How to prevent azure pipelines (yaml) from being used as an attack vector?
Let’s say the following scenario exists:
A git repository exists on Azure DevOps Repos.
The repository uses yaml pipelines (azure-pipelines.yml).
The repository has branch policies to ensure that changes go through pull requests.
The bui… Continue reading How to prevent azure pipelines (yaml) from being used as an attack vector?