Episode
Rapidly build and deliver secure apps with DevSecOps practices
with Scott Hanselman, April Edwards
April Edwards joins Scott Hanselman to show how delivering apps in a DevOps world also means shifting security left. To securely deliver our apps, organizations must harden their dev environments, while leveraging tooling to scan and proactively protect their repositories, ensuring continuous delivery is secure.
Azure Friday Quiz Sweepstakes
Watch the episode to the end and then submit your answers to our five-question quiz about the info April covered with Scott. Eligible participants who answer all five questions correctly will be entered into a Sweepstakes with a chance to be one of ten lucky winners to win a box of Microsoft swag! The Azure Friday Quiz Sweepstakes ends at 11:59pm PT on February 12, 2022.
Take the quiz! | Terms and conditions | Privacy statement
Chapters
- 00:00 - Introduction
- 01:14 - GitHub Codespaces
- 04:17 - GitHub Code Security (Dependabot, CodeQL, and Secret scanning)
- 05:51 - Environment workflows
- 06:38 - Microsoft Defender for Cloud
- 07:47 - Relationship between Dependabot and Microsoft Defender for Cloud
- 09:01 - Wrap-up
Recommended resources
- GitHub Codespaces
- GitHub Code Security
- GitHub CodeQL
- Understand security in the Pipeline
- Identify vulnerable container images in your CI/CD workflows
Connect
- Scott Hanselman | Twitter: @shanselman
- April Edwards | Twitter: @TheAprilEdwards
- Azure Friday | Twitter: @AzureFriday
April Edwards joins Scott Hanselman to show how delivering apps in a DevOps world also means shifting security left. To securely deliver our apps, organizations must harden their dev environments, while leveraging tooling to scan and proactively protect their repositories, ensuring continuous delivery is secure.
Azure Friday Quiz Sweepstakes
Watch the episode to the end and then submit your answers to our five-question quiz about the info April covered with Scott. Eligible participants who answer all five questions correctly will be entered into a Sweepstakes with a chance to be one of ten lucky winners to win a box of Microsoft swag! The Azure Friday Quiz Sweepstakes ends at 11:59pm PT on February 12, 2022.
Take the quiz! | Terms and conditions | Privacy statement
Chapters
- 00:00 - Introduction
- 01:14 - GitHub Codespaces
- 04:17 - GitHub Code Security (Dependabot, CodeQL, and Secret scanning)
- 05:51 - Environment workflows
- 06:38 - Microsoft Defender for Cloud
- 07:47 - Relationship between Dependabot and Microsoft Defender for Cloud
- 09:01 - Wrap-up
Recommended resources
- GitHub Codespaces
- GitHub Code Security
- GitHub CodeQL
- Understand security in the Pipeline
- Identify vulnerable container images in your CI/CD workflows
Connect
- Scott Hanselman | Twitter: @shanselman
- April Edwards | Twitter: @TheAprilEdwards
- Azure Friday | Twitter: @AzureFriday
Have feedback? Submit an issue here.