Quick links

A curated list of resources and tools to enhance security across the Application Security design principle domains. The linked content provides additional context to help you secure applications, integrate security practices, foster continuous security improvements, and effectively manage and mitigate risks.

Security

• GitHub Advanced Security
• Configuring default setup for code scanning at scale
• Secret Scanning
• Microsoft Azure Security Center

Compliance

• Accessing compliance reports for your enterprise
• Microsoft Compliance Offerings
• GitHub Subprocessors

Proactivity

• Keeping your dependencies updated automatically with Dependabot version updates
• Configuring Dependabot security updates
• Configuring Dependency Review to catch vulnerable dependencies in your pull requests
• Configuring Push Protection to block commits with hard coded secrets
• Azure security best practices and patterns

Awareness

• GitHub Security Alerts
• Working with security advisories
• Azure Security Blog
• Microsoft Learn: Security, Compliance, and Identity Fundamentals