AI-Augmented DevSecOps in Azure Pipelines
DOI:
https://doi.org/10.63282/3050-9262.IJAIDSML-V7I1P111Keywords:
Azure Devops, AI-Augmented Devsecops, Continuous Integration, Continuous Deployment, Security Automation, Github Advanced Security, Azure Policy, Microsoft Defender For Devops, Compliance-As-Code, Vulnerability Management, CI/CD, Machine Learning For SecurityAbstract
The rise of cloud-native applications and continuous delivery has accelerated the adoption of DevOps practices. However, increasing complexity and security risks in modern software pipelines demand an evolution toward DevSecOps integrating security throughout the development lifecycle. Microsoft Azure Pipelines, combined with AI and automation, provides a foundation for AI-augmented DevSecOps that automates vulnerability detection, compliance enforcement, and threat remediation. This paper explores how AI-driven analytics, policy-as-code, and automated security gates enhance continuous integration and continuous deployment (CI/CD) pipelines in Azure. Through architectural analysis and experimental use cases, it demonstrates measurable improvements in pipeline reliability, compliance adherence, and mean time to detect vulnerabilities (MTTD).
References
[1] Microsoft. (2024). Azure Pipelines Documentation. [Online]. Available: https://learn.microsoft.com/azure/devops/pipelines/
[2] Chen, J., & Wang, Y. (2021). “Automated Security Integration in CI/CD Systems.” IEEE Software Engineering Review, 38(4), 52–63.
[3] Park, K., & Singh, A. (2022). “AI-Based Threat Detection for DevOps Pipelines.” Journal of Cloud Security and Automation, 8(3), 99–115.
[4] Microsoft Defender for Cloud Team. (2023). Defender for DevOps Integration Overview. [Online].
[5] GitHub Security Team. (2023). GitHub Advanced Security and CodeQL Documentation. [Online].
[6] Microsoft Copilot for Security Team. (2025). Generative AI for Secure Software Development. [Online].
