Microsoft announces the general availability of GitHub Advanced Security for Azure DevOps

Home » Azure

Reading time icon 1 min. read

Calendar icon Published on

by Pradeep Viswav 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

GitHub Advanced Security Azure DevOps

Today, Microsoft announced the general availability of GitHub Advanced Security for Azure DevOps. This new feature brings GitHub Advanced Security’s suite of security features including code, secret, and dependency scanning to Azure Repos. Right now, GitHub Advanced Security for Azure DevOps is only available for Azure DevOps service. So, it is not available for Azure DevOps Server.

GitHub Advanced Security for Azure comes with the following features:

  • Secret Scanning push protection: check if code pushes include commits that expose secrets such as credentials
  • Secret Scanning repo scanning: scan your repository and look for exposed secrets that were committed accidentally
  • Dependency Scanning – search for known vulnerabilities in open source dependencies (direct and transitive)
  • Code Scanning – use CodeQL static analysis engine to identify code-level application vulnerabilities such as SQL injection and authentication bypass

Based on the customer feedback, Microsoft has integrated GitHub Advanced Security with Microsoft Defender for Cloud allowing organizations to view all the alerts for all their repos across both Azure DevOps and GitHub in a single pane of glass in Microsoft Defender for Cloud.

 

More about the topics: Azure DevOps, Github, GitHub Advanced Security, microsoft

Pradeep Viswav

Pradeep Viswav Shield

Software and Services Expert

Pradeep is a Computer Science and Engineering Graduate. He was also a Microsoft Student Partner. He is currently working in a leading IT company.