The adoption of DevOps platforms like Azure DevOps and GitHub is rapidly accelerating, driven by the persistent demand for faster application delivery and the need for automation. Gartner predicts that by 2027, 80% of organizations will rely on a DevOps platform (up from 25% in 2023) making them the backbone of modern innovation.
These platforms house your organization's most critical intellectual property (IP) and artifacts, including source code, CI/CD and AI/ML pipelines, and Infrastructure as Code (IaC). Any loss, corruption, or even temporary unavailability of this data can halt software development, delay application updates, and put your cloud infrastructure at risk.
In an effort to protect your enterprise from these vulnerabilities, we are excited to announce our latest expansion to Rubrik’s data protection offerings: Rubrik DevOps Protection. Available in December of 2025, the product will launch with support for Microsoft Azure DevOps to help customers enhance their cyber resilience across the software development lifecycle.
Three Critical Gaps: Version History and Manual Scripts Aren't Enough
DevOps platforms face an increasing onslaught of disruption, from accidental deletions and malicious insiders to targeted cyberattacks. Indeed, there have been more than 500 security incidents in 2024 alone; and the risk is only accelerating with the rise of AI coding agents, which can introduce flawed commits or subtle, exploitable vulnerabilities at scale. As a result, the need for robust recovery is more urgent than ever.
Relying on traditional methods—whether it's "do-nothing" approaches like native version history and federated copies, or brittle manual scripts—creates three critical gaps:
The Cyber Resilience Gap: Version history is not a true backup. It exists in the same security domain as your primary data, making it vulnerable to attackers who can compromise both. Traditional approaches also lack immutability and deleted versions are only retained for 28 days in Azure DevOps with no recourse, leaving you with no path to recovery from an attack.
The Data Protection Gap: Traditional methods are manual, complex, and error-prone. Brittle scripts are difficult to maintain, offer no visibility into backup operations, and fail to scale. This creates high operational overhead and makes recovery a chaotic, time-consuming hunt for the right version.
The Compliance Gap: Fragmented, homegrown tools lack enterprise-ready capabilities. They cannot provide unified visibility, robust enterprise-security controls, or the auditable reporting required to prove recoverability to satisfy mandates like DORA.
Introducing Rubrik DevOps Protection
With Rubrik DevOps Protection, Rubrik continues its commitment to extending cyber resilience to critical parts of the enterprise. Now, Rubrik brings our enterprise-grade, automated, and cyber-resilient data protection to the platforms that power your innovation.
Unlike vulnerable traditional approaches or fragmented point solutions, Rubrik provides a single, trusted platform to unify DevOps protection with your existing cloud and SaaS data. We close the critical cyber resilience gap with immutable, air-gapped backups, the data protection gap with SLA-Driven automated protection and flexible recovery, and the compliance gap with unified management and enterprise-grade security.
We are starting with support for Microsoft Azure DevOps in December 2025, with protection for GitHub to be launched in upcoming quarters. This will allow you to secure your most critical intellectual property and automation pipelines, ensuring your DevOps environment is secure, compliant, and recoverable.
Key features include:
Unified Management and Reporting: Gain a single pane of glass for your DevOps data alongside your other cloud, SaaS, and on-prem workloads. Rubrik Security Cloud provides a unified view of your Azure DevOps estate, with a clear inventory of your protected organizations, projects, and repositories. You can easily monitor backup status, check compliance, and generate on-demand reports to prove protection, all from one platform.
SLA-Driven Automated Protection: Replace brittle, manual scripts with our "set-it-and-forget-it" policy engine. Rubrik automatically discovers your repositories and uses powerful SLA-driven automation to ensure they are protected. You get granular control, with the flexibility to apply protection policies at the organization, project, or even individual repository level, ensuring no critical IP is left unprotected.
Efficient Backups and Flexible Recovery: Rubrik optimizes protection by using efficient, incremental-forever backups, fetching only new changes after the first full backup. You can also run on-demand snapshots at any time. For storage flexibility, you can define your backup location at the organization level and leverage different storage tiers like hot, cool, or cold to balance cost and performance. When it's time to recover, you can instantly restore repositories, alongside their critical pipelines, to a new project, a different organization, or even a different tenant to support disaster recovery use-cases.
Cyber-Resilient Backups: Secure your critical IP with truly cyber-resilient backups. Rubrik leverages native Azure Blob WORM technology to ensure backups are immutable, meaning they cannot be modified, encrypted, or deleted by an attacker. Achieve a logical air gap by storing backups in your own Azure storage (BYOS), which can be placed in a separate tenant for maximum security. Support for Rubrik Cloud Vault (RCV) as a fully-managed, air-gapped target is coming in April 2026.
Enterprise-Grade Security: This solution is built with enterprise security at its core. Onboarding is simple and secure, using an OAuth 2.0-based flow that allows for a "true least privilege" model. Granular, project-based RBAC allows you to extend least privilege access controls and tailor the backup infrastructure to your organization's own requirements. Retention Lock prevents accidental or malicious deletion of backups, and for critical actions, you can enforce quorum authorization (QAuth) to require multi-person approval.
Ready to Protect Your Innovation Engine?
Rubrik DevOps Protection provides seamless, enterprise-grade data protection for your most critical code and automation pipelines. With unified management, SLA-driven automation, and advanced recovery options, Rubrik DevOps Protection eliminates operational complexity—allowing you to focus on building what's next.
Don't wait until it's too late. Enhance your cyber resilience without the complexity today!
See Rubrik DevOps Protection in Action at
Cloud Resilience Summit! Join us for our upcoming session, "Protecting Your Entire Software and AI Development Lifecycle: From Code to Production", where we'll dive deep into the critical need for DevOps data protection and show you how Rubrik keeps your Azure DevOps environment secure, compliant, and recoverable.
Learn more about Rubrik DevOps Protection:
Any unreleased services or features referenced in this presentation are not currently available and may not be made generally available on time or at all, as may be determined in our sole discretion. Any such referenced services or features do not represent promises to deliver, commitments, or obligations of Rubrik, Inc. and may not be incorporated into any contract. Customers should make their purchase decisions based upon services and features that are currently generally available.