주요 콘텐츠로 건너뛰기

DevSecOps

DevSecOps workshop guidance.

📄️ 001: Design permissions and access

Overview

📄️ 002: Discover servers/infra for build/deploy code

Overview

📄️ 003: Harden servers/infra for build/deploy code

Overview

📄️ 004: Define Developer Workstation Policies

Overview

📄️ 005: Implement Defender for Servers to continuously monitor

Overview

📄️ 006: Harden target infra (Defender for Cloud)

Overview

📄️ 007: Define developer access policies using Access Packages

Overview

📄️ 008: Implement access and PIM (JIT/JEA) policies for developers

Overview

📄️ 009: Define governance approach for groups with DevSecOps privileges

Overview

📄️ 010: Discover existing GitHub Accounts and permissions

Overview

📄️ 011: Integrate GitHub with Entra ID

Overview

📄️ 012: Remediate non-Entra ID accounts and assignments

Overview

📄️ 013: Discover, review and adjust permissions based on role

Overview

📄️ 014: Create process to periodically review unused/stale credentials

Overview

📄️ 015: Design code publishing approach

Overview

📄️ 016: Configure publishing approach for deploying to Azure

Overview

📄️ 017: Define developer access to Azure as needed

Overview

📄️ 018: Design organization security and analysis settings

Overview

📄️ 019: Decide if default or advanced custom setup for CodeQL

Overview

📄️ 020: Deploy Github Advanced Security - CodeQL

Overview

📄️ 021: Deploy Github Secret Scanning

Overview

📄️ 022: Specify configuration settings for Dependabot

Overview

📄️ 023: Integrate with Defender for DevOps

Overview

📄️ 024: Triage results and remediate

Overview

📄️ 025: Deploy GitHub Advanced Security - Dependabot

Overview

📄️ 026: Evaluate SAST and DAST tools (3P)

Overview

📄️ 027: Discover existing ADO accounts and permissions

Overview

📄️ 028: Remediate non-Entra ID accounts and assignments

Overview

📄️ 029: Integrate Entra ID to ADO

Overview

📄️ 030: Discover, review and adjust permissions based on role

Overview

📄️ 031: Set up service connections to deploy to Azure

Overview

📄️ 032: Design code publishing approach

Overview

📄️ 033: Configure publishing approach for deploying to Azure

Overview

📄️ 034: Deploy GitHub Advanced Security for Azure DevOps

Overview

📄️ 035: Integrate with Defender for DevOps

Overview

📄️ 036: Triage results and remediate

Overview

📄️ 037: Evaluate Dynamic Scanning (3P)

Overview