(Archived) How to request a vulnerability / penetration test
You have tried to access an archived page. Please go to the new https://root360.atlassian.net/wiki/spaces/KB to find more documents.
Requirement to announce any penetration or vulnerability test
In order to prevent outage and security alerts caused by a penetration or vulnerability test, you should announce this kind of automated test to root360. Please note that only tests are allowed which are compliant to the AWS acceptable use policy and AWS penetration tests rules. Currently you can perform security assessments or penetration tests against AWS infrastructure used by you without prior approval for 8 services.
Permitted Services:
Amazon EC2 Instances, NAT Gateways and Elastic Load Balancers
Amazon RDS
Amazon CloudFront
Amazon Aurora
Amazon API Gateways
AWS Lambda- and Lambda Edge functions
Amazon Lightsail ressources
Amazon Elastic Beanstalk environments
Prohibited Activities – The following activities are prohibited at this time:
DNS zone walking via Amazon Route 53 Hosted Zones
Denial of Service (DoS), Distributed Denial of Service (DDoS), Simulated DoS, Simulated DDoS
Port flooding
Protocol flooding
Request flooding (login request flooding, API request flooding)
Please send the following information to support@root360.de:
Contact
Public IP(s) from which the test will be performed
Services to be tested
Type of test
Test period
root360 Knowledge Base - This portal is hosted by Atlassian (atlassian.com | Privacy Policy)