Secure Code to Cloud with AI-Infused DevSecOps

Microsoft Events presents a session featuring Oz Wilder, Charlie Doubek, Marcelo Oliveira, and Manuel Sanchez Rodriguez on streamlining DevSecOps with GitHub Advanced Security, Microsoft Defender for Cloud, and AI-driven agentic workflows.

Secure Code to Cloud with AI-Infused DevSecOps | BRK112

Session Speakers: Oz Wilder, Charlie Doubek, Marcelo Oliveira, Manuel Sanchez Rodriguez
Source: Microsoft Ignite 2025
Session Level: Intermediate (200)

Overview

Modern development cycles are fast-paced, often overwhelming security teams with alerts and requiring smarter prioritization and automation. This session demonstrates how GitHub Advanced Security and Microsoft Defender for Cloud integrate to make DevSecOps practices seamless and efficient by connecting code vulnerabilities with runtime context.

Key Topics Covered

• Developer Collaboration in Security: The importance of engaging developers early in the security process to improve code quality and reduce vulnerabilities.
• Growth of AI in Development: Discussion on the rapid expansion of code through AI tools and the corresponding new threat vectors.
• Vision for Secure-by-Default Software: Outlining Microsoft’s approach to security embedded directly in development tooling and processes.
• Accelerating Vulnerability Remediation: Strategies to quickly identify, prioritize, and address high-impact security issues across large codebases.
• Integration Announcement: Introduction of the integration between Microsoft Defender for Cloud and GitHub Advanced Security, enabling unified workflows for developers and security administrators.
• Container Scan Analysis: Demonstration of analyzing container scan results within Defender for Cloud.
• Runtime Context for Prioritization: Leveraging runtime data to focus remediation efforts on what is actually exploitable in production.
• Automated Remediation with Copilot: Assigning multiple vulnerabilities to Copilot for automatic fixes, showcasing the use of AI agentic workflows to oversee and accelerate security remediation at scale.

Resources

• Agentic DevOps with GitHub Copilot
• GitHub Advanced Security
• DevSecOps Use Cases
• GitHub Enterprise
• Microsoft Ignite 2025

Related Sessions

• BRK108
• THR819

Session Timeline

• 0:00 – Developer collaboration in security
• 5:25 – Rapid code growth through AI, vulnerability concerns
• 8:03 – Vision for secure-by-default software
• 9:31 – Accelerating vulnerability remediation
• 10:10 – Defender & GitHub Advanced Security integration
• 18:10 – Analyzing container scans in Defender
• 22:03 – Using runtime context for vulnerability prioritization
• 28:08 – Automated remediation with Copilot
• 29:44 – Scaling remediation across codebases

Learning Outcomes

• Understand the importance of combining developer-first and security-first tooling
• Learn how to use AI-driven workflows to reduce alert fatigue and speed up fixes
• See practical examples of DevSecOps workflow automation from code to cloud

---