Azure DevOps Blog

DevOps, Git, and Agile updates from the team building Azure DevOps

AzureFunBytes Episode 56 – Secretless Applications with @ChristosMatskas

September 21, 2021 Sep 21, 2021 09/21/21

Jay Gordon

Secretless application development strives to solve some important problems, like preventing your credentials from being leaked. If you are seeing connection strings, usernames or passwords in log files, you're adding to your risk profile.

AzureFunBytes Episode 42 – Hybrid Cloud on Azure with @ThomasMaurer

June 8, 2021 Jun 8, 2021 06/8/21

Jay Gordon

This week my guest was Senior Cloud Advocate Thomas Maurer . We dove into the world of hybrid cloud ! Not every application is born in the cloud, but they can certainly interact with it. A hybrid cloud is a type of cloud computing that combines on-premises infrastructure—or a private cloud—with a public cloud.

New policies to restrict personal access token scope and lifespan

June 3, 2021 Jun 3, 2021 06/3/21

pazand

Azure DevOps Administrators can now define a maximum lifespan for personal access tokens (PATs) and restrict the creation of global and full-scoped personal access tokens (PATs). These policies will affect all users and Azure DevOps organizations linked to the Azure AD tenant.

AzureFunBytes – Microsoft Identity with Christos Matskas!

May 11, 2021 May 11, 2021 05/11/21

Jay Gordon

This week I welcomed [Christos Matskas](https://twitter.com/ChristosMatskas), Program Manager at Microsoft, to the show. We have discussed Identity before, but we'll get a great look into [authentication, authorization](https://cda.ms/24G), and [Azure AD](https://cda.ms/24F). Christos helps us understand how we can bridge the gap between our

Intro to Service Principals with Peter De Tender

March 29, 2021 Mar 29, 2021 03/29/21

Jay Gordon

AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. It's a chance for me to understand more about what people across the Azure organization do and how they do it. Every week we get together at 11AM Pacific on Microsoft LearnTV and learn more about Azure. This time Microsoft Technical ...

Demystifying Service Principals – Managed Identities

January 28, 2021 Jan 28, 2021 01/28/21

Peter De Tender

This article will describe the use case and core differences between Service Principal and Managed Identities, using Key Vault and other Azure services as an example

Azure DevOps Shorts: Azure Sentinel and AKS

December 9, 2020 Dec 9, 2020 12/9/20

Jay Gordon

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hun

Supporting SHA-2 algorithm in SSH on Azure DevOps

March 18, 2020 Mar 18, 2020 03/18/20

Jimson Chalissery [MSFT]

With the release of OpenSSH 8.2 last month, connections to SSH servers using SHA-1 was disabled by default in the OpenSSH client. We understand that this move helps improve the security of SSH connections, by encouraging all users to adopt the SHA-2 class of algorithms, generally considered safer. However, this resulted in OpenSSH users not ...

Update: Support for TLS 1.0/1.1 in Azure DevOps Services Extended

March 6, 2020 Mar 6, 2020 03/6/20

Justin Chung

Unlike previously announced, we will not temporarily or permanently disable TLS 1.0 and TLS 1.1 in Azure DevOps Services until further notice.

Azure DevOps Services to require TLS 1.2 (Updated)

February 27, 2020 Feb 27, 2020 02/27/20

Justin Chung

UPDATE: Based on customers' feedback, we have decided to postpone this change. We will not disable TLS 1.0/1.1 support for Azure DevOps Services until further notice.

Azure DevOps Blog

Security - Azure DevOps Blog