It is allowed for external parties to perform a security scan or penetration test on one or more of your VPS-services. This test is only allowed to have impact on the VPS that is being tested.
Checking for and trying to abuse specific (possible) exploits on your VPS is no problem, as long as it doesn't have impact on other customers using the same physical hardware. Should the test however have an impact on other VPSs on the same underlying hypervisor (e.g. if you simulate a DDoS attack), we will be forced to take action.