Did you ever make a typo when importing a PowerShell module? What if an attacker uploaded a module with that name to the PSGallery? Maybe you are using a malicious version of the Connect-AzAccount cmdlet without knowing it. To increase the security of your development environment you can create an internal artifact feed with Azure DevOps. There you can easily mirror packages from the PSGallery in a controlled manner. You can even make sure only specific versions are allowed. This would allow you to test a version before allowing it into the production environment. In this talk you will learn how to set up such a gallery and how to use it in PowerShell. You will also learn how to use this gallery to host PowerShell modules internally. So join the talk and learn how to protect your code supply chain!

More information