Pen Testing Microsoft Services

Two critical links to get you started in understanding the penetration testing opportunity for Microsoft services.

The first describes the unified rules (“Rules of Engagement”) for customers wishing to perform penetration tests against their Microsoft Cloud (defined below) components. What you can do, and how to start.

https://www.microsoft.com/en-us/msrc/pentest-rules-of-engagement?fbclid=IwAR3P33Gf76GAhD6cdGsJjZHptLvdLIybAVak-INkPZFXPdY6J2NSb2cm4Zs

The second link is part of Office 365 Threat Intelligence services and describes the Attack Simulator which can be used to run realistic attack scenarios in your organization. This can help you identify and find vulnerable users before a real attack impacts your bottom line.

https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator?fbclid=IwAR3l8A-M8pWNnKvu-OmQhiUC8K_3VIJ5HOUUuhlGP4bxpmzgMXbfwkwi3