Find and fix security gaps in Infrastructure as code (IaC) and existing applications
oak9 is an automated cloud security platform for Microsoft Azure DevOps Pipelines that builds security and compliance into your cloud native applications both, effectively and efficiently. The platform seamlessly integrates with your CI/CD pipeline and tells you when you have risks within your infrastructure are code to deliver applications that are secure & compliant by-design.
About the oak9 Azure DevOps Marketplace Extension
This extension provides the following features:
Create intelligent automation security blueprints - reference architectures - that make sure everything you build stays secure and compliant
Continuous Dynamic Monitoring allows encoding security to sync with modern application development and perform continuous risk assessments to manage drift
Notifications of security design flaws as you update Infrastructure as code (IaC) for cloud-native applications
Find security issues in Terraform code and get notified of security design gaps without ever leaving your workflow
Highlighted Features
This extension provides the following features:
App Security Design
Infra-as-Code Security Checks
Automated Security Design Integration
Security Design Enforcement
Security Design Change Management
Out of the box compliance regulations including: PCI DSS, ISO 27001, GDPR, CCPA HIPAA, HI TECH, State Regulations, NIS SP 800-53
Visit our support page for extension related questions.
Create an account with oak9
To start using oak9 as part of your pipeline build, first create an oak9 account by clicking here, and follow the onboarding instructions.
Add ADO integration by creating an api token.
Add oak9 Analysis task in the pipeline.
Analysis Report
Once the job run is successful, oak9 Analysis Report can be found for the pipeline
This analysis report can also be viewed by selecting the pipeline with oak9 Task and navigating to extensions
Example of a passed report
Example of a failed report
