The core scanning capabilities of GitHub Advanced Security will be implemented into the Azure DevOps platform for automated security checks in the developer workflow using:
- Code scanning: powered by CodeQL, locates vulnerabilities in source code and provides remediation guidance.
- Secret scanning: identifies high-confidence secrets and blocks developers from pushing secrets into code repositories.
- Dependency scanning: discovers vulnerabilities within open-source dependencies and automates update alerts for developers.
These new features will help developers implement security earlier in the software development lifecycle to find and fix security issues before code is deployed to production.