Making Security Invisible for Game Developers

gitkraken logo
GitKraken
Mar 5, 2026
GitKraken

Security that developers never have to think about. That's the goal Audrey Long, Senior Gaming Cloud Security Architect at Microsoft Gaming Security, set out to achieve, and then actually built.

In this GitKon session, Audrey walks through how Microsoft Gaming tackled a massive identity security challenge across double-digit Entra ID tenants spanning independent game studios. With no existing tooling that fit the pace of game development, her team built the Entra ID Tenant Security Scanner from scratch using the Maester Framework, custom PowerShell, and GitHub Actions.

The result: 49 security controls running invisibly in the background, 100% studio adoption, and compliance that disappears into the workflow.

You'll learn how they distilled Microsoft's 65-control corporate identity baseline down to 49 essential checks built specifically for game studios, how GitHub Actions became the backbone of automated tenant scanning without introducing new tools or portals, how phishing-resistant MFA, privileged identity management, and conditional access checks are enforced nightly across every tenant, and what the Maester dashboard looks like in practice, including pass/fail views with severity ratings and instant remediation links.

If your team is managing multi-tenant cloud environments at scale, or you're trying to make security work for fast-moving creative teams, this talk is exactly what you need.

GitKraken Desktop:
http://tr.ee/GKDYT

GitKraken CLI:
http://tr.ee/CLIYT

GitLens for VS Code:
http://tr.ee/GLYT

Git Integration for Jira:
http://tr.ee/GijYT

Git Blog:
http://gitkraken.com/blog

Copyright © 2026 OpsMatters™. All rights reserved.