Remediate code with Copilot for Security
Microsoft Defender for Cloud's integration with Microsoft Copilot for Security allows you to remediate Infrastructure as Code (IaC) misconfigurations that are discovered in your code repositories. Remediating an IaC finding with Copilot allows you to address security misconfigurations and vulnerabilities early in the development cycle by automatically generating Pull Requests (PRs) that correct the identified weaknesses. Remediating these misconfigurations and vulnerabilities ensure that security issues in code are addressed accurately and promptly.
Prerequisites
- Enable Defender for Cloud on your environment.
- Connect your Azure DevOps environment to Defender for Cloud.
- Configure the Microsoft Security DevOps Azure DevOps extension.
- Review and ensure you meet the DevOps security support and prerequisites requirements.
- Have access to Azure Copilot.
- Have Security Compute Units assigned for Copilot for Security.
Remediate an Infrastructure as Code scanning finding
With Copilot for Security in Defender for Cloud you can remediate recommendations.
Sign in to the Azure portal.
Search for and select Microsoft Defender for Cloud.
Navigate to Recommendations.
Search for and select the Azure DevOps repositories should have infrastructure as code scanning findings resolved recommendation.
Select Reduce risk with Copilot.
Select Help me remediate this recommendation.
Select security check.
Select the appropriate description.
Select Select.
Review the summary of the code fix.
Select Submit.
Select the provided link.
Review the PR.
Once the PR is generated in your code repository, you should have a developer review and approve the PR to have it merged into the code base.