Azure

In my previous blog DevOps Security with Microsoft Defender for Cloud I introduced the DevOps Security features in Defender for Cloud and how you can link and scan your GitHub code repositories for vulnerabilities before they hit your infrastructure platforms. In this blog I am going to focus on the options for fixing code issues based on the reporting findings from Defender for Cloud. Findings As mentioned previously, all of the reporting from your connected repositories appears under findings in the security overview dashboard of DevOps Security. ...

Following Microsoft Ignite in Nov 2023, Defender for DevOps has now become DevOps security. In practice this means that a lot of the features which were previously in public preview are now generally available. But first… what is DevOps security in Defender for Cloud? DevOps Security This feature of Defender for Cloud provides end-to-end security for code-based deployments from the well-known major source code repositories available in the market. These can be selected from the environment settings of the DevOps security blade in Defender for Cloud with GitLab being the most recent addition to the environment list. ...