AZ-400 - Develop a Security and Compliance Plan - Section 4.3
Automate security and compliance scanning, including dependency, code, secret, and licensing scanning with GitHub Advanced Security and Microsoft Defender for Cloud.
Automate security scanning in pipelines using GitHub Advanced Security features - CodeQL analysis, Dependabot alerts, and secret scanning - to catch vulnerabilities at commit time. Integrate Microsoft Defender for Cloud to extend compliance and licensing checks beyond the repository and cover deployed workloads.
GitHub Advanced SecurityMicrosoft Defender for CloudCodeQL analysisDependabot alertssecret scanning
More in this domain
Back to all Develop a Security and Compliance Plan objectives, or the AZ-400 cert hub.
Examworthy is not affiliated with or endorsed by Microsoft. Original, blueprint-aligned practice material only.