Implement security through a pipeline using Azure DevOps is a Microsoft Learn-based course for DevOps engineers and security professionals who want to embed security into their Azure DevOps CI/CD pipelines. Students learn to configure Microsoft Defender for DevOps, implement SAST with GitHub Advanced Security for Azure DevOps, add software composition analysis for dependencies, and use pipeline security gates to block insecure deployments.
What You Will Learn
- Configure Microsoft Defender for DevOps integration with Azure DevOps for security posture management
- Implement static application security testing (SAST) using GitHub Advanced Security for Azure DevOps
- Add software composition analysis (SCA) to detect vulnerable dependencies in pipeline builds
- Scan for exposed secrets and credentials in repositories using secret scanning tools
- Use pipeline security gates to block deployments when security scan thresholds are exceeded
Who Should Attend
DevOps engineers, DevSecOps engineers, and security architects who want to integrate security scanning into Azure DevOps CI/CD pipelines.
Prerequisites
Working experience with Azure DevOps pipelines (YAML). Familiarity with application security concepts is helpful.
