Azure DevOps Blog

DevOps, Git, and Agile updates from the team building Azure DevOps

August 2020 - Azure DevOps Blog

Let’s Hack a Pipeline: Shared Infrastructure

August 27, 2020 Aug 27, 2020 08/27/20
Matt Cooper
Welcome back to Let's Hack a Pipeline. We've seen argument injection and source code stealing. This week, we'll wrap up the miniseries with Episode III: a Shared Infrastructure attack. One more time: security is a shared responsibility. The purpose of this series is to showcase some potential pitfalls to help you avoid them. The setup Let's...

Let’s Hack a Pipeline: Stealing Another Repo

August 25, 2020 Aug 25, 2020 08/25/20
Matt Cooper
We're back with another Let's Hack a Pipeline. Last time, we saw how to create - and prevent - argument injection. In this episode, we'll look at how a malicious user could access source code they shouldn't see. Welcome to Episode II: Stealing Another Repo. (Episode III is now available, too!) As I said before: security is a shared ...

Let’s Hack a Pipeline: Argument Injection

August 21, 2020 Aug 21, 2020 08/21/20
Matt Cooper
Welcome to Let's Hack a Pipeline! In this series of posts, we'll walk through some common security pitfalls when setting up Azure Pipelines. We don't really want to get hacked, so we'll also show off the mitigation. Episode I is titled Argument Injection. Episode II and Episode III are now also available. Preface on security A quick note ...

New in Azure Boards Sprint 174

August 17, 2020 Aug 17, 2020 08/17/20
Dan Hellem
The Azure Boards team has been hard at work fixing bugs and shipping new features. We have a few features that are now generally available as well as few public preview features. Check out all of the Azure Boards Sprint 174 goodies