We are excited to announce that GitHub Advanced Security will be coming to Azure DevOps.
GitHub Advanced Security provides a native application security solution within the developer workflow, enabling organizations to manage open-source dependencies, custom code, and secrets across the software lifecycle. Automated security checks are run with every push and every pull request. Identified security issues are shared with developers immediately, with context, in their familiar workflow to empower them to fix vulnerabilities in minutes, not months
GitHub Advanced Security for Azure DevOps brings the same secret scanning, dependency scanning and CodeQL code scanning solutions already available for GitHub users and natively integrates them into Azure DevOps to protect your Azure Repos and Pipelines.
This is an opportunity for GitHub Technology Partners to extend their solutions to Azure DevOps. This announcement is the first step. In the next few weeks and months, the Technology Partnership and Engineering team will communicate with partners about their current or future integrations with Secret Scanning, Dependency Review, Code Scanning and Alerts experience.
We hope to be able to provide a meaningful set of features in the Private Preview that will highlight the partnership capabilities of GitHub Advanced Security on Azure DevOps.