Episode 23 of 25
For the full video series, click here: https://aka.ms/AZ-400onYouTube
In this episode, Software composition analysis and security monitoring, you’ll continue your DevSecOps journey by learning how to integrate security and compliance into development pipelines. The session explains why inspecting code for vulnerabilities and compliance issues is essential, how Software Composition Analysis (SCA) helps manage open-source dependencies, and how tools such as GitHub Dependabot, Azure Artifacts, and CI/CD-integrated scanning reduce supply chain risk.
You’ll also explore container scanning, Microsoft Defender for Cloud, Azure Policy, initiatives, and resource locks to support monitoring and governance at scale. By the end, you’ll understand how to automate security checks, interpret scan results, and enforce consistent governance practices aligned with AZ-400 certification objectives.
Learn more about this course and take the certification exam to test your new skills: https://aka.ms/AZ-400onLearn
