Showing results for Security - Azure DevOps Blog

After announcing the release of Managed Identity and Service Principal support in public preview last March, we were overcome by the positive response many of you had. We’re grateful to those who have taken the time to implement a managed identity within your apps and tools. With your help, we’ve collected valuable feature feedback and resolved som...

We’re excited to announce that GitHub Advanced Security for Azure DevOps is now generally available and is ready for you to use in your own Azure DevOps repos! You can now enable code, secret, and dependency scanning within Azure Repos and take advantage of the new product updates. Learn how to enable Advanced Security in your Azure Repos > Thank...

In October of last year we announced that GitHub Advanced Security was coming to Azure DevOps, starting with a private preview in November. Since then, we’ve been working hard on the product and incorporating feedback from our private preview customers. Today, we are excited to announce that GitHub Advanced Security for Azure DevOps is available to...

We are pleased to announce that Azure DevOps has successfully passed the ISO 26262 ASIL D certification, the highest level of Functional Safety management process, by TÜV SUD, an international independent third-party testing and certification company. This certification demonstrates Microsoft's commitment to providing our Automotive customers with ...

Yesterday we published an updated list of features we plan to deliver in Q2. Each title includes a link where you can find details about each feature. We expect that this will help bring visibility into the key investments for the upcoming quarter. GitHub Advanced Security We are very excited to announce that GitHub Advanced Security for Azure De...

We are proud to announce that Service Principals and Managed Identities can now be used to authenticate with Azure DevOps. For those who have not heard of them before, these Azure Active Directory identities enable teams to gain access to your Azure DevOps organizations acting as their own application, not as a human user or service account. Why...

The Microsoft.VisualStudio.Services.InteractiveClient library is a public NuGet package that takes care of authenticating to Azure DevOps Services. It abstracts away the acquisition, management and refreshing of authentication tokens, so developers can focus on their goals and stay productive. Historically, the interactive client library has been ...

Recently, the Azure DevOps team completed an initiative to associate all Azure DevOps REST APIs with a granular personal access token (PAT) scope. As part of our ongoing investments in security, we undertook this effort to reduce the risks associated with a leaked PAT credential. Previously, a number of Azure DevOps REST APIs were not associated wi...

Exciting things are in store for Azure DevOps in the coming year! We’re planning deep investments in security as well as broad investment across the product. Read on for more information, and then be sure to check out our updated roadmap at https://aka.ms/AzureDevOpsRoadmap. Deep investments in security First, we are super excited about bringing ...

We have gotten a lot of feedback on this change and after internal deliberation, we are now rolling back this change ASAP. Final Update as of 5/19/22 @ 10:08 AM PST: Again, I am deeply sorry for the inconvenience and disruption this has caused. We remain deeply committed to making sure our customers have a first-class experience using Azure ...