Microsoft Makes GitHub Advanced Security for Azure DevOps Available in Public Preview 

With the latest announcement, With this, Microsoft is looking to remove all the stigma associated with it and give enterprise customers complete control over their security and beyond.
Microsoft Build 2023
Listen to this story

At Microsoft Build, the company announced that GitHub Advanced Security for Azure DevOps has been made accessible to everyone, and is in public preview. GitHub Advanced Security for Azure DevOps brings the same industry-leading developer security capabilities as GitHub Advanced Security to Azure DevOps, integrated directly into Azure Repos and Azure Pipelines. This includes secret scanning, dependency scanning, and CodeQL code scanning capabilities available within GitHub Enterprise, which is a commercial version of GitHub that is designed for enterprise-scale software development and collaboration.

Microsoft said that the GitHub Advanced Security for Azure DevOps has the same pricing as GitHub Advanced Security – i.e. $49 per active user per month. 

Secret Scanning 

GitHub Advanced Security for Azure DevOps helps users find and prevent the exposure of sensitive information (secrets) in Azure Repos. It detects if any secrets have already been exposed and block any attempts to push code containing secrets, helping enterprises reduce the risk of security breaches. 

Dependency Scanning

This feature identifies vulnerabilities in the open-source packages used in code. It checks both direct dependencies and dependencies used by those dependencies. Moreover, it provides guidance on how to upgrade your packages to address these vulnerabilities. 

Code Scanning

GitHub Advanced Security includes a powerful analysis engine – CodeQL. It scans your code for security vulnerabilities across various programming languages. It can detect issues like SQL injection and authorisation bypass. For instance, you can run CodeQL scans directly from Azure Pipelines in Azure Repos and take action on the results. 

Legal Trouble Mounts 

This new announcement comes against the backdrop of scepticism that exists in the enterprise and the IT landscape, particularly related to the usage of platforms powered by foundational models developed by OpenAI and Microsoft – the likes of GPT-4 and CodeX (GitHub), which have been trained on public-domain data and codes to deliver the desired outcomes. 

A few days back, Twitter accused Microsoft of using its data without due permission. It has also charged the tech company for sharing Twitter’s data with the US government. This could invite a ‘lawsuit’ from Twitter, as hinted by Elon Musk. 

Also, a class action lawsuit was filed against Microsoft, OpenAI, and GitHub for scrapping the licensed code to build AI-powered Copilot in November last year. This has been one of the biggest roadblocks for the company, and it is now desperately looking to escape – asking the court to dismiss a proposed class complaint. 

With the latest announcement, Microsoft is looking to remove all the stigma associated with it and give enterprise customers complete control over their security and beyond

Download our Mobile App

K L Krithika
K L Krithika is a tech journalist at AIM. Apart from writing tech news, she enjoys reading sci-fi and pondering the impossible technologies while trying not confuse between the two.

Subscribe to our newsletter

Join our editors every weekday evening as they steer you through the most significant news of the day.
Your newsletter subscriptions are subject to AIM Privacy Policy and Terms and Conditions.

Our Upcoming Events

15th June | Online

Building LLM powered applications using LangChain

17th June | Online

Mastering LangChain: A Hands-on Workshop for Building Generative AI Applications

Jun 23, 2023 | Bangalore

MachineCon 2023 India

26th June | Online

Accelerating inference for every workload with TensorRT

MachineCon 2023 USA

Jul 21, 2023 | New York

Cypher 2023

Oct 11-13, 2023 | Bangalore

3 Ways to Join our Community

Telegram group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our Daily newsletter

Get our daily awesome stories & videos in your inbox

Is Sam Altman a Hypocrite? 

While on the one hand, Altman is advocating for the international community to build strong AI regulations, he is also worried when someone finally decides to regulate it