[Owasp-leaders] Pentesting Google Cloud

Fabio Cerullo fcerullo at owasp.org
Thu Oct 9 11:48:41 UTC 2014


Thanks but the Google Bug Bounty program does not apply for apps developed
by third parties.

If I upload an app to Google Cloud, I want to make sure all formal
processes are followed before attempting to pentest it. Amazon is quite
clear about the process as stated below, I'm just searching for same
process at Google.

Regards
Fabio

On Thu, Oct 9, 2014 at 12:37 PM, Jim Manico <jim.manico at owasp.org> wrote:

> Google has a bug bounty program with extensive rules of play.
>
> http://www.google.com/about/appsecurity/reward-program/
>
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Oct 9, 2014, at 7:34 AM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
> hi there,
>
> As you might know, Amazon requires anyone who wants to perform a pentest
> of an app hosted on their AWS to submit a pentest request form:
>
> http://aws.amazon.com/security/penetration-testing/
>
> However, I cannot find a similar process for Google Cloud Services.
>
> Any pointers are really appreciated.
>
> Thanks
> Fabio
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141009/b8e0e295/attachment.html>


More information about the OWASP-Leaders mailing list