In your cloud transformation journey, it is critical to ensure that security is automated and baked in a pervasive manner. The "Secure DevOps Kit for Azure" gets you there!
Experience the powerful capabilities of the kit hands-on within minutes! Follow these 3 easy steps to get an exhaustive report of the security configuration of your cloud subscription and resources!
- Support for a special flag -DetailedScan in ADOScanner's scan command which can be used to query and display richer information when evaluating certain controls
- Soft protection to prevent non-admin users from accidentally scanning organization and project-specific controls in ADO scanner
- Capability to setup CA using ADOScanner in a custom Azure resource group using just owner permissions at RG scope
- Support to enable/disable anonymous usage telemetry for AzSK CA and CICD scans
- Capability to delete old AzSK CA certificates using -DeleteOldCredentials switch
The Secure DevOps Kit for Azure (AzSK) was created by the Core Services Engineering & Operations (CSEO) division at Microsoft, to help accelerate Microsoft IT's adoption of Azure. We have shared AzSK and its documentation with the community to provide guidance for rapidly scanning, deploying and operationalizing cloud resources, across the different stages of DevOps, while maintaining controls on security and governance.
AzSK is not an official Microsoft product – rather an attempt to share Microsoft CSEO's best practices with the community.