Extending the functionality of Azure Devops and Microsoft Defender for Cloud DevOps Security module to secure your CI/CD pipeline
Distributed code development, the use of various libraries by developers increases the risk of an attack through your application due to the lack of control over the security of the entire code. Also, when creating infrastructure using code, e.g. Bicep or Terraform, mistakes can be made that will result in a decrease in the security level of our cloud solutions. One of the possibilities is to combine the GitHub Connector in Microsoft Defender for Cloud. DevOps Security module with Microsoft GitHub Advanced Security product, which allows you to use all the security possibilities of the solution.
DevOps Security module of Microsoft Defender for Cloud provides you:
GitHub Advanced Security will increase the security of your applications by:
Using public code repositories also increases the risk of unknowingly publishing confidential data such as passwords or secrets. Tools built into GitHub Advanced Security will analyse your code for known strings defining database connection strings, passwords or tokens and then executing an automatic event to secure your environment.
What we propose: Dependency review – secure your pipeline using DevOps Security module and GitHub Advanced Security to support you with verification of dependency in your static code, assessment security impact of those dependency Code scanning – create configuration for your code in public and private GitHub repositories for analysing and finding security vulnerabilities and coding errors with automated reporting and alerting. Secret scanning – selective choose engine to search strings which match patterns for any secret data like database connection strings, passwords, tokens