Self-Hosted Runner for Azure DevOps
The same runners as Microsoft’s Hosted Runners without all the fuzz.
Self-hosted Runners
Stay Updated
The image is continuously updated with the same cadence as the Microsoft Hosted Runners, with the same application versions installed.
Why use a Virtual Machine Scale Set?
We recommend using a Virtual Machine Scale Set because it can continuously grab the latest image from Azure Marketplace, ensuring that you always have the latest runner, and because it can be used to automatically scale up and down the number of agents you have available, without you needing to worry about it. It is also cheaper, as you do not need to run many idle agents.
Virtual Machine
The runner can be used both as a standalone virtual machine or as a virtual machine scale set
What is it?
A virtual machine image built from the Microsoft runners repository
Economical
No more need to run many idle agents. Automatically scales up and down the number of agents you have available.
Security
You control everything yourself as this is a virtual machine image built from the Microsoft runners repository, containing no call home functionality
FAQ
How does Fortytwo price their services?
Cost depends on environments, compliance requirements, identity complexity, and whether you want ongoing operations. We’re transparent about drivers and trade-offs.
What is a typical timeline for working with Fortytwo?
Most organizations can establish a stable foundation in weeks, then expand iteratively. Identity and security changes often show early operational impact. Ideally, Fortytwo works with our customers over time.
What does it take, working with Fortytwo?
You will get clear ownership of your target operating model, clarity on sources of truth for organisation and people data, and you need to have å willingness to standardize. We help you get there.
How does Fortytwo reduce security risks?
The biggest risks are exceptions, unclear ownership, and partial adoption. We reduce this with golden paths, guardrails, staged rollout, and operational handover.
Build in-house or team up with a partner like Fortytwo?
If you have the competence density and capacity, in-house can work. Many teams don’t, and drift plus incidents cost more than building a repeatable operating model with the help of a partner that can act as a specialised extension of your own team.
Why not just buy a tool?
Tools don’t create standards, ownership, and repeatable patterns. We implement the operating system that makes tools behave consistently.
What is Agentic AI?
Agentic AI refers to autonomous AI systems that can make decisions, take actions, and interact with other systems on behalf of users or organizations. In an enterprise context, agentic AI operates across business applications, data platforms, and cloud environments, requiring strong identity controls, governance frameworks, and continuous oversight.
Why does agentic AI require governance?
Agentic AI requires governance because autonomous systems can access sensitive data, execute transactions, and influence business decisions. Without clear policies, identity controls, and monitoring mechanisms, agentic AI can introduce compliance risks, security vulnerabilities, and unintended operational consequences.
How should organizations secure agentic AI systems?
Organizations should secure agentic AI systems by treating them as digital identities with defined permissions, authentication requirements, and monitoring controls. This includes applying Zero Trust principles, enforcing least-privilege access, logging AI actions, and integrating AI agents into identity governance and risk management frameworks.
What are the biggest risks of unmanaged agentic AI?
The biggest risks of unmanaged agentic AI include unauthorized data access, privilege escalation, regulatory violations, lack of accountability, and automated decision-making without oversight. As AI agents gain autonomy, the attack surface expands unless identity, access, and compliance controls are proactively implemented.
How does Fortytwo.io advise organizations on agentic AI governance?
Fortytwo.io advises organizations on agentic AI governance by designing identity-first control frameworks that align AI autonomy with security, compliance, and business risk. We help define access models, monitoring strategies, policy enforcement mechanisms, and architectural guardrails to ensure AI systems operate securely and responsibly within Microsoft-based environments.
What’s the biggest risk of doing nothing about AI agent identity?
Losing control of autonomous systems that act with enterprise authority.
How does Fortytwo.io help organizations use Defender and Purview proactively?
Fortytwo.io helps organizations move from tool deployment to strategic security architecture. We design proactive security frameworks that align Microsoft Defender and Purview with identity governance, Zero Trust principles, and business risk priorities, ensuring security controls prevent incidents instead of merely responding to them.
What is identity-first security?
Identity-first security is a cybersecurity approach that treats identity as the primary control point for access. Instead of relying on network boundaries, it verifies every user, device, machine, and AI agent before granting access, ensuring secure authentication, least-privilege authorization, and continuous monitoring.
What is proactive security in Microsoft environments?
Proactive security in Microsoft environments means preventing threats before they cause damage by using tools like Microsoft Defender and Microsoft Purview to continuously monitor, protect, and govern identities, devices, and data. Instead of reacting to incidents, organizations detect risky behavior early, enforce least-privilege access, and protect sensitive information in real time.
How does Microsoft Defender enable proactive threat protection?
Microsoft Defender enables proactive threat protection by using extended detection and response (XDR) to identify suspicious activity across identities, endpoints, cloud apps, and email. It correlates signals from multiple sources to detect identity compromise, lateral movement, and privilege escalation before they become major breaches.
How does Microsoft Purview support proactive data security?
Microsoft Purview supports proactive data security by discovering, classifying, and protecting sensitive data across Microsoft 365, Azure, and hybrid environments. It helps organizations apply data loss prevention (DLP), insider risk management, and compliance controls before data exposure or regulatory violations occur.
Why is identity central to proactive security with Defender and Purview?
Identity is central to proactive security because most modern attacks target credentials, permissions, and access rights. Microsoft Defender protects identities from compromise, while Microsoft Purview ensures access to sensitive data is governed and monitored. Together, they create a security model where identity risk is detected early and controlled continuously.
What is the Identity Universe?
The Identity Universe is Fortytwo’s strategic framework for managing all identities, human, machine, and AI, across an organization’s entire ecosystem. It connects workforce IAM, customer IAM, machine identity, governance, and Zero Trust into one unified identity strategy, helping organizations reduce risk, improve security maturity, and enable digital growth.
How does Fortytwo.io help organizations mature their identity strategy?
Fortytwo.io helps organizations assess, design, and implement a future-ready identity strategy. This includes identity maturity assessments, IAM architecture design, governance frameworks, Zero Trust alignment, and integration across workforce, customer, and machine identities. The goal is to transform identity from an IT function into a business enabler.
Why is identity the foundation of modern cybersecurity?
Identity is the new security perimeter. As organizations adopt cloud, SaaS, remote work, and AI-driven systems, traditional network boundaries disappear. Every access request, whether from an employee, API, device, or AI agent, must be verified. A strong identity strategy ensures secure authentication, proper authorization, and continuous governance across all environments.
What challenges does the Identity Universe approach solve?
The Identity Universe approach solves fragmented identity systems, inconsistent access governance, poor visibility across environments, and growing machine identity risk. By unifying identity strategy, architecture, and governance, organizations gain better control, stronger compliance, and reduced attack surfaces.
What is the difference between traditional IAM and the Identity Universe?
Traditional IAM often focuses on tools and isolated systems, such as Active Directory or single sign-on. The Identity Universe expands this view by treating identity as a strategic ecosystem. It includes workforce and customer identities, machine and API identities, AI agents, governance models, and security architecture — all aligned to business strategy and risk management.
What is an Identity Strategy?
An identity strategy is a structured plan for managing and securing all digital identities within an organization, including employees, customers, machines, APIs, and AI agents. It defines how identities are authenticated, authorized, governed, and monitored to reduce risk, ensure compliance, and support business growth in a Zero Trust environment.
What is an Azure Landing Zone?
An Azure Landing Zone is a pre-designed cloud architecture that provides a secure, governed, and scalable foundation for deploying workloads in Microsoft Azure. It includes identity configuration, networking, security controls, governance policies, and management structures to ensure cloud environments are compliant and ready for growth from day one.
Why is security critical in an Azure Landing Zone?
Security is critical in an Azure Landing Zone because it defines how identities, networks, workloads, and data are protected before applications are deployed. A secure landing zone integrates Microsoft Defender, Microsoft Entra ID, and Azure Policy to enforce Zero Trust principles, reduce misconfigurations, and minimize attack surfaces proactively.
3. How does identity fit into an Azure Landing Zone?
Identity is the foundation of an Azure Landing Zone because all access to cloud resources is controlled through Microsoft Entra ID. Proper role-based access control (RBAC), privileged identity management (PIM), and conditional access policies ensure least-privilege access and protect against credential misuse and privilege escalation.
How does Microsoft Defender strengthen an Azure Landing Zone?
Microsoft Defender strengthens an Azure Landing Zone by providing continuous threat detection and security posture management across cloud workloads. It identifies misconfigurations, detects suspicious activity, and protects identities, virtual machines, containers, and storage before threats escalate into breaches.
Is this a one time project?
No. Security operations must evolve as threats and environments change.
What is the difference between a basic Azure setup and a secure Landing Zone?
A basic Azure setup focuses on deploying resources, while a secure Landing Zone establishes governance, identity controls, security baselines, and compliance frameworks first. A properly designed landing zone ensures workloads are deployed into a controlled environment that supports scalability, regulatory compliance, and proactive risk management.
What does Fortytwo.io consulting specialize in?
Fortytwo.io consulting specializes in identity-first cybersecurity strategy, cloud security architecture, and proactive governance frameworks. We help organizations design secure, scalable environments using Microsoft technologies such as Entra ID, Defender, Purview, and Azure Landing Zones.
How is Fortytwo.io different from traditional IT consultants?
Fortytwo.io differs from traditional IT consultants by focusing on long-term security architecture rather than isolated tool implementations. We align identity, governance, and cloud security with business risk and strategic objectives, ensuring security becomes a business enabler instead of a technical afterthought.
What industries does Fortytwo.io consulting serve?
Fortytwo.io consulting serves mid-to-large enterprises operating in regulated and cloud-driven industries. Our expertise is particularly valuable for organizations with complex identity environments, compliance requirements, and hybrid or multi-cloud infrastructures.
What is Fortytwo.io’s approach to proactive security consulting?
Fortytwo.io’s approach to proactive security consulting is built on Zero Trust and identity governance principles. We assess current maturity, define a secure target architecture, and implement controls using Microsoft security platforms to reduce risk before incidents occur.
What outcomes can organizations expect from Fortytwo.io consulting?
Organizations working with Fortytwo.io can expect improved identity governance, reduced security risk, stronger compliance alignment, and a clear cloud security architecture roadmap. Our goal is to create sustainable, scalable security foundations that support long-term digital transformation.
Why should organizations choose Fortytwo.io for identity and cloud security consulting?
Organizations should choose Fortytwo.io for identity and cloud security consulting because we combine strategic advisory expertise with deep Microsoft security specialization. We design proactive, identity-first architectures using Entra ID, Defender, Purview, and Azure to reduce risk, strengthen governance, and ensure security supports business growth rather than slowing it down.
What is SecOps?
SecOps is how detections, incidents, response, and improvement work together in practice.
Is this just SIEM?
No. SIEM is a tool. SecOps is an operating model that makes tools effective.
Is this Microsoft specific?
Yes. We focus exclusively on the Microsoft security ecosystem.
Do you replace our SOC?
No. We strengthen it or help you build one that actually works.
Is this a one time project?
No. Security operations must evolve as threats and environments change.
How fast can we see results?
Most teams see clearer incidents and better alerts within weeks.
Talk to us
Get in touch if you want to discuss your challenges or questions.
We prefer a message, but you can also call us at +47 45 600 600 if you want to talk.
We are always up for a meeting or a call!
