Secure Code to Cloud with AI Infused DevSecOps - BRK112

Explore how to implement AI-infused DevSecOps practices that seamlessly integrate security into modern development workflows in this 36-minute conference talk from Microsoft Ignite 2025. Learn to address the challenges of rapid development cycles and security alert fatigue by leveraging GitHub Advanced Security and Microsoft Defender for Cloud to create a unified approach that connects code vulnerabilities to runtime context. Discover strategies for prioritizing exploitable risks in production environments while reducing overwhelming security alerts that plague development teams. Master the integration between Microsoft Defender and GitHub Advanced Security to streamline vulnerability management across your development pipeline. Understand how to analyze container scan results effectively within Defender for Cloud and leverage runtime context for intelligent vulnerability prioritization. Gain insights into scaling vulnerability remediation across entire codebases using AI-powered fixes and agentic workflows that automatically assign and resolve multiple security issues. Examine real-world demonstrations of how security teams can collaborate more effectively with developers by focusing remediation efforts on vulnerabilities that pose actual threats in production environments rather than theoretical risks.

Syllabus

0:00 - Importance of Developer Collaboration in Security
00:05:25 - Rapid Code Growth through AI and Vulnerability Concerns
00:08:03 - Introduction of vision for secure-by-default software
00:09:31 - Focus shift to accelerating vulnerability remediation
00:10:10 - Announcement of Microsoft Defender and GitHub Advanced Security integration
00:18:10 - Analyzing container scan results in Defender for Cloud
00:22:03 - AbSec team leveraging runtime context for prioritization
00:28:08 - Assigning multiple vulnerabilities to Copilot for automatic remediation
00:29:44 - Scaling vulnerability remediation across codebases automatically