We are excited to announce the public preview of Azure Security Center (ASC) integration with GitHub Actions… our first steps towards building shared tooling and experience by extending the reporting from container scans into Azure Security Center.
With this tighter integration we are allowing DevSecOps teams to run vulnerability scans, resolve findings, and visualize the security posture of workflows within their CI/CD pipeline.
CI/CD vulnerability scanning of container images helps shift security left by offering increased visibility and control and by providing CI/CD scan assessments to Azure Security Center (ASC). Now, your security teams can access a holistic, 360-degree view across CI/CD pipelines and runtime resources through CI/CD scan assessments in ASC. DevSecOps teams will now receive greater, shared insight into development practices and potentially vulnerable code, containers, and infrastructure.
Going forward, any workflow that pushes a container image without a scan action present will alert the user with an ASC recommendation. Each ASC recommendation details the affected resources along with a proposed remediation path and steps to help each path achieve a “healthy” state. Below are details on how to enable the new capabilities across GitHub and Azure to get you started with your DevSecOps journey.
…
For more details on what the workflow looks like & how to enable this feature, visit:
- Kickstart collaborative DevSecOps practices with GitHub and Azure
https://techcommunity.microsoft.com/t5/azure-developer-community-blog/kickstart-collaborative-devsecops-practices-with-github-and/ba-p/2357730
kurtsh
Kurt Shintaku's Blog 