Azure DevOps

Azure DevOps recorded 74 incidents in H1 2025, including a 159-hour performance degradation affecting Managed DevOps Pools. Multiple components (Pipelines, Boards, Repos, Test Plans) can be simultaneously affected, causing multi-day delays in builds and deployments.

Azure DevOps discovered multiple critical vulnerabilities including SSRF and CRLF injection flaws in endpointproxy and Service Hooks components, allowing DNS rebinding attacks and unauthorized access to internal services with risks of data leakage and token theft.

Companies struggle with prolonged CI/CD tool migrations, often running legacy pipelines (Jenkins, Azure DevOps) alongside new ones (GitHub Actions, GitLab CI) for extended periods. The time investment required to set up and migrate pipelines is so significant that some organizations abandon migration plans entirely.

Implementing solid CI/CD pipelines in Azure DevOps or GitHub Actions is complicated, with frequent failures due to build agent issues, variable management problems, and incorrect pipeline permissions.

Developers struggle with slow feedback from CI/CD pipelines and flaky releases, requiring better monitoring, notification systems, and manual approval strategies.

Manual deployment and testing processes create significant overhead, slow release cycles, and increase error rates. Automation is critical but often difficult to implement in Azure environments.

Azure DevOps Server requires significant infrastructure setup and operational overhead, particularly for smaller teams. It has limited scalability for large projects compared to Azure DevOps Services (cloud version).

DevOps and CI/CD transformation efforts often lack backing from senior management, making it difficult to secure resources, establish governance, and drive organizational adoption.