Microsoft tightening Azure security with “granular” permissions

All of Azure DevOps REST APIs are now getting granular Personal Access Tokens (PAT). The goal of the change, which was met with glee in the cybersecurity community, is to minimize the potential damage of a leaked PAT credential. Announcing the news via an Azure DevOps blogpost, product manager Barry Wolfson said that prior to the change, there was a ‘significant security risk to organizations, given the potential to access source code, production infrastructure, and other valuable assets.

Read more