Enhancing Developer Goals: Code-to-Cloud Security Visibility with Microsoft Defender for Cloud
The landscape of software development is constantly evolving, and with it, the complexities of maintaining robust security. We're excited to share a significant leap forward in developer productivity and security posture: Microsoft Defender for Cloud's integration with GitHub Advanced Security is now generally available. This powerful integration brings unprecedented code-to-cloud risk visibility, enabling development teams to track, prioritize, and remediate security risks with greater efficiency and context.
Bridging the Gap: Code-to-Cloud Correlation for Clearer Developer Goals
One of the biggest challenges in security is understanding how vulnerabilities in code manifest in live environments. Microsoft Defender for Cloud tackles this head-on by correlating what's running in your cloud environments directly back to its source code on GitHub. By mapping container images deployed in your infrastructure to the GitHub repositories that built them—leveraging signals like GitHub artifact attestations and its own runtime intelligence—Defender for Cloud creates a seamless link. This means security findings are no longer abstract; you can evaluate them in the precise context of where and how the code runs, directly supporting your developer goals examples for secure software delivery.
Runtime Context: A Unified Security View for Enhanced Software Metrics
Beyond mere correlation, Defender for Cloud enriches the GitHub Advanced Security experience by injecting critical workload details via the Deployment Record API. Imagine knowing, directly within GitHub, whether a deployed artifact is internet-exposed or processes sensitive data. This runtime context populates the linked artifacts view, providing a single source of truth for both security and development teams. Such detailed insights are invaluable for any software metrics dashboard focused on security posture, allowing teams to measure and improve their risk profile effectively.
Intelligent Filtering for Targeted Action and Improved Productivity
To further empower teams, GitHub Advanced Security now supports runtime context filters across its core features, including code scanning, Dependabot, and security campaigns. These new filter options, available in organization-level alert lists and campaign creation flows, allow you to:
- Filter by deployment status using
has:deployment. - Focus on specific runtime risks with
runtime-risk:(e.g.,runtime-risk:internet-exposedorruntime-risk:sensitive-data).
This intelligent filtering capability transforms how teams triage and prioritize security alerts. Instead of sifting through countless findings, developers can quickly focus on the risks that are most relevant to their deployed applications, significantly boosting productivity and ensuring that critical issues are addressed first. This directly contributes to more actionable developer goals examples related to security remediation.
Getting Started and Boosting Productivity
Enabling this powerful integration is straightforward:
- Follow the setup steps detailed in the Microsoft Defender for Cloud documentation for GitHub Advanced Security. Once connected, Defender automatically handles container deployments and runtime risk context.
- Utilize the new filter options in your security views to streamline triage and focus campaigns on deployed and exposed assets.
- For even greater efficiency, assign critical security issues or campaigns to the GitHub Copilot coding agent directly from the issue or campaign view, turning insights into immediate action.
This integration marks a pivotal moment for developer productivity and security. By providing deep, contextual visibility from code to cloud, it helps teams not only identify but also understand and act upon security risks more effectively. We encourage you to explore these new capabilities and share your feedback.
