Home Mission Expertise Briefing Contact
⚠️ Immediate Assistance
Governance & Ethics

Code of Conduct

The operational, ethical, and legal boundaries governing all ESC personnel, contractors, and partners rendering services across Southeast Asia, East Asia, and globally.

Effective Date 01 January 2026
Last Reviewed April 2026
Jurisdiction Kingdom of Thailand
Registration Lic. No. 88-2910-TH

This document establishes the overarching Code of Conduct & Ethics for Echelon Security Consulting LLC. It dictates the operational, ethical, and legal boundaries for all ESC personnel, contractors, and partners rendering services across Southeast Asia, East Asia, and globally. These policies apply to all ESC consultancy services, including but not limited to: cybersecurity, risk analysis, intelligence assessment, geopolitics, cyberwarfare and eCrime research, targeted intrusion simulation, threat actor engagement, deep/dark web intelligence, OSINT, CSIRT/SIRT and ISAC enablement, strict/conditional active defence, military upstream consultancy, vendor due diligence, zero-day intelligence, digital transformation, AI consultancy, and CCTV/crowd surveillance intelligence.

Section 1

Purpose and Scope

This document establishes the overarching Code of Conduct & Ethics for Echelon Security Consulting LLC (hereafter referred to as "ESC"). It dictates the operational, ethical, and legal boundaries for all ESC personnel, contractors, and partners rendering services across Southeast Asia, East Asia, and globally.

These policies apply to all ESC consultancy services, including but not limited to: cybersecurity, risk analysis, intelligence assessment, geopolitics, cyberwarfare and eCrime research, targeted intrusion simulation, threat actor engagement, deep/dark web intelligence, OSINT, CSIRT/SIRT and ISAC enablement, strict/conditional active defence, military upstream consultancy, vendor due diligence, zero-day intelligence, digital transformation, AI consultancy, and CCTV/crowd surveillance intelligence.

Section 2

Code of Conduct and Professional Ethics

ESC operates at the complex intersection of cybersecurity, geopolitical intelligence, and active defense. To maintain the highest standards of integrity, all ESC personnel must adhere to the following ethical principles:

  • Legality and Compliance: All operations, including surveillance, deep web intelligence gathering, and intrusion simulations, must strictly adhere to the local and international laws governing the jurisdictions in which ESC and its clients operate (e.g., Thailand's PDPA, international cyber laws).
  • Objectivity and Independence: Geopolitical assessments, attribution of state-sponsored nexus actors, and threat intelligence reporting must be based on verifiable data and unbiased all-source intelligence, free from political or corporate manipulation.
  • Proportionality and Restraint: In all military upstream consultancy and strict/conditional active defense operations, ESC advises and executes only proportionate measures designed to neutralize threats without causing collateral damage to civilian infrastructure or non-combatant networks.
  • Privacy and Human Rights: CCTV, crowd/public surveillance, and social media assessments must be conducted strictly for security, threat detection, and risk analysis purposes, avoiding unwarranted infringement on personal privacy.
Section 3

Prohibited Engagements (Absolute Exclusions)

ESC maintains a zero-tolerance policy for specific categories of criminality. Under no circumstances will ESC accept, honor, or facilitate consultancy service requests, intelligence gathering, or technical support for clients, operations, or investigations directly related to the following:

  • Pedophilia and Child Exploitation Crimes
  • Human Trafficking Crimes
  • Illicit Guns and Arms Trafficking Crimes
  • Alcohol-related Crimes (e.g., smuggling, illicit distribution)
  • Drugs and Narcotics-related Crimes

Note: If ESC personnel uncover intelligence related to these prohibited categories during routine threat actor tracking, deep/dark web operations, or malware research, the data will be documented and, where legally required or ethically appropriate, handed over to the relevant international law enforcement agencies.

Section 4

Operating Parameters (OP)

The following OP governs the operational execution of ESC services:

OP 4.1
Authorization and Consent
No targeted intrusion, penetration testing, or surveillance operations will commence without explicit, written legal authorization from the asset owner or authorized military/government client.
OP 4.2
Strict / Conditional Active Defence
Active defense measures (e.g., beaconing, sinkholing, adversary engagement) are strictly conditional. They must remain defensive in nature. ESC does not engage in "hack-back" (offensive operations against adversary infrastructure) unless explicitly contracted under lawful, military upstream consultancy with proper state authorization.
OP 4.3
Deep/Dark Web & Threat Actor Engagement
Undercover intelligence gathering and interacting with cyberterrorists, eCrime syndicates, or state-sponsored actors must be strictly passive or conducted via sanctioned sock-puppet personas. ESC personnel are prohibited from providing material support, purchasing exploits (unless under strict zero-day intelligence acquisition protocols for defense), or facilitating cyberattacks.
OP 4.4
OSINT and All-Source Intelligence
Open-Source Intelligence gathering must not cross into targeted, unauthorized exploitation. Exploitation of zero-day vulnerabilities for intelligence gathering is forbidden unless explicitly authorized under a client's defensive scope.
Section 5

Information Handling and Sharing

Given the sensitive nature of espionage, malware research, and geopolitics assessments, ESC strictly regulates how data is categorized and shared, particularly within ISAC and CSIRT/SIRT communities.

5.1 Traffic Light Protocol (TLP)

ESC utilizes the FIRST Traffic Light Protocol (TLP v2.0) to facilitate the secure sharing of sensitive information:

TLP:RED
Eyes Only
For the eyes and ears of individual recipients only. No further disclosure. Used for highly sensitive targeted intrusion data and zero-day intelligence.
TLP:AMBER+STRICT
Organisation Only
Restricted to the client's organization only.
TLP:AMBER
Limited Disclosure
Limited disclosure within the client's organization and its clients/partners on a need-to-know basis to mitigate risks.
TLP:GREEN
Community
Limited disclosure within the community (e.g., regional ISACs, CSIRTs). Information cannot be released publicly.
TLP:CLEAR
Public
Subject to standard copyright rules, information may be distributed publicly without restriction.

5.2 Information Exchange Policy (IEP)

ESC adheres to a strict Information Exchange Policy when collaborating with external entities, vendors, and intelligence networks:

  • Attribution & Anonymity: When sharing threat intelligence (e.g., malware hashes, eCrime TTPs) with ISACs, all client-identifying data must be anonymized unless explicit permission is granted.
  • Handling Caveats: Any data shared with external partners will include specific Handling Caveats detailing permissible actions (e.g., "For passive monitoring only," "Do not scan").
  • Vendor Due Diligence: Information shared with third-party vendors for AI consultancy or digital transformation must be protected under strict Non-Disclosure Agreements (NDAs).
Section 6

Responsible Disclosure Policy

In the course of providing vendor due diligence, malware research, and zero-day intelligence, ESC personnel frequently discover undisclosed vulnerabilities. ESC is committed to the responsible disclosure of these findings:

  1. Verification: The vulnerability is verified internally in a sterile, sandboxed environment.
  2. Notification: The vendor or asset owner is notified securely with a proof-of-concept and technical details.
  3. Embargo Period: ESC standardizes a 90-day embargo period (or a mutually agreed-upon timeframe for complex hardware/AI systems) to allow the vendor to patch the vulnerability.
  4. Active Exploitation Exception: If ESC detects that a state-sponsored nexus actor or eCrime syndicate is actively exploiting a zero-day in the wild, ESC reserves the right to immediately alert CSIRT/ISAC communities and publish defensive indicators (IoCs) to protect the broader ecosystem, while coordinating with the vendor.
  5. Public Disclosure: Following the embargo period and patch release, ESC may publish its research to contribute to global situational awareness and threat intelligence.
Section 7

Policy Enforcement

Violations of this Code of Conduct, particularly regarding the prohibited engagement clauses, will result in immediate termination of the client contract or termination of the ESC employee/contractor involved, followed by legal action if necessary.

Zero Tolerance: Violations of the Prohibited Engagements listed in Section 3 carry no path to remediation. Immediate contract termination and referral to the relevant law enforcement authorities will follow without exception.

Section 8

Contact & Queries

For questions about this Code of Conduct, to report a concern regarding ESC's operations or the conduct of ESC personnel, or to raise a compliance matter, please contact ESC's leadership team directly:

General Inquiries [email protected]
Telephone +66 65 989 8638
WhatsApp +66 65 989 8638
LINE Connect via LINE
Registered Address Echelon Security Consulting LLC
Sathorn Square Tower, 37th Floor
98 N Sathon Rd, Silom, Bang Rak
Bangkok 10500, Thailand
Lic. No. 88-2910-TH

ESC is committed to resolving all compliance concerns promptly, professionally, and with the same discretion applied to every client relationship. Whistleblower disclosures regarding violations of this Code will be handled in strict confidence.

Get In Touch Privacy Policy Rules of Engagement