Run an Azure Cloud Pentest¶

This page covers how to configure, monitor, review, and act on Azure Cloud pentests.

Navigate to Pentest Configuration Form¶

After creating an Azure connection, you can navigate directly to the configuration form for an Azure Cloud Pentest.

The Run Pentest button appears once the connection is verified when creating an Azure connection.

Otherwise, from the Pentests page, click + Run Pentest, then select the Azure Cloud Pentest (within the Infrastructure Attack Surface category).

Configure the Pentest¶

Name and Template¶

Name your pentest. Then, if using a template other than the default, select the template you need.

Deployment Options¶

Next, select the tenant and subscription to test on. After you make your selection, NodeZero will enumerate subnets that have space to deploy a VM, along with the available roles for the selected subscription. Once enumeration is finished, select the subnet and role to test with.

For role selection, you’ll typically see built‑in Azure roles such as Reader, Contributor, and Virtual Machine Contributor.

Reader provides read‑only visibility into resources, and is useful for identity- and configuration-focused tests.
Contributor can create and modify most resources in a subscription, and enables deeper gray‑box testing, including provisioning infrastructure where needed.
Virtual Machine Contributor focuses on managing virtual machines and related resources, and is often used when the test is primarily about compute deployment and VM‑level attack paths.

When you submit the form, NodeZero will validate that the selected subnet does not have a network security group (NSG) that blocks outbound traffic, and that your Azure account has sufficient VM quota to launch the test.

Set Up Rest of Pentest¶

Fill out the rest of the pentest config form. For details on the individual sections, check out Run an Internal Pentest.

Review and Run Pentest¶

Once you’ve finalized your pentest selections, confirm your review of all advanced configuration settings by checking the designated box.

Finally, click Run Pentest to initiate the Azure Cloud pentest.

Monitor in Real Time¶

Click Real-Time View to track the progress of the pentest, watch identified vulnerabilities, and gain instant feedback on any issues that arise.

Review Test Results¶

After the pentest is complete, review the findings to identify vulnerabilities, misconfigurations, and potential attack vectors.

Take Action¶

Prioritize and address the vulnerabilities identified during the pentest. NodeZero provides recommendations and remediation steps to help you secure your environment.

Congratulations!¶

You've successfully run an Azure Cloud Pentest with NodeZero. You're now ready to assess and improve the security of your Azure Cloud environments. Continue exploring NodeZero for further guidance and advanced features to stay ahead of potential threats.

Next Steps

Go to Portal home

Go to Test Types