Using the Secure DevOps Kit for Azure (AzSK) and Azure Pipelines you can easily run security verification tests on the Azure Resources your application is deployed on to make sure the resources are compliant with the security controls.
Welcome to K2V Academy, where you can find stuff to learn about Development, Cloud, DevOps and everything in between.
19 Post(s) found.
Using the Secure DevOps Kit for Azure (AzSK) and Azure Pipelines you can easily run security verification tests on the Azure Resources your application is deployed on to make sure the resources are compliant with the security controls.
Secure DevOps Kit for Azure (AzSK) includes an Azure Resource Template (ARM) checker that you can easily integrate with Azure Pipelines to analyze your ARM templates for security improvements.
Secure DevOps Kit for Azure is an interesting toolkit that originated within Microsoft and now Open Source for the general public to use in their project to maintain security controls across different stages of development.
Creating a custom $(Rev) variable for Azure Pipelines that you have complete control over using Counter Expressions
You can easily implement a build and release pipeline for your open source NuGet packages using Azure Pipelines and streamline the release process for your NuGet packages.
Sentry is an open source error tracking service that you can integrate with Azure Pipelines extensions to gather telemetry from the tasks.
Key rotation is an important concept that can be implemented with Azure Key Vault and Azure Automation Runbooks.
Custom conditions of Azure Pipelines can be used to reuse the build definitions for Pull Request validation.
You can create work items on Azure DevOps directly from Azure Application Insights when you find issues or exceptions in application insights logs.
Azure Resource Manager templates can be used to deploy your Azure Resources automatically following Infrastructure As Code (IaC) practices.
Validating Azure Resource Manager (ARM) templates in your continuous integration pipelines is a best practice that you can easily integration into your DevOps pipelines.
OWASP Zap Attack Proxy Task for Azure DevOps can be used to easily run vulnerability scans on your Web apps and APIs right from Azure Pipelines.
You can easily run Automated Security tests on Azure DevOps using OWASP Zap. You can also use C# to write unit tests that executes the OWASP Zap Analysis.
You can easily run Automated Security tests on Azure DevOps using OWASP Zap. You can also use C# to write unit tests that executes the OWASP Zap Analysis.
Configuring SSL and a Reverse Proxy to secure the SonarQube server on Microsoft Azure is fairly straight forward. FOllow this guide to understand the steps to do it.
Introducing the Team Project Wikis in Azure DevOps Services that allows your teams to maintain source control based documentation for project work.
SonarQube is an open source code quality analysis tool that can be easily configured on Azure using Virtual Machines and Azure SQL databases.
How to Fix the issue “Invalid input 'WebApplication.csproj'. The file type was not recognized.” Error in Azure DevOps
With new capabilities of Visual Studio, you can now create continuous delivery pipelines without even leaving Visual Studio.