GitHub Expands Security Tools to Protect Azure DevOps

Hero Approved GitHub

Microsoft has launched GitHub Advanced Security for Azure DevOps in public preview today. The new service is designed to help developers embed automated security checks into the platform to protect their application code and supply chain.

Microsoft first introduced GitHub Advanced Security in private preview back in November 2022. The service allows customers to address the most common threats (secrets, keys, and passwords) in the software development life cycle. The secret scanning feature helps to block code pushing containing secrets into Azure repositories.

“Exposed credentials are implicated in over 50% of security breaches. GitHub Advanced Security for Azure DevOps can not only help you find secrets that have already been exposed in Azure Repos, but also help you prevent new exposures by blocking any pushes to Azure Repos that contain secrets. All with a single click,” explained Aaron Hallberg, VP of Product Management, GitHub.

GitHub Advanced Security for Azure DevOps

Code Scanning

GitHub Advanced Security for Azure DevOps also uses the CodeQL static analysis engine to detect code vulnerabilities, such as authorization bypass and SQL injection attacks. The code scanning feature supports popular programming languages, including Python, C++, C#, Java, Go, and JavaScript/TypeScript.

Dependency Scanning

Lastly, GitHub Advanced Security for Azure DevOps scans the source code to find direct and transitive dependencies for open-source packages. It also provides information to help developers upgrade the packages in order to mitigate security issues within the application code.

GitHub Advanced Security for Azure DevOps

GitHub Advanced Security for Azure DevOps pricing details

Overall, Microsoft’s GitHub Advanced Security service should help to bolster Azure DevOps security. The new solution is available for all enterprise customers worldwide, and it costs $49 per active committer per month. However, IT admins will be able to use the Azure DevOps configuration settings to enable/disable security protections for select repositories.