At least one Conditional Access policy explicitly includes Azure DevOps.
Why This Matters
Conditional Access policies are a core defense for controlling access to cloud resources. Without a policy explicitly including Azure DevOps, this service may lack critical security controls such as multi-factor authentication or device compliance checks. Administrators should ensure Azure DevOps is covered to prevent unauthorized access to code repositories, build pipelines, and project management data.
What Aether365 Checks
This verification scans your Microsoft 365 tenant for at least one Conditional Access policy that explicitly includes the Azure DevOps cloud app. It appears in the Aether365 dashboard under microsoft-365 checks with a Medium severity rating.