Certified Security - Specialty

Sign Up Free or Log In to participate!

Pen Testing Can only be carried out on certain services

considering pen testing can only be carried out on certain services, it is probably important to now which services exactly.

Please specify important facts and not ‘etc’ it like in the slides where it was mentioned as;

EC2, Lambda, RDS, Aurora, CloudFront, API Gateway, etc..

Here is the current as of writing;


Our policy only permits testing of the following resources:





API Gateway



DNS Zone Walking

At this time, our policy does not permit testing small or micro RDS instance types. Testing of m1.small, t1.micro or t2.nano EC2 instance types is not permitted. This is to prevent potential adverse performance impacts on resources that may be shared with other customers.

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?