Objective
Notifying Indeavor’s Information Security and DevOps teams, so the scan is not treated like a security attack for which the corporate incident response procedure will be followed.
Security Testing Guidelines
1. Request must be at least 5 business days prior to the scan
2. Scans must be performed during non-business hours
3. Stress testing, Denial of Service (DOS/DDOS), Port/Protocol flooding are strictly
prohibited activities
4. Any critical finding must be communicated immediately
Request
If planning on doing a scan, please open a ticket with the following information at support@indeavor.com:
- Security Contact
- Email:
- Position:
- Phone Number:
- Scope/Rules of Engagement
- Scanning endpoints:
- URLs
- Scan Type: <unauthenticated or authenticated, port scan, web scan>
- Scan origin: exact utilized scanning IP address range(s):
- Scan timeframe(s):
Any scan attempt outside of declared timeframes is prohibited and will
be terminated