Following the changes to GitHub Advanced Security on GitHub, we’re launching the standalone security products of GitHub Secret Protection and GitHub Code Security for Azure DevOps today.
You can bring the protection of Advanced Security to your enterprise with the flexibility to enable the right level of protection for your repositories.
GitHub Secret Protection for Azure DevOps
Secret Protection is available for $19 per active committer per month, which provides features including:
- Push protection, to prevent secret leaks before they happen
- Secret scanning alerts with notifications, to catch existing exposures before they become a problem
- Security overview, which provides insight into your organization’s level of risk and security protection
GitHub Code Security for Azure DevOps
Code Security is available for $30 per active committer per month, which provides features including:
- Dependency alerts, to find vulnerabilities in open-source dependencies
- CodeQL scanning, to detect vulnerabilities directly in your code
- Security findings for third-party tools
- Security overview, which provides insight into your organization’s level of risk and security protection
Get started today
This experience will roll out to customers over across this week, and new customers can start using Secret Protection and Code Security plans as soon as it’s available in their organization. As a project collection administrator, navigate to Repositories under your organization, project, or repository settings. From there, you can enable Secret Protection and Code Security features.
To estimate your costs, you can use the Azure Pricing Calculator. Search for and select the Azure DevOps product, then scroll down to see GitHub Advanced Security options.
For existing customers, there is no disruption to your current Advanced Security experience. If you’re interested in moving to the Secret Protection and Code Security products, contact Azure DevOps support via the Azure Portal. File a support ticket for the GitHub Advanced Security for Azure DevOps service and select “Billing migration from bundled to standalone products” as the problem type.
In your support request, include all Azure subscriptions that may be linked to your Azure DevOps organizations you’d like to migrate.
Learn more about enabling Secret Protection and Code Security and included features. Have any feedback? Please share that with us directly or on Developer Community.
The post GitHub Secret Protection and GitHub Code Security for Azure DevOps appeared first on Azure DevOps Blog.
