Microsoft has announced that GitHub Advanced Security is now in public preview for Azure DevOps! You can now integrate your favorite security tools (Dependency scanning, Secret scanning, and Code scanning) into your Azure Pipelines as well and become more secure (by actually remediating the alerts of course!)
Read all about it here on Rob’s blogpost, that explains how you can integrate GitHub Advanced Security (or GHAS) into your Azure DevOps environment:
- Set up dependency scanning in your pipeline
- Enable secret scanning
- Integrating Code scanning with CodeQL in your pipeline