Integrate Azure DevOps with BoostSecurity¶

BoostSecurity lets you connect your Azure DevOps projects to enable security checks on your repositories, including CI/CD supply chain security checks.

Prerequisites¶

Before you begin, ensure you have:

Created a Personal Access Token (PAT) on your Azure with specific permissions.

Permissions¶

This integration will require the following permissions:

Read access - Project and Team: to read the organization projects and team.
Read access - Code: to access source code, repositories, pull requests, and notifications.
Read access - Agent Pools: needed to get the list of Agent pools.
Read & Write access - Pull Request Threads: to read and write to pull request comment threads.
Status access - Code: to access source code, repositories, pull requests, and notifications.

1. Connect Azure DevOps to BoostSecurity¶

To install the BoostSecurity integration for Azure:

Go to the Integrations page.
Select the Azure DevOps integration from the Available section.
Click Install: A window will appear, prompting you to provide the Organization name and Personal Access Token for Azure, then click Next.

Note

If the Personal Access Token is set to expire, the BoostSecurity Azure DevOps integration will need to be updated with a new token once the original one expires.
Choose the Project in Azure from the drop-down menu.
Click Complete to save.

Once the installation is complete, the BoostSecurity Azure card is added to the Settings > Integrations > Installed section. At this point, BoostSecurity integration is enabled for your Azure project. You can repeat these steps to allow integration with additional Azure projects.

2. Enable Default Scanner Protection¶

After successfully integrating your Azure DevOps organization, enabling the CI/CD scanner is recommended.

To do this:

Go to the Scanner Coverage page and select the Default Scanner Protection column for your ADO integration.
Toggle Enable the CI/CD scanner for new organizations and repositories.