DEV Community

Cover image for AzureFunBytes Reminder - @GitHub integration with @Azure and shifting left - 8/26/2021
Jay Gordon for Microsoft Azure

Posted on

AzureFunBytes Reminder - @GitHub integration with @Azure and shifting left - 8/26/2021

AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. It's a chance for me to understand more about what people across the Azure organization do and how they do it. Every week we get together at 11 AM Pacific on Microsoft LearnTV and learn more about Azure.

When: August 26, 2021 11 AM Pacific / 2 PM Eastern
Where: Microsoft LearnTV

AzureFunBytes animation

Security is not an option when deploying applications. Considerations into what keeps your users safe must be part of your software delivery lifecycle. Whether it's adding correct firewalls rules to a server or knowing your npm package dependencies don't have cryptocurrency miners, you must always take steps to further your security posture. There's no reason to wait till after deployment to consider security, if we begin the process of securing, scanning, and shifting left we can greatly reduce our potential for intrusions.

What do I mean by shifting left? The goal for shifting left is to move quality upstream by performing testing tasks earlier in the pipeline. Rather than play catch-up after a potential security incident, developers can take reduce their exposure to troublesome incidents by utilizing DevSecOps practices.

What is DevSecOps? Azure's DevOps solutions page defines it as:

DevSecOps involves utilizing security best practices from the beginning of development, shifting the focus on security away from auditing at the end and towards development in the beginning using a shift-left strategy.

This week on AzureFunBytes I welcome Lavanya Kasarbada to help me understand how DevSecOps can create a better environment for your applications. Lavanya Kasarabada is a Senior Program Manager with the Azure Security Team. She works on Container and Serverless Security!

Lavanya plans on covering how to secure your container workloads. She'll discuss how the GitHub integration with Azure will provide end to end traceability and visibility into shift left security assessments.

Our planned agenda includes:

  • Enabling Defender for Containers
  • Enabling and configuring Vulnerability scanning in GitHub workflow
  • Viewing detailed results in Azure Security Center

We'll dive into how all the parts fit together this week, take your questions, and learn to shift-left on Azure.

So be sure to join us this Thursday, August 26, 2021 at 11 AM PT / 2PM ET.

Learn about Azure fundamentals with me!

Live stream is normally found on Twitch, YouTube, and LearnTV at 11 AM PT / 2 PM ET Thursday. You can also find the recordings here as well:

AzureFunBytes on Twitch
AzureFunBytes on YouTube
Azure DevOps YouTube Channel
Follow AzureFunBytes on Twitter

Get $200 in free Azure Credit
Microsoft Learn: Introduction to Azure fundamentals
Enable DevSecOps with Azure and GitHub
DevOps solutions on Azure
DevSecOps in Azure
Shift left to make testing fast and reliable
Azure Security Center integration with GitHub Actions, in public preview
Azure Security Center

Top comments (0)