April Edwards joins Scott Hanselman to show how delivering apps in a DevOps world also means shifting security left. To securely deliver our apps, organizations must harden their dev environments, while using tooling to scan and proactively protect their repositories, ensuring continuous delivery is secure.
Chapters
00:00 – Introduction
01:14 – GitHub Codespaces
04:17 – GitHub Code Security (Dependabot, CodeQL, and Secret scanning)
05:51 – Environment workflows
06:38 – Microsoft Defender for Cloud
07:47 – Relationship between Dependabot and Microsoft Defender for Cloud
09:01 – Wrap-up
Recommended resources
🔗 GitHub Codespaces – [ Ссылка ]
🔗 GitHub Code Security – [ Ссылка ]
🔗 GitHub CodeQL – [ Ссылка ]
🔗 Understand security in the Pipeline – [ Ссылка ]
🔗 Identify vulnerable container images in your CI/CD workflows – [ Ссылка ]
🔗 Azure DevOps blog – [ Ссылка ]
🔗 Create a free account (Azure) – [ Ссылка ]
#Microsoft #Azure #AzureFriday
