Anonymous access to pipeline badges.

Why This Matters

Anonymous access to pipeline badges in Azure DevOps can expose sensitive build and release information to anyone without authentication. This creates an information disclosure risk where external parties can view pipeline status, commit details, and other metadata that may aid in targeting your organization. IT administrators should disable anonymous access to maintain control over who can view pipeline activity.

What Aether365 Checks

Aether365 scans your Microsoft 365 environment (under the microsoft-365 checks section in the dashboard) to verify whether anonymous access is enabled for pipeline badges. The check returns a Medium severity alert if anonymous access is allowed.