Security | Azure DevOps Blog

AzureFunBytes – Microsoft Identity with Christos Matskas!

Jay Gordon May 11, 2021 May 11, 2021 05/11/21

This week I welcomed [Christos Matskas](https://twitter.com/ChristosMatskas), Program Manager at Microsoft, to the show. We have discussed Identity before, but we'll get a great look into [authentication, authorization](https://cda.ms/24G), and [Azure AD](https://cda.ms/24F). Christos helps us understand how we can bridge the gap between our

Intro to Service Principals with Peter De Tender

Jay Gordon March 29, 2021 Mar 29, 2021 03/29/21

AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. It's a chance for me to understand more about what people across the Azure organization do and how they do it. Every week we get together at 11AM Pacific on Microsoft LearnTV and learn more about Azure. This time Microsoft Technical ...

Demystifying Service Principals – Managed Identities

Peter De Tender January 28, 2021 Jan 28, 2021 01/28/21

This article will describe the use case and core differences between Service Principal and Managed Identities, using Key Vault and other Azure services as an example

Azure DevOps Shorts: Azure Sentinel and AKS

Jay Gordon December 9, 2020 Dec 9, 2020 12/9/20

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hun

Supporting SHA-2 algorithm in SSH on Azure DevOps

Jimson Chalissery [MSFT] March 18, 2020 Mar 18, 2020 03/18/20

With the release of OpenSSH 8.2 last month, connections to SSH servers using SHA-1 was disabled by default in the OpenSSH client. We understand that this move helps improve the security of SSH connections, by encouraging all users to adopt the SHA-2 class of algorithms, generally considered safer. However, this resulted in OpenSSH users not ...

Update: Support for TLS 1.0/1.1 in Azure DevOps Services Extended

Justin Chung March 6, 2020 Mar 6, 2020 03/6/20

Unlike previously announced, we will not temporarily or permanently disable TLS 1.0 and TLS 1.1 in Azure DevOps Services until further notice.

Azure DevOps Services to require TLS 1.2 (Updated)

Justin Chung February 27, 2020 Feb 27, 2020 02/27/20

UPDATE: Based on customers' feedback, we have decided to postpone this change. We will not disable TLS 1.0/1.1 support for Azure DevOps Services until further notice.

Secure software supply chain with Azure Pipelines artifact policies

Vishal Jain November 6, 2019 Nov 6, 2019 11/6/19

New preview capabilities for Azure Pipelines let you define artifact policies that are enforced before deploying to critical environments such as production. You will be able to define custom policies that are evaluated against all the deployable artifacts in a given pipeline run and block the deployment if the artifacts don't comply.

Auditing for Azure DevOps is now in Public Preview

Octavio Licea Leon June 26, 2019 Jun 26, 2019 06/26/19

Auditing for Azure DevOps is now available for all organizations as a Public Preview! A new way to monitor activities and changes throughout Azure DevOps organizations.

New IP firewall rules for Azure DevOps Services

Whitney Jenkins May 31, 2019 May 31, 2019 05/31/19

Azure DevOps is currently investing in enhancing its routing structure. As a result of this enhancement, our IP address space will be changing. If you're currently using firewall rules to allow traffic to Azure DevOps, please be sure to update these rules to account for our new IP ranges.

Azure DevOps Blog