Security News > 2023 > May > Microsoft, GitHub announce application security testing tools for Azure DevOps
GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft's Azure DevOps Services.
"GitHub Advanced Security for Azure DevOps can not only help you find secrets that have already been exposed in Azure Repos, but also help you prevent new exposures by blocking any pushes to Azure Repos that contain secrets," says Aaron Hallberg, Director of Product for Azure DevOps, Microsoft.
The tool identifies the open-source packages used in Azure Repos and the vulnerabilities in them, and advises users on how to upgrade those packages to mitigate vulnerabilities.
Developers can now run CodeQL scans directly from Azure Pipelines on code from Azure Repos and act on the results within the Azure DevOps environment.
"Issues detected in each of these categories are presented in a repository-scoped Advanced Security experience using the Azure DevOps design language," Hallberg noted.
GitHub Advanced Security for Azure DevOps has been in private preview since November 2022 and is now in public preview.
News URL
https://www.helpnetsecurity.com/2023/05/24/application-security-testing-devops/
Related news
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft overhauls security for publishing Edge extensions (source)
- SOC teams are frustrated with their security tools (source)
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft creates fake Azure tenants to pull phishers into honeypots (source)
- Best AI Security Tools: Top Solutions, Features & Comparisons (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft warns Azure Virtual Desktop users of black screen issues (source)