Enable Defender for Containers in Microsoft Defender for Cloud - Microsoft Defender for Cloud (original) (raw)

This article explains how to enable the Microsoft Defender for Containers plan in Microsoft Defender for Cloud.

Prerequisites

Before you begin, make sure that:

Enable the Defender for Containers plan

  1. Sign in to the Azure portal.
  2. Go to Microsoft Defender for Cloud > Environment settings.
  3. Select the subscription where your AKS clusters are located.
  4. On the Defender plans page, find the Containers row and toggle the status to On.
  5. Select Settings in the Containers plan row.
  6. Toggle On or Off the relevant Defender for Containers components:
    • Agentless scanning for machines
      Performs agentless vulnerability and secret scanning on Kubernetes nodes.
      * To exclude machines from agentless scanning, add the exclusion tag name and value.
    • Defender sensor
      Deploys the Defender sensor to cluster nodes to collect runtime security telemetry used for threat detection.
      * Enable Defender Security Gating: Adds an admission control layer that evaluates deployments against security policies before workloads run in the cluster.
      * Enable Defender Runtime Anti Malware: Enables runtime malware detection for Kubernetes hosts and containers and can optionally block malicious file execution in real time.
    • Azure Policy
      Deploys the Azure Policy for Kubernetes add-on to enable Kubernetes security posture assessments and related security recommendations.
    • Kubernetes API access
      Allows Defender for Cloud to access the Kubernetes API for cluster inventory, configuration analysis, and capabilities that rely on Kubernetes metadata.
    • Registry access
      Enables agentless vulnerability assessment for container images stored in connected registries.
      * Security findings: Generates findings and links them to container images when new images are pushed or existing images are updated.

Screenshot of the Settings and monitoring page for the Containers plan in Microsoft Defender for Cloud, showing available Defender for Containers components. 7. Select Continue. 8. Select Save.