As an Enterprise Customer, you can perform penetration tests and vulnerability scans, as long as they are limited to your own cloud infrastructure. To avoid having these tests blocked by our protection mechanisms, OutSystems requests customers to submit a penetration test/vulnerability scan inquiry.
Performing Scans in your OutSystems PaaS Infrastructure
To perform penetration tests and vulnerability scans, you must request authorization from OutSystems at least 5 business days before the start date, for each test.
You should reach out to OutSystems Support and provide the following information in the support ticket:
- Contact Information - Single point-of-contact managing the scans. Please provide:
- Contact name
- Phone number
- Email address
- Scanning IP addresses (Source) - The IP addresses that will be scanning the infrastructure.
- Environment(s) - Environment name(s) / endpoint(s) that will be scanned
- Dates and time zone for the tests:
- Start Date and Time (YYYY-MM-DD HH:MM UTC)
- End Date and Time (YYYY-MM-DD HH:MM UTC)
Please note that we will require all above-mentioned information (points 1. to 4.) to approve your request.
Also, in case you need to change anything after your initial request, it will take an additional 2 business days to provide confirmation.