Skip to content

Connecting defender for cloud DevOps

Connecting Azure DevOps to Microsoft Defender for Cloud helps identify and fix security issues. Check with your Organisation Owner and Cyber Security team about potential costs first.

The following practices are RECOMMENDED:

  • Connect to Defender for Cloud: Organisation Owners MAY link Azure DevOps to Defender for Cloud for security insights. This will also install the Defender for DevOps Container Mapping extension to protect containerized applications.

  • Enable Pull Request Annotations: Turn on annotations to highlight security issues in pull requests, so they can be fixed before merging.

  • Review Alerts and Recommendations: Regularly review Defender for Cloud alerts and follow recommendations to reduce risks.

Further reading and information

Microsoft Defender for Cloud DevOps Security Benefits | Microsoft Learn

Connect Azure DevOps to Defender for Cloud | Microsoft Learn

Configure the Security DevOps Extension | Microsoft Learn

Microsoft Security DevOps Extension for Azure DevOps | GitHub

Enable Pull Request Annotations | Microsoft Learn