GitHub Advanced Security for Azure DevOps Now Available

Microsoft announces general availability of GitHub Advanced Security for Azure DevOps. Designed to provide developers with powerful tools, this service enhances the Azure DevOps environment with features such as secret scanning, dependency scanning and CodeQL code scanning.

Improvements Based on Developer Feedback

Since the public preview, Microsoft has been actively gathering feedback from the developer community and making several crucial changes. One important change is the removal of the special registration requirement for the services. Now any Azure DevOps Project Collection Administrator (PCA) can enable Advanced Security protections for their organizations/projects/repos through the Azure DevOps configuration settings. In addition, developers can choose to enable Advanced Security at the organizational, project or individual repository level, and there is an option to enable Advanced Security automatically for newly created repositories.

Integration with Microsoft Defender for Cloud

Another notable feature is the integration of Advanced Security with Microsoft Defender for Cloud (MDC). This integration aims to provide developers with a consolidated view of all Advanced Security alerts across their repositories, whether on Azure DevOps or GitHub, all through a single MDC interface. This feature is accessible at no additional cost, but those who opt for the paid version get access to enhanced code-to-cloud contextualization capabilities.

Conclusion

GitHub Advanced Security now offers enhanced security for Azure DevOps. Through enhanced features and integrations, it increases developer productivity without compromising on security. This general availability is a crucial step in Microsoft’s efforts to create a more secure and efficient development environment.