📄️ 001: Design permissions and access
Overview
📄️ 002: Discover servers/infra for build/deploy code
Overview
📄️ 003: Harden servers/infra forbuild/deploy code
Overview
📄️ 004: Define Developer Workstation Policies
Overview
📄️ 005: Implement Defender for Servers to continuously monitor
Overview
📄️ 006: Harden target infra(Defender for Cloud)
Overview
📄️ 007: Define developer access policies using Access Packages
Overview
📄️ 008: Implement access and PIM (JIT/JEA) policies for developers
Overview
📄️ 009: Define GovernanceApproach for Groups with DevSecOps priveleges
Overview
📄️ 010: Discover existing GitHub Accounts and permissions
Overview
📄️ 011: Integrate GitHub with Entra ID
Overview
📄️ 012: Remediate non-Entra ID accounts and assignments
Overview
📄️ 013: Discover, review and adjust permissionsbased on role
Overview
📄️ 014: Create process toperiodically reviewunused/stalecredentials
Overview
📄️ 015: Design codepublishingapproach
Overview
📄️ 016: Configure publishing approach fordeploying to Azure
Overview
📄️ 017: Define developer access to Azure as needed
Overview
📄️ 018: Design organization securityand analysis settings
Overview
📄️ 019: Decide if default oradvanced custom setupfor CodeQL
Overview
📄️ 020: Deploy Github AdvancedSecurity - CodeQL
Overview
📄️ 021: Deploy Github SecretScanning
Overview
📄️ 022: Specify configuration settings for Dependabot
Overview
📄️ 023: Integrate with Defenderfor DevOps
Overview
📄️ 024: Triage results andremediate
Overview
📄️ 025: Deploy GitHub Advanced Security - Dependabot
Overview
📄️ 026: Evaluate SAST and DAST tools (3P)
Overview
📄️ 027: Discover existingADO accounts andpermissions
Overview
📄️ 028: Remediate non-Entra ID accounts and assignments
Overview
📄️ 029: Integrate Entra ID toADO
Overview
📄️ 030: Discover, review and adjust permissionsbased on role
Overview
📄️ 031: Set up ServiceConnections todeploy to Azure
Overview
📄️ 032: Design codepublishingapproach
Overview
📄️ 033: Configure publishingapproach fordeploying to Azure
Overview
📄️ 034: Deploy GitHub AdvancedSecurity for Azure DevOps
Overview
📄️ 035: Integrate with Defender for DevOps
Overview
📄️ 036: Triage results andremediate
Overview
📄️ 037: Evaluate Dynamic Scanning (3P)
Overview