Penetration test authorization
If you plan to perform a penetration test on your customer applications, please send the following information to cloud.gov support at least a week ahead of your planned test:
* Source IPs (for testers and their tools): * Start date: * End date: * Estimated bandwidth:
This will enable us to submit a penetration test authorization request to Amazon Web Services on your behalf.
This request is only necessary for in-depth security testing, which is a common step in agency ATO processes for customer systems. You can always run routine vulnerability scans on your own applications without special authorization.