Is Copilot the best AI companion out there? Help us find out by answering a couple of quick questions!
Today, Microsoft announced the general availability of GitHub Advanced Security for Azure DevOps. This new feature brings GitHub Advanced Security’s suite of security features including code, secret, and dependency scanning to Azure Repos. Right now, GitHub Advanced Security for Azure DevOps is only available for Azure DevOps service. So, it is not available for Azure DevOps Server.
GitHub Advanced Security for Azure comes with the following features:
- Secret Scanning push protection: check if code pushes include commits that expose secrets such as credentials
- Secret Scanning repo scanning: scan your repository and look for exposed secrets that were committed accidentally
- Dependency Scanning – search for known vulnerabilities in open source dependencies (direct and transitive)
- Code Scanning – use CodeQL static analysis engine to identify code-level application vulnerabilities such as SQL injection and authentication bypass
Based on the customer feedback, Microsoft has integrated GitHub Advanced Security with Microsoft Defender for Cloud allowing organizations to view all the alerts for all their repos across both Azure DevOps and GitHub in a single pane of glass in Microsoft Defender for Cloud.