Where can I view the results of the security scans?

Results are primarily viewed in the 'Scans' tab of your Azure Pipeline run. They can also be published to Microsoft Defender for Cloud for centralized enterprise monitoring.

Can I configure the pipeline to fail if vulnerabilities are found?

Yes, the skill provides guidance on using the 'break' and 'breakSeverity' parameters to fail builds based on findings that meet your risk threshold (e.g., Critical or High).

Does this skill support Windows-based build agents?

Yes, it includes mandatory guidelines for using backslashes in file paths on Windows systems to ensure the security tools can correctly locate and scan your source code.

What security tools are included in this integration?

The integration includes several tools for secret detection, SAST (such as ESLint and Bandit), dependency scanning (Trivy), and IaC analysis (Checkov, Terrascan, and Template Analyzer).

Microsoft Defender for DevOps Integration

Name: Microsoft Defender for DevOps Integration
Author: JosiahSiegel

byJosiahSiegel

•

보안 및 테스팅

Integrates comprehensive security scanning into Azure Pipelines using Microsoft Defender for Cloud to automate vulnerability detection.

This skill provides Claude with the specialized knowledge required to implement and manage Microsoft Security DevOps (MSDO) within Azure DevOps pipelines. It enables automated security scanning for secrets, static code analysis (SAST), vulnerable dependencies, Infrastructure as Code (IaC), and container images. By standardizing the integration process, it allows teams to establish robust security guardrails, publish SARIF results directly to the Azure DevOps Scans tab, and centralize findings within the Microsoft Defender for Cloud dashboard.

주요 기능

01Static Application Security Testing (SAST) for modern programming languages.

02Automated security scanning for secrets, credentials, and sensitive tokens.

03Container image vulnerability assessment utilizing Trivy integration.

047 GitHub stars

05Infrastructure as Code (IaC) analysis for Terraform, Bicep, and ARM templates.

06Configurable build-breaking logic based on vulnerability severity levels.

사용 사례

01Connecting Azure DevOps repositories to Microsoft Defender for Cloud for enterprise-wide security visibility.

02Integrating multi-tool security reports into a centralized SARIF-compatible dashboard in Azure DevOps.

03Implementing automated security guardrails that block critical vulnerabilities from reaching production.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add josiahsiegel/claude-plugin-marketplace defender-for-devops

For use in Claude.ai and ChatGPT

Download Skill