Using the Secure DevOps Kit for Azure (AzSK) and Azure Pipelines you can easily run security verification tests on the Azure Resources your application is deployed on to make sure the resources are compliant with the security controls.

Secure DevOps Kit for Azure (AzSK) includes an Azure Resource Template (ARM) checker that you can easily integrate with Azure Pipelines to analyze your ARM templates for security improvements.

Secure DevOps Kit for Azure is an interesting toolkit that originated within Microsoft and now Open Source for the general public to use in their project to maintain security controls across different stages of development.

Creating a custom $(Rev) variable for Azure Pipelines that you have complete control over using Counter Expressions

You can easily implement a build and release pipeline for your open source NuGet packages using Azure Pipelines and streamline the release process for your NuGet packages.

Custom conditions of Azure Pipelines can be used to reuse the build definitions for Pull Request validation.

You can create work items on Azure DevOps directly from Azure Application Insights when you find issues or exceptions in application insights logs.

Azure Resource Manager templates can be used to deploy your Azure Resources automatically following Infrastructure As Code (IaC) practices.

Validating Azure Resource Manager (ARM) templates in your continuous integration pipelines is a best practice that you can easily integration into your DevOps pipelines.

OWASP Zap Attack Proxy Task for Azure DevOps can be used to easily run vulnerability scans on your Web apps and APIs right from Azure Pipelines.

Custom Azure DevOps extensions/build tasks can be created very easily to cater custom scenarios where out of the box tasks or marketplace tasks are not available.

Configuring SSL and a Reverse Proxy to secure the SonarQube server on Microsoft Azure is fairly straight forward. FOllow this guide to understand the steps to do it.

Introducing the Team Project Wikis in Azure DevOps Services that allows your teams to maintain source control based documentation for project work.

SonarQube is an open source code quality analysis tool that can be easily configured on Azure using Virtual Machines and Azure SQL databases.

How to Fix the issue “Invalid input 'WebApplication.csproj'. The file type was not recognized.” Error in Azure DevOps