I’m fairly certain you are supposed to contact any vendor before attempting to p... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		alchemism 13 days ago \| parent \| context \| favorite \| on: Incident Report: Railway Blocked by Google Cloud [... I’m fairly certain you are supposed to contact any vendor before attempting to penetrate hosts with authorization, not the other way around.

		help

coredog64 13 days ago [–]

Having done this for both Azure and AWS, there's a specific ticket that needs to be filed with each provider that documents the scope of your pen test, where you're coming from, and a time frame over which you're doing it (which ISTR was "not more than 24 hours")

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact