Skip to main content
All CollectionsIntegrations
Connecting Azure Boards (DevOps) to Drata
Connecting Azure Boards (DevOps) to Drata

Making the initial connection to Azure Boards (DevOps)

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago


Connecting Azure Boards (DevOps) to Drata allows for the automated checks and evidence collection to prove to auditors that your company follows its vulnerability management policy and procedures.


Be signed into Microsoft 365 already and or you will be prompted to do so upon connection from Drata. The required Access Level to connect to Azure Boards (DevOps) is "Admin".


Follow these instructions to connect Azure Boards (DevOps) to Drata:

1. Select 'Connections' on the side navigation menu.

2. Select the 'Available connections' tab and then search for 'azure boards (DevOps)' to select the connect button for the Azure Boards (DevOps) integration.

3. Follow the instructions in the connection drawer.

  • To use 'Security' as the security label within Azure Boards (DevOps) to categorize tickets as security issues, enter 'Security' in the 'Security Label' field within the connection drawer.


For every project, we scan all work items that are not of the following work item types:

  • Code Review Request

  • Code Review Response

  • Epic

  • Feature

  • Feedback Request

  • Feedback Response

  • Shared Step

  • Test Case

  • Test Plan

  • Test Suite

  • Shared Parameter

In addition, we scan all work items that are not in the following states:

  • Closed

  • Removed

  • Resolved

This means that we will scan custom work items you create.

For every work item that is valid, we will check for the provided security tag.

  • If there is no tag, we ignore the work item.

  • If there is a security tag and someone assigned as an owner, we ignore it.

  • If there is no one assigned, the ticket will be added to the list of failed items for the Security Issues are Prioritized test.

Did this answer your question?