Tag Archives: SecDevOps

Road To ALM – Episode 3 Local Credential Scanning

In this episode I’ll show how you can use the CredScan build task to scan multiple repositories at the same time. By running locally on your PC or by using the same mechanism to create a schedule Continuous Assurance Job.

Continue reading

Road To ALM – Episode 2 Credential Scanning in the pipeline

In this episode I talk about Credential Scanning in the pipeline. By using the buildtasks that are available on the website http://secdevtools.azurewebsites.net/ you can use the new Microsoft Credential Scanner to find secrets, password, certificates, SAS tokens and PAT’s before they end up in your master branch. I will show how to get the task […]

Continue reading

Secure or Compliant? That is the question!

Compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that organizations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws, polices, and regulations. (source: https://en.wikipedia.org/wiki/Regulatory_compliance) Within many organizations, compliance is a commonly used […]

Continue reading