[FIXED] How does Visual Studio Team Services Transport Secret Variables?

Issue

We are currently in the process of evaluating Visual Studio Team Services (VSTS) release management as our continuous deployment (CD) tool. My System Administrators are not crazy about storing any kind of password or secret in VSTS or any other CD tool without having a good understanding of what security is being used. I have already found documentation that describes how VSTS stores Secret Variables at rest, but what I can not find is documentation that describes what security VSTS uses to transports Secret Variables to the build/Release Agents. This is important because we will be deploying to on-premises pre-production environments which means the credentials and secrets entered into VSTS will be sent over the internet. So to sum up my question what encryption does VSTS use to communicate with agents.

Documentation on how VSTS secures Secret Variables at rest. https://www.visualstudio.com/en-us/docs/build/define/variables#secret-variables

Solution

It's all standard HTTPS. No special protocols or encryption are involved.

Answered By - Daniel Mann

Answer Checked By - Marilyn (PHPFixing Volunteer)