Author
Listed:
- Vladislav Manolov
(Department of Computer Systems, Faculty of Computer Systems and Technologies, Technical University of Sofia, 1000 Sofia, Bulgaria)
- Daniela Gotseva
(Department of Computer Systems, Faculty of Computer Systems and Technologies, Technical University of Sofia, 1000 Sofia, Bulgaria)
- Nikolay Hinov
(Department of Computer Systems, Faculty of Computer Systems and Technologies, Technical University of Sofia, 1000 Sofia, Bulgaria
CoE “National Center of Mechatronics and Clean Technologies”, 1000 Sofia, Bulgaria)
Abstract
This paper examines the integration and operationalization of GitHub Advanced Security (GHAS) across GitHub and Azure DevOps to enhance DevSecOps practices in cloud-native software delivery. As organizations increasingly adopt continuous integration and continuous deployment (CI/CD) pipelines, embedding security into every stage of development has become essential to protect the software supply chain. This study explores how GHAS can unify security governance across these two major Microsoft platforms by enabling consistent code scanning, secret detection, and dependency analysis within developer workflows. The methodology involves evaluating GHAS features and configurations in GitHub and Azure DevOps, analyzing feature parity, deployment models, and integration patterns, and identifying architectural approaches that support enterprise scalability. Implementation details include CodeQL customization, secret-scanning configurations, and dependency-management workflows, supported by real-world pipeline examples. Findings indicate that both GitHub and Azure DevOps benefit from GHAS through strong native integration, actionable security feedback, and automated protection embedded directly into development workflows. GHAS enhances vulnerability visibility, supports compliance enforcement, and strengthens collaboration between security and engineering teams. The study concludes that effective DevSecOps maturity requires standardized security automation and governance across platforms. GHAS provides a unified, scalable solution that aligns developer productivity with enterprise-grade security objectives in multi-environmental ecosystems.
Suggested Citation
Vladislav Manolov & Daniela Gotseva & Nikolay Hinov, 2026.
"Analysis of GitHub Advanced Security: Security Integration in GitHub and Azure DevOps,"
Future Internet, MDPI, vol. 18(2), pages 1-29, February.
Handle:
RePEc:gam:jftint:v:18:y:2026:i:2:p:99-:d:1864573
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:18:y:2026:i:2:p:99-:d:1864573. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jftint/v18y2026i2p99-d1864573.html