{"id":66951,"date":"2023-05-23T00:00:35","date_gmt":"2023-05-23T08:00:35","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/devops\/?p=66951"},"modified":"2023-05-23T07:12:20","modified_gmt":"2023-05-23T15:12:20","slug":"github-advanced-security-for-azure-devops-public-preview-starts-now","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/github-advanced-security-for-azure-devops-public-preview-starts-now\/","title":{"rendered":"GitHub Advanced Security for Azure DevOps public preview starts now!"},"content":{"rendered":"

In October of last year we announced that GitHub Advanced Security was coming to Azure DevOps, starting with a private preview in November. Since then, we\u2019ve been working hard on the product and incorporating feedback from our private preview customers. Today, we are excited to announce that GitHub Advanced Security for Azure DevOps is available to everyone in a public preview! Sign up for the preview<\/a>, and we\u2019ll do our best to get your Azure DevOps organization(s) enabled as soon as possible.<\/p>\n

As a reminder \u2013 GitHub Advanced Security for Azure DevOps brings the same industry leading developer security capabilities as GitHub Advanced Security to Azure DevOps, integrated directly into Azure Repos and Azure Pipelines. This includes the same secret scanning, dependency scanning, and CodeQL code scanning capabilities available within GitHub Enterprise.<\/p>\n

Secret Scanning<\/strong>: Exposed credentials are implicated in over 50% of security breaches. GitHub Advanced Security for Azure DevOps can not only help you find secrets that have already been exposed in Azure Repos, but also help you prevent new exposures by blocking any pushes to Azure Repos that contain secrets. All with a single click.<\/p>\n

\"Animation<\/a><\/p>\n

We\u2019ve used secret scanning push protection inside Microsoft for years, and it\u2019s been a huge help reducing developer toil: if you only catch a secret once it\u2019s already made it into Azure Repos, the only way to really be safe is to rotate that secret everywhere it\u2019s used and then permanently revoke it. Depending on how widely the secret is used, this could be days of effort and stress – if you miss rotating the secret in just one of the places it\u2019s used, you could cause a live site outage! On the other hand, if you block the secret exposure at push time, before it\u2019s persisted in Azure Repos, it\u2019s a five-minute job to clean up your commit and repush. So much easier!<\/p>\n

Dependency Scanning<\/strong>: Open-source supply chain attacks are on the rise. GitHub Advanced Security for Azure DevOps identifies open-source package vulnerabilities present in your code \u2013 through both direct and transitive dependencies \u2013 and provides straightforward guidance from the GitHub Advisory Database on how to upgrade your packages to mitigate the vulnerabilities.<\/p>\n

\"Screen<\/a><\/p>\n

Code Scanning<\/strong>: GitHub Advanced Security includes the industry leading CodeQL static analysis engine to detect hundreds of code security vulnerabilities such as SQL injection and authorization bypass across a wide range of languages including C#, C\/C++, Python, JavaScript\/TypeScript, Java, Kotlin, Go and more. GitHub Advanced Security for Azure DevOps enables you to run CodeQL scans directly from Azure Pipelines on code from Azure Repos and act on the results without ever having to leave your Azure DevOps environment.<\/p>\n

Issues detected in each of these categories are presented in a repository-scoped Advanced Security experience using the Azure DevOps design language. All that is to say \u2013 it will all feel native to Azure DevOps and totally natural to Azure DevOps customers!<\/p>\n

\"Screen<\/a><\/p>\n

Pricing<\/strong>: GitHub Advanced Security for Azure DevOps has the same pricing as GitHub Advanced Security – $49 per active committer per month. Billing is done through Azure, so you can use the same Azure subscriptions and payment vehicles used for the rest of your Azure DevOps bill. And because billing is metered, the costs will be pro-rated based on the repositories you enable and the length of time they are enabled. There\u2019s no purchase commitment necessary at all \u2013 you can scale your usage up, or down, or off at any time just by enabling or disabling the protections on whichever repos you select in the Azure DevOps configuration settings.<\/p>\n

We are incredibly excited to be reaching this milestone and to be making these powerful capabilities available to all Azure DevOps customers. They will go a long way toward helping you secure your DevOps infrastructure, your code, and your production environments.<\/p>\n

To learn more about GitHub Advanced Security for Azure DevOps, see https:\/\/aka.ms\/advanced-security<\/a>. To learn more about other upcoming Azure DevOps investments in security and beyond, see https:\/\/aka.ms\/AzureDevOpsRoadmap<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

In October of last year we announced that GitHub Advanced Security was coming to Azure DevOps, starting with a private preview in November. Since then, we\u2019ve been working hard on the product and incorporating feedback from our private preview customers. Today, we are excited to announce that GitHub Advanced Security for Azure DevOps is available […]<\/p>\n","protected":false},"author":181,"featured_media":45953,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[224,1,251],"tags":[],"class_list":["post-66951","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-devops","category-security"],"acf":[],"blog_post_summary":"

In October of last year we announced that GitHub Advanced Security was coming to Azure DevOps, starting with a private preview in November. Since then, we\u2019ve been working hard on the product and incorporating feedback from our private preview customers. Today, we are excited to announce that GitHub Advanced Security for Azure DevOps is available […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/66951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/181"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=66951"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/66951\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/45953"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=66951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=66951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=66951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}