| ▲ | alchemism 2 hours ago | |
I’m fairly certain you are supposed to contact any vendor before attempting to penetrate hosts with authorization, not the other way around. | ||
| ▲ | coredog64 an hour ago | parent [-] | |
Having done this for both Azure and AWS, there's a specific ticket that needs to be filed with each provider that documents the scope of your pen test, where you're coming from, and a time frame over which you're doing it (which ISTR was "not more than 24 hours") | ||