DEV Community

Cover image for AzureFunBytes Reminder - @GitHub integration with @Azure and shifting left - 8/26/2021
Jay Gordon for Microsoft Azure

Posted on

4 1

AzureFunBytes Reminder - @GitHub integration with @Azure and shifting left - 8/26/2021

AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. It's a chance for me to understand more about what people across the Azure organization do and how they do it. Every week we get together at 11 AM Pacific on Microsoft LearnTV and learn more about Azure.

When: August 26, 2021 11 AM Pacific / 2 PM Eastern
Where: Microsoft LearnTV

AzureFunBytes animation

Security is not an option when deploying applications. Considerations into what keeps your users safe must be part of your software delivery lifecycle. Whether it's adding correct firewalls rules to a server or knowing your npm package dependencies don't have cryptocurrency miners, you must always take steps to further your security posture. There's no reason to wait till after deployment to consider security, if we begin the process of securing, scanning, and shifting left we can greatly reduce our potential for intrusions.

What do I mean by shifting left? The goal for shifting left is to move quality upstream by performing testing tasks earlier in the pipeline. Rather than play catch-up after a potential security incident, developers can take reduce their exposure to troublesome incidents by utilizing DevSecOps practices.

What is DevSecOps? Azure's DevOps solutions page defines it as:

DevSecOps involves utilizing security best practices from the beginning of development, shifting the focus on security away from auditing at the end and towards development in the beginning using a shift-left strategy.

This week on AzureFunBytes I welcome Lavanya Kasarbada to help me understand how DevSecOps can create a better environment for your applications. Lavanya Kasarabada is a Senior Program Manager with the Azure Security Team. She works on Container and Serverless Security!

Lavanya plans on covering how to secure your container workloads. She'll discuss how the GitHub integration with Azure will provide end to end traceability and visibility into shift left security assessments.

Our planned agenda includes:

  • Enabling Defender for Containers
  • Enabling and configuring Vulnerability scanning in GitHub workflow
  • Viewing detailed results in Azure Security Center

We'll dive into how all the parts fit together this week, take your questions, and learn to shift-left on Azure.

So be sure to join us this Thursday, August 26, 2021 at 11 AM PT / 2PM ET.


Learn about Azure fundamentals with me!

Live stream is normally found on Twitch, YouTube, and LearnTV at 11 AM PT / 2 PM ET Thursday. You can also find the recordings here as well:

AzureFunBytes on Twitch
AzureFunBytes on YouTube
Azure DevOps YouTube Channel
Follow AzureFunBytes on Twitter

Get $200 in free Azure Credit
Microsoft Learn: Introduction to Azure fundamentals
DevSecOps
Enable DevSecOps with Azure and GitHub
DevOps solutions on Azure
DevSecOps in Azure
Shift left to make testing fast and reliable
Azure Security Center integration with GitHub Actions, in public preview
Azure Security Center

Image of AssemblyAI tool

Transforming Interviews into Publishable Stories with AssemblyAI

Insightview is a modern web application that streamlines the interview workflow for journalists. By leveraging AssemblyAI's LeMUR and Universal-2 technology, it transforms raw interview recordings into structured, actionable content, dramatically reducing the time from recording to publication.

Key Features:
🎥 Audio/video file upload with real-time preview
🗣️ Advanced transcription with speaker identification
⭐ Automatic highlight extraction of key moments
✍️ AI-powered article draft generation
📤 Export interview's subtitles in VTT format

Read full post

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay