Ship fast, stay secure: from code to runtime | OD841

Microsoft Developer · Beginner ·🤖 AI Agents & Automation ·1mo ago
Skills: AI Security80%

Key Takeaways

Secures code to runtime using Defender for Cloud and GitHub Advanced Security

Original Description

You write the code. You own the pipeline. Now security is yours too — but it doesn't have to slow you down. See how Defender for Cloud and GitHub Advanced Security catch vulnerabilities where you already work: your CLI, your repo, your pull request, your cloud. No workflow changes required. To learn more, please check out these resources: * https://aka.ms/build26-next-steps 𝗦𝗽𝗲𝗮𝗸𝗲𝗿𝘀: * James Brotsos 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻: This is one of many sessions from the Microsoft Build 2026 event. View even more sessions on-demand and learn about Microsoft Build at https://build.microsoft.com OD841 | English (US) | Responsible AI Pre-recorded | (300) Advanced #MSBuild Chapters: 0:00 - Introduction by James Brotsos and Overview of 'Ship Fast, Stay Secure' 00:00:42 - Explaining Developer-Security Collaboration Challenges 00:01:14 - Embedding Security into Developer Workflows 00:01:53 - Integration Between Microsoft Defender for Cloud and GitHub Advanced Security 00:02:27 - Demo Introduction and Setup of MDASH Scanner 00:02:52 - Overview of MDASH Multi-Agent AI Scanning Pipeline 00:03:33 - Running MDASH Scan and Discovering Non-Pattern Vulnerabilities 00:04:08 - AI-Assisted Fixing of Vulnerabilities through Copilot 00:05:05 - Developer Review Process in VS Code and Pull Request Security Feedback 00:07:15 - Switching to Security Manager View: Application Security Initiative Dashboard 00:09:16 - Attack Path Analysis: Mapping Code Vulnerabilities to Cloud Risk 00:12:00 - GitHub Integration for Issue Creation and Automated Fix Suggestions 00:13:33 - AI Model Security: Detecting Malicious Pickle Artifacts and Model Risks 00:16:01 - End-to-End AI Security in Pipelines 00:17:15 - Summary of Full AI-Powered Security Lifecycle from Code to Cloud
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Related Reads

📰
Follow-up: AI agent that removes unnecessary code
Learn how to use AI agents to remove unnecessary code and reduce technical debt, improving operational margins
Dev.to AI
📰
3 months, ¥0 revenue: a field worker owns our shop, AI operates most of it. Here is everything. Tell us what we are missing.
Learn how a one-human company uses AI to operate most of its shop with zero revenue for 3 months, and identify potential missing elements in their setup
Dev.to AI
📰
How I Built a Raspberry Pi-Powered AI Automation Lab for Under $100
Learn how to build a Raspberry Pi-powered AI automation lab for under $100 to automate repetitive tasks and free up hours of your day
Dev.to AI
📰
How QA Testers Are Actually Using AI in 2026 (Prompts Included)
Learn how QA testers are leveraging AI in 2026 to improve testing efficiency and accuracy
Dev.to · Aleksandr Singer

Chapters (15)

Introduction by James Brotsos and Overview of 'Ship Fast, Stay Secure'
0:42 Explaining Developer-Security Collaboration Challenges
1:14 Embedding Security into Developer Workflows
1:53 Integration Between Microsoft Defender for Cloud and GitHub Advanced Security
2:27 Demo Introduction and Setup of MDASH Scanner
2:52 Overview of MDASH Multi-Agent AI Scanning Pipeline
3:33 Running MDASH Scan and Discovering Non-Pattern Vulnerabilities
4:08 AI-Assisted Fixing of Vulnerabilities through Copilot
5:05 Developer Review Process in VS Code and Pull Request Security Feedback
7:15 Switching to Security Manager View: Application Security Initiative Dashboard
9:16 Attack Path Analysis: Mapping Code Vulnerabilities to Cloud Risk
12:00 GitHub Integration for Issue Creation and Automated Fix Suggestions
13:33 AI Model Security: Detecting Malicious Pickle Artifacts and Model Risks
16:01 End-to-End AI Security in Pipelines
17:15 Summary of Full AI-Powered Security Lifecycle from Code to Cloud
Up next
Headroom: Revolutionizing AI with Smart Token Compression #shorts
Income stream surfers
Watch →