René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":"https://techcommunity.microsoft.com","name":"Microsoft Community Hub"},{"@type":"ListItem","position":2,"item":"https://techcommunity.microsoft.com/category/communities","name":"Communities"},{"@type":"ListItem","position":3,"item":"https://techcommunity.microsoft.com/category/products-services","name":"Products"},{"@type":"ListItem","position":4,"item":"https://techcommunity.microsoft.com/category/Azure","name":"Azure"},{"@type":"ListItem","position":5,"item":"https://techcommunity.microsoft.com/category/Azure/blog/AppsonAzureBlog","name":"Apps on Azure Blog"}]}

{"@context":"https://schema.org","@type":"BlogPosting","datePublished":"11/18/2025, 4:04:11 PM","description":"Security teams and developers face the same frustrating cycle: thousands of alerts, limited time, and no clear way to know which issues matter most. Applications suffer attacks as quickly as once every three minutes,1 emphasizing the importance of proactive security that prioritizes critical, exploitable vulnerabilities. Microsoft is leading this shift with new integrations in the end-to-end solution that combines GitHub Advanced Security’s developer-first application security tool with Microsoft Defender for Cloud's runtime protection, enhanced by agentic remediation. Now available in public preview.\nThis integration empowers organizations to secure code to cloud and accelerates tackling of security issues in their software portfolio using agentic remediation and runtime context-based vulnerability prioritization. The result: fewer distractions, faster fixes, better collaboration and more proactive security from code to cloud.\nThe DevSecOps Dilemma— too many alerts, not enough action\nOver the past decade, the application security industry has made significant strides in improving detection accuracy and fostering collaboration between security teams and developers. These advances have enabled both groups to work together on real issues and drive meaningful progress. However, despite these improvements, remediation trends across the industry have remained stagnant. Quarter after quarter, year after year, vulnerability counts continue to rise with critical / high vulnerabilities constituting 17.4% of vulnerability backlogs and a mean-time-to-remediation (MTTR) of 116 days2\nToday, three big challenges slow teams down:\n\nSecurity teams are drowning in alert fatigue, struggling to distinguish real, exploitable risks from noise. At the same time, AI is rapidly introducing new threat vectors that defenders have little time to research or understand—leaving organizations vulnerable to missed threats and evolving attack techniques.\nDevelopers lack clear prioritization while remediation takes long, so they lose time fixing issues that may never be exploited. Remediation cycles are slow, leaving systems exposed to potential attacks while teams debate which issues matter most or search for the right person to fix them \nBoth teams rely on separate, non-integrated tools, making collaboration slow and frustrating. Development and security teams frequently operate in silos, reducing efficiency and creating blind spots.\n\nThis leads to wasted time, unresolved threats, and growing backlogs. Teams are stuck reacting to noise instead of solving real problems.\nDevSecOps reimagined in the era of AI\nYour app is live and serving thousands of customers. Defender for Cloud detects a vulnerability in an internet-facing API that handles sensitive data. In the past, this alert would age  in a dashboard while developers worked on unrelated fixes because they didn’t know this was the critical one.\nNow, with the new integration, a security campaign can be created in GitHub filtering for runtime risk (internet exposed, sensitive data etc.) notifying the developer to prioritize this issue. The developer views the issue in their workflow, understands why it matters, and uses Copilot Autofix to apply an AI-suggested fix in minutes.\nThe developer can then select these risks at bulk and assign the GitHub Copilot coding agent to create a draft PR for a multi merge fix ready for human review.\n\nVirtual Registry: Code-to-Runtime Mapping\nCode to runtime mapping is possible with the Virtual Registry which makes GitHub a trusted source for artifact metadata. Integrated with Microsoft Defender for Cloud, the Virtual Registry enables smarter risk prioritization and faster incident response.\nTeams can quickly answer:\n\nIs this vulnerability running in production?\nIs it exposed to sensitive workloads?\nDo I need to act now?\n\nBy combining runtime and repository context, the Virtual Registry streamlines alert triage and incident response. We shipped a new set of filters to both Code Scanning and Dependabot and Security Campaigns that are based on the artifact metadata that is stored in the Virtual Registry.\nFaster fixes with agentic remediation\nThe integration includes Copilot Autofix, an AI-powered tool that suggests code changes to fix security problems. It checks that the fixes work and helps developers resolve issues quickly, without switching tools.\nTo complete the agentic work flow we can be bulk assign these autofixes to GitHub Copilot Coding agent to create a draft Pull Request awaiting human review.\nWhy this matters\n\nFewer alerts to sort through: Focus only on what’s exploitable in production.\nFaster fixes: AI-powered fix suggestions through GitHub Copilot Autofix have shown to fix 50% of alerts within the PR with a 70% reduction in mean time-to-remediation3\nBetter teamwork: Developers and security teams collaborate seamlessly. With collaborative security now powered by connected context, we’ve seen 68% of alert remediated using GitHub Advanced Security’s security campaigns.3\n\n\nTry it now\nThis feature is available in public preview and will be showcased at Microsoft Ignite. If your team builds cloud-native applications, this integration helps you protect code to cloud more effectively—without slowing down development.\nCustomer FAQs\nHow do I start using the integration?\nFrom Microsoft Defender for Cloud:\n\nGo to the environment section in the Defender for Cloud portal.\nGrant a new GitHub connector or update an existing one to provide consent to scan your source code.\nIf you use GitHub, setup is one click. You’ll immediately see initial scan results and recommended fixes.\n\nFrom GitHub:\n\nYou will be able to filter alerts by runtime context   in addition to receiving  AI-suggested fixes.\n\nHow do I purchase this integration?\nFor GitHub:\n\nGitHub Advanced Security (GHAS) is available as:\n\nCode Security SKU: $30 per committer/month (available April 2025)\nGHAS Bundle: $49 per committer/month (available now)\n\nGitHub Enterprise Cloud\nGitHub Copilot\n\nFor Microsoft Defender for Cloud CSPM:\nDefender CSPM: $5 per billable resource/month\n\nBoth can be enabled through the Azure Portal as Azure meters.\n\n \n[1]: Software Under Siege | AppSec Threat Report 2025 | Contrast Security\n[2]: Edgescan | Vulnerability Statistics Report 2025\n[3]: GitHub Internal Data","mainEntityOfPage":{"@type":"WebPage","@id":"https://techcommunity.microsoft.com/blog/appsonazureblog/security-where-it-matters-runtime-context-and-ai-fixes-now-integrated-in-your-de/4470794"},"headline":"Security Where It Matters: Runtime Context and AI Fixes Now Integrated in Your Dev Workflow","image":["https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00NDcwNzk0LWpMU1ZYaQ?revision=6"],"dateModified":"11/18/2025, 3:00:47 PM","author":{"@type":"Person","name":"AndrewMFlick","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/dS0xMjQ0ODU4LXpYSjF5TA?image-coordinates=0%2C0%2C128%2C128"},"publisher":{"@type":"Organization","name":"TECHCOMMUNITY.MICROSOFT.COM"}}