Skip to content

Integrate Azure DevOps with BoostSecurity

BoostSecurity allows you to connect your Azure DevOps projects to enable security checks on your repositories, including CI/CD supply chain security checks.

Prerequisites

Before you begin, make sure you have:

  • Created a Personal Access Token (PAT) on your Azure with certain permissions.

Permissions

This integration will use the following permissions:

  • Read access - Project and Team: read the organization projects and team.
  • Read access - Code: Source code, repositories, pull requests, and notifications.
  • Read access - Agent Pools: Needed to get the list of Agent pools.
  • Read & Write access - Pull Request Threads: read and write to pull request comment threads.
  • Status access - Code: Source code, repositories, pull requests, and notifications.

1. Connect Azure DevOps to BoostSecurity

To install the BoostSecurity integration for Azure:

  1. Navigate to the Integrations page.
  2. Select the Azure DevOps integration from the Available section.

  3. Select Install: A window pops up, directing you to provide the Organization name and Personal Access Token for Azure and select Next.

    Installation

    Note

    If the Personal Access Token is set to expire at a given time, the Azure DevOps integration in BoostSecurity will need to be updated with a new Personal Access Token once the original token has expired.

  4. Select the Project in Azure from the drop-down.

    menu

  5. Select Complete to save.

Once the installation is completed, the BoostSecurity Azure card is added to the Settings > Integrations > Installed section. At this point, BoostSecurity integration is enabled for your Azure project. Note that the steps can be repeated to enable the integration with additional Azure projects.

2. Enable Default Scanner Protection

After successfully integrating your Azure DevOps organization, it is recommended to enable the CI/CD scanner.

To do this,

  1. Navigate to the Scanner Coverage page and select the Default Scanner Protection column for your ADO integration.

  2. Toggle to Enable the CI/CD scanner for new organizations and repositories.

    Enable CI/CD Scanner