Secure DevHQ

Internal Microsoft secure engineering extension for VS Code.

Secure DevHQ is engineering command center and one stop shop for SFI fixes, Secure First development powered by Agency. It helps teams run secure development workflows from one place, including compliance triage, repository workflows, work item operations, and Agency-assisted implementation.

Key Capabilities

• Secure Development workflow with guided request, execution, and summary
• SFI action item fetch, classification, and remediation flow
• Repository and Azure posture dashboards
• Security review and IaC compliance scan via Agency integration

Internal Use

This extension is intended for internal Microsoft engineering scenarios.

Requirements

• VS Code 1.96+
• Agency CLI available on PATH (or configured via secdevhq.agencyCliPath)