![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 4%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
Hello, @59315168 !
Can I perform penetration/red team exercises on Azure using a VM?
This is an area where it's critical to review the current requirements as some tests are currently allowed under specific conditions however other tests are strictly prohibited such as performing a Denial of Service (DoS) attack. These are the resources you'll need:
- Penetration Testing Rules of Engagement: This is referenced on almost all related documentation and should be the first place you check for penetration testing.
- Microsoft Cloud Red Teaming: Informational PDF that includes the red team's code of conduct.
- Penetration testing: Documentation that covers basic dos and don'ts including standard tests, approved testing partners, tests that you are not allowed to perform.
- Recommendations for security testing: Includes some useful links for red team attack scenarios.
- Security Control: Penetration Tests and Red Team Exercises: Reference to links already covered.
I hope this has been helpful! Your feedback is important so please take a moment to accept answers.
If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!