DO Ideas 2

Penetration test approval form

Using VM's to do penetration testing is a need that some people have. I would like to suggest a form to be issued to the support / security department. The form is to be filled out by the penetration tester and the the target of the test (provided they are both DO customers). Both would filled out the form with necessary information, target droplet, attack droplet, time frame, and also consent to do the test. This will prevent a long string of emails and prevent false positive abuse flagging. It can be signed digitally from the respective users control panel and verified with 2 factor authentication. Then approved by a Digital Ocean employee.

  • Anonymous
  • Sep 11 2018
  • Will not implement
  • Sep 11, 2018

    Admin Response

    We've had requests like this in past from customers that are using droplets for specific purposes that are legitimate but may be misconstrued otherwise, in each case we ask that they contact our customer support team and start the dialogue there. Thanks, Moisey
  • Attach files