Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community

The Secure DevOps Kit for Azure (AzSK) offers a set of scripts, tools, extensions, automations, etc. for dev ops teams which are using automation and are integrating security into native dev ops workflows. The following focus areas are covered:

 

  • Secure the subscription:  A secure cloud subscription provides a core foundation for development and deployment activities.
  • Enable secure development: Developers should have the ability to write secure code and to test the secure configuration of their cloud applications.
  • Integrate security into CICD:  Ability to run Security Verification Tests (SVTs) as part of the VSTS CICD pipeline.
  • Continuous Assurance: Treat security as a continuously varying state of a system with continious assurance.
  • Alerting & Monitoring: provides solutions for individual application teams and also for central enterprise teams.
  • Cloud Risk Governance: A telemetry framework that generates events capturing usage, adoption, evaluation results, etc.

For more information, you can refer to the following sites: