Scan a GitHub Repository from Azure DevOps Pipeline using Advanced Security

preview_player
Показать описание
GitHub Advanced Security now supports the ability to analyze your code for vulnerabilities from third-party CI pipelines, including the Azure Pipelines GitHub Integration

Let's see how we can scan a GitHub repository from Azure DevOps Pipeline using Advanced Security, thanks to GitHub Code Scanning

🆘 NEED HELP? 🆘
We can talk about GitHub, Azure DevOps, or any other DevOps tool or project you need help with!

🙏🏻SUPPORT THE CHANNEL🙏🏻

💬JOIN THE COMMUNITY

🎥VIDEOS

⏲TIMESTAMPS
0:00 Intro
1:00 Overview
1:27 The needed steps
2:30 Install CodeQL in Azure Pipelines
2:52 Authorize CodeQL
4:14 Initialize CodeQL
5:06 Analyze your repo and upload the results
6:00 CodeQL in action
7:24 About compiled languages scanning
7:48 Wrap up
8:05 Bloopers

❓QUESTIONS?
Have a question about DevOps, Cloud, Coding, or Anything Else? Post in comments section of this video!

_______________

🔮TOOLS I USE

📸🖥️GEAR AND SOFTWARE

Disclaimer:
Some product links are affiliate links which means if you buy something I'll receive a small commission at no additional cost to you.
As an Amazon Associate, I earn from qualifying purchases.
  1. CoderDave
  2. CoderDave
  3. Davide Benvegnu
  4. scan a github repository from azure devops pipeline using advanced security
  5. code scanning a github repository
  6. github code scanning
Рекомендации по теме
Intro to GitHub 0:03:34

Intro to GitHub Code Scanning

Scan a GitHub 0:08:30

Scan a GitHub Repository from Azure DevOps Pipeline using Advanced Security

What is GitHub 0:05:21

What is GitHub Code Scanning? Find VULNERABILITIES in your code

Learning about secret 0:00:59

Learning about secret scanning on GitHub

Scan a Github 0:01:22

Scan a Github Project using SolidityScan

How to Code/Download 0:01:28

How to Code/Download from GitHub in Under 1 Minute!

Webinar: GitHub Secret 0:24:47

Webinar: GitHub Secret Scanning and Push Protection (with Xpirit and GitHub)

Overview of GitHub 0:01:24

Overview of GitHub Secret Scanning

Workshop - Robustly 1:31:51

Workshop - Robustly Scaling Playwright Tests | Andrew Knight | Testμ 2024 | LambdaTest

GitHub Code Scanning: 0:33:11

GitHub Code Scanning: A DevSecOps Approach to Security as Code

Efficient GitHub Code 0:34:06

Efficient GitHub Code Scanning with SonarCloud and GitHub Actions | SonarQube | GitHub | Code Scan

Read Any Github 0:15:11

Read Any Github Repo with LangChain + OpenAI

open sourcing my 0:06:40

open sourcing my github actions security scanner

Perform Security Code 0:12:13

Perform Security Code Analysis in GitHub with CodeQL and GitHub actions

Setup Code scanning 0:00:46

Setup Code scanning in GitHub

Security Scanning in 0:11:31

Security Scanning in your CI/CD pipeline through GitHub Actions with Trivy

Transform your code 0:00:47

Transform your code security with GitHub's code scanning autofix

User defined patterns 0:06:03

User defined patterns for secret scanning - GitHub Checkout

Adding SAST into 0:04:23

Adding SAST into GitHub workflows using Fortify

Snyk integration with 0:03:01

Snyk integration with Github and first scan

Scanning code with 0:04:58

Scanning code with Semgrep using GitHub Actions

Taking a Look 0:18:16

Taking a Look at GitHub Advanced Security

Configuring GitHub Actions 0:05:15

Configuring GitHub Actions to Launch a Scan in Fortify on Demand

Code Review Doctor 0:00:18

Code Review Doctor scanning openai Python GitHub repository auto-detecting bugs and suggesting fixes

Комментарии
Автор

✨ *Question of the day* ✨: Will you be scanning your code on GitHub from Azure Pipelines?

CoderDave
Автор

This video is very helpful, but now github stopped supporting this we need to use codeql cli only

vamsidangeti
Автор

Helpful. Thanks
We use mostly Classic Editor version of Azure pipelines. Can you help, on what task should I use for GitHub Code Scanning ?

vinaysagar