Project Limit in Azure DevOps
There is no limit on the organization creation or project creation in Azure DevOps. As an Org admin, you can create as many as projects within Azure DevOps. I have been part of Azure...
Category: AzureDevOps Admin
Restrict users from creating Azure DevOps organization
By Default Azure Active directory doesn’t restrict their users from creating their own organizations. This is a kind of security risk which would allow anyone to create their own organizations and siphon of the...
Azure DevOps & Visual Studio Subscribers
As you know Azure DevOps has 3 access levels and they are Stakeholder, Basic and Visual Studio Subscriber. Anyone can be added as Stakeholder and it’s free of cost. Same is the case with...
Update Project Visibility in Azure DevOps
A Project can be either a private or public project in Azure DevOps. Since Azure DevOps is mostly used by enterprise organization, the best security practice is to change the project visibility to all...
Find Organization Name/Owner in Azure DevOps
Organization name is name of the Azure DevOps Organization which can be easily found from the url of an Azure DevOps organization, if the Organization has a url like https://dev.azure.com/TestDevSecOps, then the organization name...
Secrets Scanning in Azure DevOps Repositories
Sometimes Developers might be checking in secrets like passwords, usernames, API keys, client secrets, service principal and passwords into repositories. And it becomes necessary for us to detect them as having secrets like those...
How to check for TLS1.2 Readiness on Azure DevOps Build/Release agents (Self hosted agents)
Microsoft has recently announced that all connections to Azure DevOps would be switched to TLS 1.2 from older versions like TLS1.0, TLS1.1 which are not more secure when compared with TLS1.2, so let us...
Restricting Maximum Personal Access Token Lifespan
Personal Access Tokens (PAT) can be created with a maximum lifespan of 1 year. Though this would prevent users from refreshing the PAT token everynow and then, from a security perspective this is a...
Restrict full-scoped personal access token creation in Azure DevOps
Right now a PAT (Personal Access Token) can be created for all the scopes like Work items, Repositories, Build and release pipelines which literally gives unrestricted access to any PAT token created with all...
Restricting Global access PAT token creation | Azure DevOps
Right now a PAT (Personal Access Token) can be created for a single organization or for all the organizations that are under the specific Azure Active directory. This can be restricted by enabling this...
