OUR AZURE PENETRATION TESTING SERVICES
What is Azure Penetration Testing?
Azure penetration testing is a type of assessment designed to identify and address vulnerabilities within Microsoft Azure infrastructures that could be exploited by hackers. Microsoft provides a number of security measures for experienced users, but it is each user’s responsibility to maintain the stability and security of their environment. Our services allow you to validate that your configurations are secure and determine exactly how your infrastructure may be compromised.
What Can Be Tested in the Microsoft Azure Ecosystem ?
Azure penetration tests differ from typical pentests. Disruptive types of attacks that may, for example, cause a denial of service (DDoS) are strictly prohibited, as they may cause inconveniences for other Azure users. Our experts have designed a comprehensive methodology to test Azure infrastructures that leave no stones unturned, while limiting any potential impact of our tests. Our Azure security tests target various components specific to Microsoft’s infrastructure:

Microsoft Azure

Office 365

Microsoft Intune

Microsoft Dynamics 365

Visual Studio Team Services

Microsoft Accounts
Azure Security Testing Guidelines
Microsoft provides a set of guidelines for azure penetration tests to prevent any potential impact on other users. Here are examples of techniques recommended by Microsoft to test the security of Azure infrastructures:
Attempt to break out of shared service containers
Test the enforcement of security policies
Test security monitoring and detection systems
Create dummy users to test cross-account data access

Microsoft's Shared Responsability Model
Microsoft provides secure tools to build your infrastructure, but it remains your responsibility to manage the security of any cloud-hosted assets.
