Add GHAzDO release notes

Author: gloridelmorales

release-notes/2025/ghazdo/sprint-260-update.md

@@ -0,0 +1,17 @@
+---
+title: Azure DevOps release notes - GitHub Advanced Security for Azure DevOps 260 Update
+description: See the Sprint 260 feature updates for GitHub Advanced Security for Azure DevOps, including next steps.
+author: gloridelmorales
+ms.author: glmorale
+ms.date: 8/11/2025
+---
+
+# GitHub Advanced Security for Azure DevOps - Sprint 260 Update
+
+## Features
+
+[!INCLUDE [sprint-260-update-links](../includes/ghazdo/sprint-260-update-links.md)]
+
+[!INCLUDE [sprint-260-update](../includes/ghazdo/sprint-260-update.md)]
+
+[!INCLUDE [nextsteps](../includes/nextsteps.md)]

release-notes/2025/includes/general/sprint-260-update-links.md

@@ -6,4 +6,5 @@ ms.topic: include
 ---
 
 - [Only organizations with existing public projects can create new ones](#only-organizations-with-existing-public-projects-can-create-new-ones)
-- [Azure DevOps login flow no longer relies on Azure Resource Manager audience](#azure-devops-login-flow-no-longer-relies-on-azure-resource-manager-audience)
+- [Azure DevOps login flow no longer relies on Azure Resource Manager audience](#azure-devops-login-flow-no-longer-relies-on-azure-resource-manager-audience)
+- [Continuous Access Evaluation on Azure DevOps](#continuos-access-evaluation-on-azure-devops)

release-notes/2025/includes/general/sprint-260-update.md

@@ -20,4 +20,8 @@ Due to Azure DevOps previous reliance on ARM, admins had to permit all Azure Dev
 There remain a couple of notable exceptions  — the following ​user groups may need continued access to ARM:
 
 1. Billing admins need access to ARM to setup billing and access subscriptions
-2. Service Connection creators require continued access to ARM for ARM role assignment and updates to MSIs
+2. Service Connection creators require continued access to ARM for ARM role assignment and updates to MSIs
+ 
+### Continuous Access Evaluation on Azure DevOps
+
+Azure DevOps now supports [Continuous Access Evaluation (CAE)](https://learn.microsoft.com/entra/identity/conditional-access/concept-continuous-access-evaluation), enabling near real-time enforcement of Conditional Access policies through Microsoft Entra ID. This enhancement allows Azure DevOps to instantly revoke access when critical events occur—such as user disablement, password resets, or location/IP changes—without waiting for token expiration. Real-time enforcement means that compromised accounts or policy violations are addressed as soon as we learn of the event, reducing exposure windows and improving incident response. Developers using CAE-capable client libraries ([].NET now available](https://www.nuget.org/packages/Microsoft.TeamFoundationServer.Client/20.259.0-preview), Python and Go to come) must handle claims challenges and update sign-in flows accordingly. General availability begins August 2025 following phased rollout for all customers.

release-notes/2025/includes/ghazdo/sprint-260-update-links.md

@@ -0,0 +1,10 @@
+---
+author: gloridelmorales
+ms.author: glmorale
+ms.date: 8/11/2025
+ms.topic: include
+---
+
+- [New secret patterns added to Advanced Security](#new-secret-patterns-added-to-advanced-security)
+- [Periodic repository re-scans performed for secret scanning](#periodic-repository-re-scans-performed-for-secret-scanning)
+- [Dismissals in Advanced Security now available in alert detail UI](#dismissals-in-advanced-security-now-available-in-alert-detail-ui)

release-notes/2025/includes/ghazdo/sprint-260-update.md

@@ -0,0 +1,22 @@
+---
+author: gloridelmorales
+ms.author: glmorale
+ms.date: 8/11/2025
+ms.topic: include
+---
+
+### New secret patterns added to Advanced Security 
+
+New patterns have been added to Advanced Security's Secret Protection for both user alerts and push protection. View the updated list of supported secret patterns at [Secret scanning patterns](/azure/devops/repos/security/github-advanced-security-secret-scan-patterns?view=azure-devops#partner-provider-patterns). 
+
+### Periodic repository re-scans performed for secret scanning 
+
+For any stale repositories, without committing to the repository you may not receive alerts for new or updated secret patterns. To resolve this, we've added periodic, automatic re-scans performed on your behalf to raise new alerts for updated patterns. 
+
+### Dismissals in Advanced Security now available in alert detail UI
+Previously, dismissal information was only available via the alerts API. Now, information about the latest dismissal and the user identity shows up in the alert detail view.
+
+> [!div class="mx-imgBorder"]
+> [![Image to show information about the latest dismissal.](../../media/260-ghazdo-01.png "Image to show information about the latest dismissal")](../../media/260-ghazdo-01.png#lightbox)
+
+This address [Developer Community feedback](https://developercommunity.visualstudio.com/t/GHAzDO-closed-security-issues-misses-inf/10930119).

release-notes/2025/media/260-ghazdo-01.png

@@ -14,6 +14,10 @@ In addition, with this release we are no longer allowing organizations to create
 
 Check out the release notes for details.
 
+### GitHub Advanced Security for Azure DevOps
+
+[!INCLUDE [sprint-260-update-links](includes/ghazdo/sprint-260-update-links.md)]
+
 ### General
 
 [!INCLUDE [sprint-260-update-links](includes/general/sprint-260-update-links.md)]
@@ -26,6 +30,10 @@ Check out the release notes for details.
 
 [!INCLUDE [sprint-260-update-links](includes/repos/sprint-260-update-links.md)]
 
+## GitHub Advanced Security for Azure DevOps
+
+[!INCLUDE [sprint-260-update](includes/ghazdo/sprint-260-update.md)]
+
 ## General
 
 [!INCLUDE [sprint-260-update](includes/general/sprint-260-update.md)]

release-notes/2025/sprint-260-update.md

@@ -914,6 +914,8 @@
         items:
         - name: "2025"
           items:
+          - name: August 11
+            href: 2025/ghazdo/sprint-260-update.md
           - name: July 17
             href: 2025/ghazdo/sprint-259-update.md
           - name: June 30