Aevora

Menu
REQUEST QUOTE

Google Cloud Platform Penetration Test

Scoping - First Phase

The first phase of scoping focuses on gathering enough detail to propose a timeline and quote. It also captures general information about your environment and engagement to support further communication. The second phase covers more specific technical details, such as target lists, test credentials, and other environment-specific requirements. Once both phases are complete, we review all information, provide a summary of work, and proceed to kick-off the engagement.

This form is submitted securely over an encrypted HTTPS connection. Your privacy is important to us. We understand that you may not be ready to answer certain questions without further discussion, or you may not yet have all the necessary details. That’s completely understandable—please complete the required fields and answer the remaining questions as best you can or as you feel comfortable.

When would you like this test to be completed?
Does this engagement have a report deadline?
Are there other services that you would be interested in bundling into this engagement?
Are there any compliance requirements?
Are multiple GCP projects in scope? If so please specify how many.
Is GCP integrated with other cloud providers (e.g., AWS, Azure) or on-prem networks? If so please provide details.
What major GCP services are in use and in scope for testing?
Please include other GCP services not listed above that are used and in scope for testing.
What level of access will be provided for the GCP penetration test?
How is identity managed in GCP?
Are custom IAM roles or organization policies in use?
Are there any web apps or APIs hosted in GCP that are part of the assessment? Aevora will perform limited application security testing if in scope.
Please feel free to include any other details that you would like to share.