Azure DevOps

Palisade in Azure DevOps Pipelines

Palisade is available as an Azure DevOps Pipeline Task, enabling seamless integration of automated model security scanning into CI/CD workflows.

Security checks run alongside your builds and artifacts, ensuring consistent and repeatable model validation across projects — without additional infrastructure or custom scripting.

Why Azure DevOps Marketplace Matters

GitHub Actions is the backbone of modern CI/CD. By publishing Palisade on the Marketplace, teams can:

• Add model security scanning with a single workflow step.

• Keep security checks close to code and artifacts.

• Enforce consistent model validation across repositories.

• Avoid custom CI glue or bespoke scripts.

No new infrastructure. No additional services.

Key Features in the pipeline

• Blazing Fast – Scan 70B+ parameter models without OOM, powered by a Rust core.

• Pickle RCE Protection – Prevents unsafe deserialization exploits.

• Native CI/CD Integration – Drop‑in Action for GitHub workflows.

• Behavioral Detection (BETA) – Identifies fine-tuning attacks missed by static analysis.

• Supply Chain Verification – Sigstore signatures, SLSA provenance, ML BOM generation.

• Multiple Output Formats – Plain text, JSON, and SARIF for enterprise tooling & Code Scanning.

How to use in pipelines

Add the Palisade task to your YAML pipeline:

Replace <path-to-model> with the directory containing your model or artifact.

Results can be emitted in plain text, JSON, or SARIF 2.1.0.

Learn More & Get Started

• README: Palisade-Repository

• Marketplace: Palisade Security Scan