Integrate Microsoft Defender for DevOps with Vulnetix. Connect GitHub or Azure DevOps repositories to receive code scanning, secret detection, dependency, and IaC vulnerability findings as SARIF.
SaaS platformSARIF
Run Microsoft Defender for DevOps in CI
Scan on every push and upload the results to Vulnetix:
- uses: actions/checkout@v4
- name: Run MSDO
uses: microsoft/security-devops-action@v1
id: msdo
with:
categories: 'code,secrets,dependencies,IaC'
- name: Upload to Vulnetix
run: vulnetix upload --file ${{ steps.msdo.outputs.sarifFile }}
Centralise Microsoft Defender for DevOps results in Vulnetix
Upload Microsoft Defender for DevOps SARIF output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.
Microsoft Defender for DevOps documentation ↗
Wire Microsoft Defender for DevOps into your CI/CD pipeline →