Systems and methods for verifying a firewall for a cloud provider. The method includes receiving by a timelord module configured with access to a plurality of HTTP attacks that incorporate random tokens, an updated policy ok signal that was generated by an external element. The timelord module responds by (a) loading a first HTTP attack with a first expected response that is either forbidden or accepted, the first HTTP attack including the random tokens in a form of a header key value parameter; (b) sending the first HTTP attack to the firewall; (c) comparing a response from the firewall to the first HTTP attack with the first expected response; and (d) incrementing the first HTTP attack and repeating (a)-(c) until the plurality of HTTP attacks has been sent; and deleting the random tokens after the plurality of HTTP attacks have been sent.