Ship fast, stay secure: from code to runtime | OD841
Skills:
AI Security80%
Key Takeaways
Secures code to runtime using Defender for Cloud and GitHub Advanced Security
Original Description
You write the code. You own the pipeline. Now security is yours too — but it doesn't have to slow you down. See how Defender for Cloud and GitHub Advanced Security catch vulnerabilities where you already work: your CLI, your repo, your pull request, your cloud. No workflow changes required.
To learn more, please check out these resources:
* https://aka.ms/build26-next-steps
𝗦𝗽𝗲𝗮𝗸𝗲𝗿𝘀:
* James Brotsos
𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻:
This is one of many sessions from the Microsoft Build 2026 event. View even more sessions on-demand and learn about Microsoft Build at https://build.microsoft.com
OD841 | English (US) | Responsible AI
Pre-recorded | (300) Advanced
#MSBuild
Chapters:
0:00 - Introduction by James Brotsos and Overview of 'Ship Fast, Stay Secure'
00:00:42 - Explaining Developer-Security Collaboration Challenges
00:01:14 - Embedding Security into Developer Workflows
00:01:53 - Integration Between Microsoft Defender for Cloud and GitHub Advanced Security
00:02:27 - Demo Introduction and Setup of MDASH Scanner
00:02:52 - Overview of MDASH Multi-Agent AI Scanning Pipeline
00:03:33 - Running MDASH Scan and Discovering Non-Pattern Vulnerabilities
00:04:08 - AI-Assisted Fixing of Vulnerabilities through Copilot
00:05:05 - Developer Review Process in VS Code and Pull Request Security Feedback
00:07:15 - Switching to Security Manager View: Application Security Initiative Dashboard
00:09:16 - Attack Path Analysis: Mapping Code Vulnerabilities to Cloud Risk
00:12:00 - GitHub Integration for Issue Creation and Automated Fix Suggestions
00:13:33 - AI Model Security: Detecting Malicious Pickle Artifacts and Model Risks
00:16:01 - End-to-End AI Security in Pipelines
00:17:15 - Summary of Full AI-Powered Security Lifecycle from Code to Cloud
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
More on: AI Security
View skill →Related Reads
📰
📰
📰
📰
Follow-up: AI agent that removes unnecessary code
Dev.to AI
3 months, ¥0 revenue: a field worker owns our shop, AI operates most of it. Here is everything. Tell us what we are missing.
Dev.to AI
How I Built a Raspberry Pi-Powered AI Automation Lab for Under $100
Dev.to AI
How QA Testers Are Actually Using AI in 2026 (Prompts Included)
Dev.to · Aleksandr Singer
Chapters (15)
Introduction by James Brotsos and Overview of 'Ship Fast, Stay Secure'
0:42
Explaining Developer-Security Collaboration Challenges
1:14
Embedding Security into Developer Workflows
1:53
Integration Between Microsoft Defender for Cloud and GitHub Advanced Security
2:27
Demo Introduction and Setup of MDASH Scanner
2:52
Overview of MDASH Multi-Agent AI Scanning Pipeline
3:33
Running MDASH Scan and Discovering Non-Pattern Vulnerabilities
4:08
AI-Assisted Fixing of Vulnerabilities through Copilot
5:05
Developer Review Process in VS Code and Pull Request Security Feedback
7:15
Switching to Security Manager View: Application Security Initiative Dashboard
9:16
Attack Path Analysis: Mapping Code Vulnerabilities to Cloud Risk
12:00
GitHub Integration for Issue Creation and Automated Fix Suggestions
13:33
AI Model Security: Detecting Malicious Pickle Artifacts and Model Risks
16:01
End-to-End AI Security in Pipelines
17:15
Summary of Full AI-Powered Security Lifecycle from Code to Cloud
🎓
Tutor Explanation
DeepCamp AI