Microsoft has announced today that GitHub Advanced Security for Azure DevOps is generally available now. The new security features were first announced back in October 2022 and launched its public preview in May. This new service will now allow developers to access features like secret scanning, dependency scanning, and CodeQL code scanning capabilities in their Azure DevOps environment.
In today's blog post announcing the general availability of GitHub Advanced Security for Azure DevOps, Microsoft stated that they have been getting feedback from developers for the past several months since the public preview launched. One change was to just not have any special registration for the services. Microsoft stated:
Any Azure DevOps Project Collection Administrator (PCA) can now enable Advanced Security protections for their orgs/projects/repos through the Azure DevOps configuration settings.
Microsoft is also going to make it easier for developers to enable all the repos in a given project :
To make this process easier for you, you can now choose to enable Advanced Security at the org or project level as well as the individual repo level, and you can also choose for Advanced Security to be automatically enabled for any future repos you and your teams create.
The new GA version will offer a better way to see all Advanced Security alerts:
Advanced Security is now integrating with Microsoft Defender for Cloud (MDC) to enable you to view all the alerts for all your repos across all your orgs – both Azure DevOps and GitHub – all in a single pane of glass in MDC.
While this feature will be free to access, Microsoft says developers who subscribe to the paid version will also get "some awesome code-to-cloud contextualization capabilities".
Finally, Microsoft will be holding a webinar demo and Q&A on October 6 for developers who have any extra questions.