Microsoft announces the GitHub Advanced Security for Azure DevOps public preview
source link: https://www.neowin.net/news/microsoft-announces-the-github-advanced-security-for-azure-devops-public-preview/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Microsoft announces the GitHub Advanced Security for Azure DevOps public preview
As part of Microsoft's Build 2023 developers conference, the company has announced that it has launched the public preview of GitHub Advanced Security for Azure DevOps. Microsoft first announced that GitHub Advanced Security was coming to Azure DevOps in October 2022, and launched a private preview in November 2022.
In a blog post, Microsoft says:
GitHub Advanced Security for Azure DevOps brings the same industry leading developer security capabilities as GitHub Advanced Security to Azure DevOps, integrated directly into Azure Repos and Azure Pipelines. This includes the same secret scanning, dependency scanning, and CodeQL code scanning capabilities available within GitHub Enterprise.
The secret scanning feature should be a huge help for developers who might be afraid of exposing secret credentials. The blog post says that 50 percent of all security breaches are due to exposed credentials.
Using the feature in GitHub Advanced Security for Azure DevOps can find any previously released secrets, but also block any more of them before they get out. It states:
Depending on how widely the secret is used, this could be days of effort and stress - if you miss rotating the secret in just one of the places it’s used, you could cause a live site outage! On the other hand, if you block the secret exposure at push time, before it’s persisted in Azure Repos, it’s a five-minute job to clean up your commit and repush. So much easier.
The new GitHub service can also find any open-source package vulnerabilities with its Dependency Scanning feature. In addition, it uses the CodeQL static analysis engine to let developers find hundreds of security issues from a variety of code languages.
Billing for GitHub Advanced Security for Azure DevOps is handled via Azure. It will cost $49 per active committer per month. Interested customers can go ahead and sign up for the public preview now at its official website.
In case you want to read more, you can find the rest of the Build 2023 coverage here.
Recommend
-
10
Office 2021 is the next perpetual version of the suite Microsoft has recently confirmed that Office 2021 is the next perpetual version of its famous productivity suite, and while the company still h...
-
5
Microsoft Announces Preview Service for Building Real-Time Web Applications Called Azure Web PubSub May 07, 20...
-
5
Microsoft Announces the Public Preview of Disk Pool for Azure VMware Solution Jul 20, 2021...
-
6
Commercial organizations can test Windows 11 on their PCs Microsoft is projected to start the public rollout of Windows 11 in October, but in the meantime, the company also wants to pave the way for...
-
7
Microsoft Announces Azure Spring Cloud Enterprise in Preview Sep 09, 2021...
-
6
Microsoft Announces Preview of On-Demand Capacity Reservations for Azure Virtual Machines Sep 27, 2021...
-
11
Microsoft Announces Azure Functions 4.0 with .NET 6 Support in Preview Sep 30, 2021...
-
8
Windows 10 build 19043.1320 now available for download Windows 11 is on everybody’s lips these days, but this doesn’t necessarily mean Microsoft has given up on Windows 10. The compa...
-
1
Microsoft announces advanced security protections for some Teams customers...
-
2
Exploring GitHub Advanced Security for Azure DevOps Feb 17, 2024 |
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK