If you want to perform an Alert Logic® vulnerability scan in Amazon Web Services (AWS), complete and submit the AWS Vulnerability / Penetration Testing Request form. When planning and submitting this request, keep in mind the following:
- Amazon policy only permits testing of EC2 and RDS instances that you own. Tests against any other AWS services or AWS-owned resources are prohibited.
- Amazon policy does not permit testing small or micro RDS instance types. Testing of m1.small, t1.micro, or t2.nano EC2 instance types is not permitted. This is to prevent potential adverse performance impacts on resources that may be shared with other customers.
- When completing the form, you can enter VPC IDs instead of IP addresses for both the source and destination IP addresses. Entering VPC IDs is equally efficient for AWS and more flexible for you, because IP addresses often change in AWS.
- Alert Logic recommends requesting a full 90-day scan window to minimize the number of requests that need to be submitted each year.
- AWS approval can take up to 2 business days.
Alert Logic requirements for scanning in AWS can be found in the What does Alert Logic need to perform a scan in Amazon Web Services? knowledge base article.
More information on vulnerability and penetration testing from AWS can be found here: https://aws.amazon.com/security/penetration-testing/