Azure Security Center—Protection for Azure Kubernetes Service is now available
Updated: 25 March, 2020
Azure Security Center is expanding its container security features to protect Azure Kubernetes Service (AKS).
The popular, open source platform Kubernetes has been adopted so widely that it is now an industry standard for container orchestration. Despite this widespread implementation, there is still a lack of understanding regarding how to secure a Kubernetes environment. Defending the attack surfaces of a containerised application requires expertise to ensuring the infrastructure is configured securely and constantly monitored for potential threats.
The Security Center defense includes:
- Discovery and visibility—Continuous discovery of managed AKS instances within the subscriptions registered to Security Center.
- Security recommendations—Actionable recommendations to help you comply with security best-practices for AKS. These recommendations are included in your secure score to ensure they are viewed as a part of your organization’s security posture. An example of an AKS-related recommendation you might see is "Role-based access control should be used to restrict access to a Kubernetes service cluster".
- Threat protection—Through continuous analysis of your AKS deployment, Security Center alerts you to threats and malicious activity detected at the host and AKS cluster level.
For additional details, read our documentation.
See details about the container security features in Security Center.