Ensure that the Agentless Container Vulnerability Assessment feature is enabled for Microsoft Defender for Cloud in order to improve the security posture of your container images stored in ACR repositories or running within AKS clusters.
Security The Agentless Container Vulnerability Assessment feature delivers comprehensive vulnerability analysis for Kubernetes node pools and ACR container images. It includes recommendations for both registry and runtime security, near real-time scanning of newly added container images, and daily updates of assessment results. Vulnerability data is integrated into the security graph, enabling contextual risk assessments, attack path calculations, and advanced hunting capabilities.
Note: Agentless Container Vulnerability Assessment is included in the following Microsoft Defender for Cloud plans: Defender CSPM and Containers.
Audit
To determine if Agentless Container Vulnerability Assessment is enabled within the Microsoft Defender for Cloud settings for your Azure subscriptions, perform the following operations:
Note: Getting the configuration status for the Agentless Container Vulnerability Assessment feature in Microsoft Defender for Cloud using Azure CLI/PowerShell is not currently supported.Remediation / Resolution
To enable Agentless Container Vulnerability Assessment within the Microsoft Defender for Cloud settings for your Azure subscriptions, perform the following operations:
Note: Enabling the Agentless Container Vulnerability Assessment feature in Microsoft Defender for Cloud settings using Azure CLI/PowerShell is not currently supported.References
- Azure Official Documentation
- Microsoft Defender for Cloud documentation
- What is Microsoft Defender for Cloud?
- Container protection in Defender for Cloud
- Configure Microsoft Defender for Containers components
- Agentless container posture in Defender CSPM
- Vulnerability assessments for Azure with Microsoft Defender Vulnerability Management