Erin Dormier, release manager for Azure DevOps Server 2019, revealed in a blog post the platform is now reaching Release to Web (RTW). “Azure DevOps captures over 15 years of investment and learnings in providing tools to support software development teams. In the last month, over 80,000 internal Microsoft users and thousands of our customers, in teams both small and large, used these services to ship products to you.” Microsoft details the modules available in Azure DevOps:
Azure Pipelines: CI/CD that works with any language, platform, and cloud. Connect to GitHub or any Git repository and deploy continuously. Azure Boards: Powerful work tracking with Kanban boards, backlogs, team dashboards, and custom reporting. Artifacts: Maven, npm, and NuGet package feeds from public and private sources. Azure Repos: Unlimited cloud-hosted private Git repos for your project. Collaborative pull requests, advanced file management, and more. Azure Test Plans: All in one planned and exploratory testing solution.
The core reason driving Microsoft’s creation of Azure DevOps 2019 was to give organizations tools that can be used in their own infrastructure or on the cloud. Because this is a replacement service, customers of Team Foundation Server 2012 and newer version can upgrade to DevOps Server 2019. Current users of VSTS will have their existing projects moved automatically to DevOps. While it is a server service, Microsoft charges customers on a per month basis.
Bug Bounty
Back in January, Microsoft announced a Bug Bounty program for Azure DevOps Server 2019. The discovery of a bug can net a significant amount, with up to $20,000 for a critical Remote Code Execution flaw. Meanwhile, a critical elevation of privilege flaw will net you $8,000. The lowest amount is $500 for a low-quality report of a tampering flaw. “This program will help us provide the highest level of security for our customers, protect customer data, and ensure the availability of Azure DevOps,” said Buck Hodges, director of engineering, Azure Dev Ops, in a blog post. “I’m looking forward to seeing what we learn from working more closely with the security community.”