Onboarding

Do I need permission from my hosting provider?

Check with your hosting provider for necessary prior approval for testing, which may require days' notice. You must apply as the system owner, providing Edgescan source IPs for the testing origin.

Version Number: v1.0.1

Published Date: 13 May 2024

____________________________________________________________________________

Before starting any testing, it's crucial to be aware that certain third-party hosting providers, such as cloud computing services, may require advance notice. You should seek approval from your hosting provider, who serves as the system owner, and it's a good idea to check with them beforehand. Additionally, your provider will need our source IPs to pinpoint the origin of the testing activities.
 
Many cloud providers removed the permissions requirement for penetration testing.
We've gathered a list of these providers below as well as their latest guidance.

Not all services are included in penetration testing permission. You should discuss with your cloud account team before engaging in penetration testing activities.

 
 Cloud Provider Permission Required   Resource
Amazon Web Service  No https://aws.amazon.com/security/penetration-testing/
Azure Cloud  No https://learn.microsoft.com/en-us/azure/security/fundamentals/pen-testing
Google Cloud Platform  No https://support.google.com/cloud/answer/6262505
Alibaba Cloud  Yes https://www.alibabacloud.com/help/en/security-control/latest/apply-for-a-penetration-test-license