{"id":3105,"date":"2025-12-19T18:24:14","date_gmt":"2025-12-19T18:24:14","guid":{"rendered":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/12\/19\/work-item-linking-for-advanced-security-alerts-now-available\/"},"modified":"2025-12-19T18:24:14","modified_gmt":"2025-12-19T18:24:14","slug":"work-item-linking-for-advanced-security-alerts-now-available","status":"publish","type":"post","link":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/12\/19\/work-item-linking-for-advanced-security-alerts-now-available\/","title":{"rendered":"Work item linking for Advanced Security alerts now available"},"content":{"rendered":"

Security vulnerabilities don\u2019t fix themselves. Someone needs to track them, prioritize them, and actually ship the fix. If you\u2019ve ever tried to manage security alerts alongside your regular sprint work, though, you know the friction: you\u2019re looking at an alert in one tab, switching to your backlog in another, trying to remember which vulnerability you were supposed to file a bug for.<\/p>\n

We shipped work item linking for GitHub Advanced Security for Azure DevOps alerts to fix this. It\u2019s now generally available and it does exactly what it sounds like: you can link work items in Boards directly to security alerts. Note that this only works for Advanced Security alerts in Azure DevOps.<\/p>\n

The problem we see<\/h2>\n

Security alerts live in the Advanced Security hub while sprint planning happens in Boards. Teams end up with lost context (which alerts have owners?) and visibility gaps (is anyone actually working on this vulnerability?).<\/p>\n

When your security team asks \u201cis someone fixing this?\u201d and your engineering team asks \u201cwhich alert was this bug tracking again?\u201d, visibility becomes your bottleneck.<\/p>\n

How it works<\/h2>\n

You can link from either direction: from an alert to a work item, or from a work item to an alert. Once linked, you can navigate back and forth with one click when you need context.<\/p>\n

You\u2019ll also see which alerts have a linked worked item in the repository\u2019s Advanced Security tab: \"image<\/a><\/p>\n

Try it out<\/h2>\n

Open an alert in your Advanced Security hub and click \u201cAdd\u201d next to the Related Work section to link it to a work item. \"advsec<\/a><\/p>\n

Or go the other way and create a work item, then link it to an alert by selecting \u201cAdvanced Security Alert\u201d as the link type. \"advsec<\/a><\/p>\n

Once you\u2019ve linked them, you can always jump between the alert and its work item when you need context.<\/p>\n

If you\u2019re already using GitHub Advanced Security for Azure DevOps, start linking today. The integration respects your existing permissions so you can only link alerts and work items you have access to.<\/p>\n

This is part of a broader effort to make security workflows native to Azure DevOps. We recently shipped one-click enablement for dependency scanning<\/a> that eliminates pipeline edits and added more flexibility for project and organization-level enablement settings<\/a>. More coming.<\/p>\n

Have feedback? Let us know<\/a>.<\/p>\n

\n

Try it today<\/strong>: Link work items to Advanced Security alerts<\/a> | Learn more about GitHub Advanced Security for Azure DevOps<\/a><\/p>\n

The post Work item linking for Advanced Security alerts now available<\/a> appeared first on Azure DevOps Blog<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"

Security vulnerabilities don\u2019t fix themselves. Someone needs to track them, prioritize them, and actually ship the fix. If you\u2019ve ever […]<\/p>\n","protected":false},"author":1,"featured_media":3106,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3105","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/3105","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=3105"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/3105\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media\/3106"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=3105"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=3105"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=3105"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}