Tag
azure-pipelines
Safeguard articles tagged "azure-pipelines" — guides, analysis, and best practices for software supply chain and application security.
2 articles
DevSecOps
Azure Pipelines Security: Stop Treating YAML as Config
An Azure Pipeline is a program with attacker-controllable input, not a config file. This guide covers macro injection, task and template pinning, environment approvals, workload identity federation, and adding scanning.
Jul 5, 20266 min read
DevSecOps
How Snyk's Azure Pipelines and Bitbucket Pipelines integr...
Snyk's CLI, Azure Pipelines extension, and Bitbucket pipe handle auth, gating, and reporting differently — here's how each mechanism actually works under the hood.
Aug 15, 20257 min read