Configure a project and repository structure to support secure pipelines

• Separate a project into team projects and repositories.
• Separate secure files between projects.
• Move the security repository away from a project.
• Assign project and repository permissions.
• Organize a project and repository structure.

Manage identity for projects, pipelines, and agents

• Configure a Microsoft-hosted pool.
• Configure agents for projects.
• Configure agent identities.
• Configure the scope of a service connection.
• Convert to a managed identity in Azure DevOps.

Configure secure access to pipeline resources

• Identify and mitigate common security threats.
• Configure pipeline access to specific agent pools.
• Manage secret variables and variable groups.
• Secure files and storage.
• Configure service connections.
• Manage environments.
• Secure repositories.

Configure and validate permissions

• Configure and validate user permissions.
• Configure and validate pipeline permissions.
• Configure and validate approval and branch checks.
• Manage and audit permissions in Azure DevOps.

Extend a pipeline to use multiple templates

• Create nested templates.
• Rewrite the main deployment pipeline.
• Configure the pipeline and the application to use tokenization.
• Remove plain text secrets.
• Restrict agent logging.
• Identify and conditionally remove script tasks in Azure DevOps.