How to ensure azure DevOps pipelines agents are malware protected?

Question

As I am using Azure Pipelines for building my project on agents managed by Microsoft. And now I want to make sure these agents are malware protected.

I assume they are already malware protected, as Microsoft manages them.

But I am looking for "Evidence" to support my assumption.

Any documentation link or some way to get evidence

Did you look at the agent documentation? Microsoft explains how the agents are built, run, and sandboxed. — Daniel Mann, Mar 29 '23 at 13:40

score 0 · Accepted Answer · answered Mar 29 '23 at 19:57

0

Probably look at the security section for the Microsoft-hosted agents

answered Mar 29 '23 at 19:57

Sibtain

1

Even though this doesn't provide me evidence that it's malware protected. It helped me to understand that they are not malware protected. and need to use CIS hardened images in self hosted agents to make it more secure. – AndroidDev Mar 30 '23 at 19:40

1 Answers1