Objective
Notifying Indeavor’s Information Security and DevOps teams, so the scan is not treated like a security attack for which the corporate incident response procedure will be followed.
Security Testing Guidelines
1. Request must be at least 5 business days prior to the scan.
2. Scans must be performed during non-business hours.
3. Stress testing, Denial of Service (DOS/DDOS), Port/Protocol flooding are strictly
prohibited activities.
4. Any critical finding must be communicated immediately to Indeavor within the created ticket.
Request
If planning on doing a scan, please open a ticket with the following information at support@indeavor.com:
- Security Contact
- Email:
- Position:
- Phone Number:
- Scope/Rules of Engagement
- Scanning endpoints:
- URLs
- Scan Type: <unauthenticated or authenticated, port scan, web scan>
- Scan origin: exact utilized scanning IP address range(s):
- Scan timeframe(s):
- Scan User: <user used in the security scan>
Important Information:
- Any scans outside of declared timeframes are prohibited
and will be terminated.