Note specific features are in preview. This article lists all microsoft defender for cloud container security recommendations that help you harden and protect your resources. Review support requirements for container capabilities in microsoft defender for cloud.
Blonde on top, brown underneath Brown hair underneath, Blonde hair
These recommendations focus on the images stored in your container registries, such as azure container registry (acr), aws elastic container registry (ecr), and docker. To protect the azure resource manager based registries in your subscription, enable microsoft defender for container registries at the subscription level. Defender for containers scans images for vulnerabilities stored in an acr.
Containers support matrix in defender for cloud this article summarizes support information for container capabilities in microsoft defender for cloud.
It pulls the image from the registry and runs it in an isolated sandbox with the qualys scanner. Defender for containers scans the cluster node os and application software, container images in azure container registry (acr), and supported external image registries. Defender for containers performs agentless vulnerability assessment on container images in supported runtime environments and supported container registries.
