Document Cloud Provider Abuse Reporting Procedures
Each cloud provider we use should have a well documented abuse escalation path. Ultimately, the escalation and any follow-up tasks might be the responsibility of our @gitlab-com/gl-security/abuse-team, but SRE should have documentation in our on-call runbooks with our own procedures–and links point at the Abuse Team's escalation path and procedures.
-
GCP -
AWS -
Azure -
Digital Ocean -
Cloudflare
Edited by Dave Smith