Azure Security Center integration with GitHub Actions, in public preview
Published date: May 26, 2021
With the integration of Azure Security Center with GitHub Actions, now in public preview, you can easily incorporate security and compliance into early stages of the software development lifecycle. This integrated experience offers IT Ops and IT Security visibility into both CI/CD pipeline and registry container security scans within Azure Security Center. Additionally, the end-to-end traceability helps your developers identify issues faster—improving remediation time and strengthening your cloud security posture.
Along with the integration of GitHub with Azure Security Center (ASC), we’re introducing a new container scanning action that scans container images for vulnerabilities before images are pushed into Azure container registries. Going forward, ASC will provide recommendations if there are any workflows that are pushing Docker images without CI/CD scanning actions enabled. The ASC recommendation details the affected resources along with a proposed remediation path and steps to help enable CI/CD scanning for workflows.
Learn more about how to practice DevSecOps with GitHub and Azure Security Center.