Introduction
GitHub Advanced Security and Azure DevOps are two tools that have revolutionized the way developers and organizations manage their code and deployments. The exciting news is that GitHub Advanced Security for Azure DevOps is now generally available, offering an array of features designed to make your DevSecOps more robust than ever.
What’s New?
Faster Onboarding
Gone are the days when you had to go through a cumbersome registration process to get started with Advanced Security. Now, any Azure DevOps Project Collection Administrator (PCA) can enable Advanced Security directly through the Azure DevOps configuration settings, making the onboarding process faster and more straightforward.
Bulk Enablement
The new update allows you to enable Advanced Security for multiple repositories at once. During its public preview, GitHub provided PowerShell scripts for bulk enablement. Now, you can easily enable Advanced Security at the organization or project level, and even set it to be automatically enabled for any future repositories.
Clarity in Billing
Understanding your billing is now easier than ever. Advanced Security is billed per active committer, and the interface now shows the number of new active committers you would incur by enabling the feature.
Single Pane of Glass for Alerts
One of the most requested features was a unified dashboard for all Advanced Security alerts. GitHub has gone a step further by integrating with Microsoft Defender for Cloud, allowing you to view all your alerts in one place.
Integration with Microsoft Defender for Cloud
This integration not only allows you to view all your alerts in one dashboard but also comes with additional code-to-cloud contextualization capabilities in the paid tier of Microsoft Defender for Cloud.
How to Enable Advanced Security
To enable Advanced Security in your Azure Repos, simply navigate to your Azure DevOps configuration settings and follow the on-screen instructions. For a more detailed guide, you can refer to the official documentation.
Locating the New Feature
As of the time of writing this post, it’s important to note that not all Azure DevOps organizations have received this new feature update. To check if it’s available for your organization, navigate to your project settings and then go to “All Repositories.”
Once you’re on this page, you’ll notice a new option to enable GitHub Advanced Security. Simply follow the on-screen instructions to activate it for your repositories.
Selective Repository Enablement and Cost Implications
If the feature is available for your organization, you’ll have the flexibility to enable Advanced Security only for the repositories you deem necessary. This allows for a more targeted approach to securing your codebase.
However, it’s crucial to be aware that enabling Advanced Security comes with additional costs. To get a clearer understanding of the billing implications, make sure to visit the billing page, which provides detailed information on the charges you can expect.
Webinar and Q&A
For those who want to dive deeper, GitHub is hosting a webinar demo and Q&A session on October 4. This is a great opportunity to have your questions answered in real-time.
Conclusion
The general availability of GitHub Advanced Security for Azure DevOps brings a plethora of features and improvements that are set to make your DevSecOps more secure and efficient. From faster onboarding to a unified alert dashboard, this update is packed with features that developers and organizations have been eagerly awaiting.