Software License — Apache License 2.0

SPECTRA is licensed under the Apache License, Version 2.0.

Copyright 2026 CybersecurityOS

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

The full license text is available at apache.org/licenses/LICENSE-2.0 and in the LICENSE file in the project repository.


What the Apache 2.0 License Permits

You mayCondition
Use SPECTRA commerciallyNo restrictions
Modify SPECTRAMust preserve copyright and license notices
Distribute SPECTRAMust include the Apache 2.0 license
Distribute modified versionsMust state changes made; must include the Apache 2.0 license
Use privately without disclosureNo requirement to open-source modifications used internally
SublicensePermitted under Apache 2.0 terms

The Apache License 2.0 also includes an express patent license grant from all contributors — meaning contributors grant you a license to any patents they hold that are necessarily infringed by their contribution. This is the primary protection the Apache 2.0 license provides beyond the MIT License.


Documentation License — CC BY 4.0

This documentation (the content at cybersecurityos.net/docs/) is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0).

You are free to share and adapt this documentation for any purpose, including commercial, as long as you provide appropriate attribution to CybersecurityOS.

Full license: creativecommons.org/licenses/by/4.0


Trademark Notice

The name SPECTRA, the phrase Security Platform for Expert-level Correlation, Triage, and Risk Analysis, and the CybersecurityOS wordmark are trademarks of CybersecurityOS.

The Apache License grants you rights to the software code. It does not grant rights to use these trademarks to:

  • Name or brand a fork of SPECTRA in a way that implies official affiliation
  • Use the CybersecurityOS name or logo in any promotional material without prior written permission

To request trademark use, contact legal@cybersecurityos.net.


Attribution Requirements

When redistributing SPECTRA or its documentation, include the following attribution:

SPECTRA — Security Platform for Expert-level Correlation, Triage, and Risk Analysis
Copyright 2026 CybersecurityOS
Licensed under the Apache License, Version 2.0
https://github.com/d0uble3L/spectra

Third-Party Dependencies

SPECTRA depends on third-party open-source packages. Their licenses are included in the NOTICE file in the project repository. All dependencies are compatible with the Apache 2.0 license.

Key dependencies include:

PackageLicense
anthropic (Anthropic SDK)MIT
click (CLI framework)BSD-3-Clause
rich (terminal formatting)MIT
pydantic (data validation)MIT
python-dotenv (env file loading)BSD-3-Clause

No Warranty

SPECTRA is provided “as is” without warranty of any kind. CybersecurityOS makes no representations or guarantees regarding the accuracy, completeness, or fitness for purpose of the analysis SPECTRA produces. AI-generated security analysis should be reviewed by qualified security professionals before action is taken. Do not rely solely on SPECTRA output for critical security decisions.


Questions

For licensing questions, contact legal@cybersecurityos.net.