be 100% air-gapped. We do not collect telemetry, vulnerability data, asset logs, or user analytics. Because the software operates entirely on your local infrastructure or private cloud, Kuebiko LLC has zero visibility into your security posture. Consequently, you are solely responsible for backing up your local SQLite database and securing your infrastructure.

6. Support SLAs

CORE Edition: Support is community-driven via GitTea Issues. We offer no guaranteed response times for the open-source release.

PRO Edition: Active subscribers receive premium email support. We make commercially reasonable efforts to respond to critical bugs and inquiries within standard business hours.

7. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL KUEBIKO LLC BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR RELATING TO THE USE OF, OR INABILITY TO USE, THE SOFTWARE.

UNDER NO CIRCUMSTANCES WILL KUEBIKO LLC BE RESPONSIBLE FOR ANY DAMAGE, LOSS, OR INJURY RESULTING FROM HACKING, TAMPERING, OR OTHER UNAUTHORIZED ACCESS TO YOUR LOCAL RISK RANCHER DEPLOYMENT. OUR TOTAL LIABILITY TO YOU FOR ANY CLAIMS UNDER THESE TERMS SHALL NOT EXCEED THE AMOUNT YOU PAID TO US FOR RISK RANCHER PRO IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

8. Contact

If you have any questions about these Terms, please contact us at legal@riskrancher.com.

Security built from the saddle, not the boardroom. 100% air-gapped vulnerability management for modern teams.

Security Guides
Open Source vs. Pro Tools
The Master Flow Chart
Buyer's Evaluation Guide
Remediation Best Practices
Expert Analysis
RiskRancher vs. DefectDojo
Air-Gapped Compliance Guide
Automated Triaging Guide
Why Flat Fees Matter
Legal & Billing
Privacy Policy
Terms and Conditions
Manage Subscription

Common Questions

Is RiskRancher really 100% air-gapped?

Yes. RiskRancher is a single binary with zero external API calls. It stores everything in a local SQLite database on your own hardware.

What is the difference between CORE and PRO?

CORE is our Apache 2.0 open-source engine for ingesting data. PRO adds the Auto-Assign Rules Engine, Executive Reporting, and Exception Pipelines.

How does the offline licensing work?

We use RSA-signed license keys. Your machine validates the signature locally using our public key—no internet ping required.

Can I import data from Qualys or Tenable?

Absolutely. RiskRancher includes universal adapters for all major scanners, including Nessus, Qualys, Trivy, and Dependabot.

Security built from the saddle, not the boardroom. 100% air-gapped vulnerability management for modern teams.

Security Guides
Open Source vs. Pro Tools
The Master Flow Chart
Buyer's Evaluation Guide
Remediation Best Practices
Expert Analysis
RiskRancher vs. DefectDojo
Air-Gapped Compliance Guide
Automated Triaging Guide
Why Flat Fees Matter
Legal & Billing
Privacy Policy
Terms and Conditions
Manage Subscription