Installs the latest Microsoft and 3rd party security tools
Automatic or user-provided configuration of security tools
Execution of a full suite of security tools
Normalized processing of results into the SARIF format
Build breaks and more
Captures the container images pushed in a build run
Basic
Add the MicrosoftSecurityDevOps build task to your pipeline's yaml:
steps:
- task: MicrosoftSecurityDevOps@1
The publish input option is defaulted to true. If true, this will publish a SARIF formatted results file as a build artifact to CodeAnalysisLogs/msdo.sarif.
View Results
To better view the results of the scan, outside of the console output and results file, the SARIF SAST Scans Tab Azure DevOps extension can be installed in parallel. It will look for *.sarif files in the CodeAnalysisLogs build artifact directory and display them as source annotations.
