Avoid privilege escalation of pipelines in Azure DevOps!

Automated deployment of cloud infrastructure by using Azure Pipelines and definition of "infrastructure as code" in Azure Repos has become popular in many organization.

But this also requires to implement security and compliance settings to protect privileged assets which will be used to automate your cloud environment.

Security considerations, such as privilege escalation paths, needs to be considered across various related RBAC systems in Azure AD, Azure and Azure DevOps.

In my session I will speak about security considerations and solution approaches from my research work. This includes answers to the following questions:

- Which key points should be considered to secure and manage privileged access to Azure DevOps organization?
- How can I prevent and detect abuse of service principals and connections in privileged pipelines?
- Which aspects should be considered in securing privileged Azure DevOps release pipelines?
- What benefits offers the usage of self-hosted agent for isolation and security in Azure Resource deployment?

Thomas Naunheim

Microsoft MVP | Cyber Security Architect @glueckkanja AG

Koblenz, Germany


Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top