PreEmptive logo

Automating and Scaling App Protection with Azure Devops

Prevention, Detection, and Response

Today, Microsoft announced Azure DevOps—Loosely, it is TFS and VSTS, with its services broken out into distinct components that can be used together or separately. The Azure DevOps services are Azure Boards, Azure Repos, Azure Pipelines, Azure Test Plans, and Azure Artifacts. When Azure DevOps was VSTS and TFS, we supported integration with PreEmptive’s Dotfuscator. Today, none of that changes. As Azure DevOps evolves, we will continue to improve our integration so that you can easily add multi-layered protection to your valuable apps. 

Buck Hodges, Director of Engineering for Visual Studio Team Services, stressed the importance of preventing and “assuming breaches ” in the mindset shift to a DevSecOps culture. In essence, prevention only gets you part of the way there. “Assuming a breach” allows for effective incident detection, response, and recovery process planning.

PreEmptive’s protection tools (Dotfuscator and DashO) easily integrate with your Azure DevOps process, hardening your applications by injecting controls such as:

  • Anti-Reverse Engineering
  • Anti-Tampering
  • Anti-Inspection
  • Anti-Compromised Device

Hardened applications can respond to attacks by executing standard or customized behaviors. For example, an application could simply exit or send security-related messages to an Azure analytics platform such as Visual Studio App Center. In addition to helping satisfy PCI, NIST, and other guidelines, this strategy also aligns with the OWASP mobile recommendation to shut down an app running on a rooted device to prevent compromise.

Screen Shot 2020 10 29 at 10.34.31 AM

For sensitive or high-value applications, organizations in virtually every industry are incorporating application hardening and obfuscation into their DevOps process. This, along with other application security practices, can create a DevSecOps process. I will have a future blog with more information on DevSecOps.

What Now?

Learn more about securing and protecting your mobile, service, and desktop components with PreEmptive Protection and Azure DevOps, and get a free evaluation of application protection here.

In addition, a free tool called Dotfuscator Community is included in Visual Studio. It is easy to add to your Azure DevOps process via a free extension available here: https://marketplace.visualstudio.com/items?itemName=PreEmptiveSolutions.dotfuscator-ce-vsts

PreEmptive Solutions is committed to deepening and broadening its integration into Azure DevOps alongside other Azure DevOps partners such as Mobilize and Progress.

To learn more about #AzureDevOps, please visit https://aka.ms/azurevsts.

In This Article:

Try a Free Trial of PreEmptive Today!