Check with your hosting provider for necessary prior approval for testing, which may require days' notice. You must apply as the system owner, providing Edgescan source IPs for the testing origin.
Version Number: v1.0.1
Published Date: 13 May 2024
____________________________________________________________________________
Before starting any testing, it's crucial to be aware that certain third-party hosting providers, such as cloud computing services, may require advance notice. You should seek approval from your hosting provider, who serves as the system owner, and it's a good idea to check with them beforehand. Additionally, your provider will need our source IPs to pinpoint the origin of the testing activities.Many cloud providers removed the permissions requirement for penetration testing.
We've gathered a list of these providers below as well as their latest guidance.
Not all services are included in penetration testing permission. You should discuss with your cloud account team before engaging in penetration testing activities.
| Cloud Provider | Permission Required | Resource |
| Amazon Web Service | No | https://aws.amazon.com/security/penetration-testing/ |
| Azure Cloud | No | https://learn.microsoft.com/en-us/azure/security/fundamentals/pen-testing |
| Google Cloud Platform | No | https://support.google.com/cloud/answer/6262505 |
| Alibaba Cloud | Yes | https://www.alibabacloud.com/help/en/security-control/latest/apply-for-a-penetration-test-license |