Authentic DevOps with AI Foundry and GitHub: Enhancing Security Automation

In this episode, Microsoft Developer’s Krystal Folkes and Katie Novotny demonstrate building AI-powered security agents using Azure AI Foundry, GitHub, and GitHub Copilot to automate and secure DevOps workflows.

Authentic DevOps with AI Foundry and GitHub: Enhancing Security Automation

Overview

This episode of Sip and Sync with Azure explores how integrating Azure AI Foundry agents with GitHub and GitHub Copilot can revolutionize DevOps and security workflows. Hosts Krystal Folkes and Katie Novotny, both part of Microsoft’s Global Black Belt team, provide a practical walkthrough of utilizing these technologies for developer-led security automation.

Key Topics Covered

• Building Security Agents: Demonstration on creating a security-focused agent leveraging Azure AI Foundry and MCP (Microsoft Cloud Platform) tools.
• Automation with GitHub: How to connect the agent to GitHub’s advanced security advisories to automate vulnerability insights.
• GitHub Copilot for Prompt Engineering: Utilizing GitHub Copilot to improve and fine-tune prompts for agent instructions, making developer interaction more effective.
• Secure Local Execution: Running agents securely on a local machine using GitHub token authentication, managed identities, and Azure Key Vault integration for secrets.
• Multi-Agent Orchestration: Handling advanced DevOps scenarios through orchestration of multiple agents for planning, documentation, and security workflows.

Demo Highlights

• Connecting Azure AI Foundry Agents with GitHub: Step-by-step setup and the technical approach to bring these platforms together.
• Python Application Demo: Showcasing code and SDK usage for building and deploying an AI-powered security agent.
• Authorization with GitHub MCP Server: Securely enabling the agent to access advanced security advisories for vulnerability management.
• Viewing Security Insights: Live demonstration of security advisories in action and how they inform DevOps workflows.

Security and Best Practices

• Leveraging Azure Key Vault: Demonstrating secure integration for storing tokens and keys.
• Managed Identity Usage: Using Azure’s managed identity capabilities to automate agent authentication while maintaining high security standards.

Who Should Watch?

• DevOps engineers, security and compliance professionals, and developers interested in bringing AI-powered automation into their workflows.

Links & Further Learning

• Azure AI Foundry
• GitHub Advanced Security
• GitHub Copilot
• Microsoft Learn
• Sip and Sync Playlist

About the Presenters

• Krystal Folkes – Microsoft Software Global Black Belt, specialist in Azure and GitHub integrations for developer experience.
• Katie Novotny – Host and Microsoft Global Black Belt, highlighting innovative tools and implementation best practices.

---

Watch the full episode for technical insights, live demonstrations, and practical strategies to elevate DevOps with Microsoft’s latest AI and security tools.