Edit

GitHub Advanced Security for Azure DevOps - Sprint 270 Update

Features

Secret push protection bypass details available in audit log

When a developer bypasses push protection to push a detected secret, that bypass event is now recorded in the Azure DevOps audit log with additional context. The audit log entry includes the repository, the secret type, and the identity of the user who performed the bypass. This gives security teams and organization administrators a complete record of push protection bypass activity, making it easier to investigate incidents, enforce policy, and identify developers who may need additional security guidance.

Additional audit log entries for Advanced Security enablement events will be coming in a future release.

Next steps

Note

These features will roll out over the next two to three weeks.

Head over to Azure DevOps and take a look.

How to provide feedback

We would love to hear what you think about these features. Use the help menu to report a problem or provide a suggestion.

Make a suggestion

You can also get advice and your questions answered by the community on Stack Overflow.