Public preview: Microsoft Defender for Containers adds new capabilities for Kubernetes
Published date: December 15, 2021
Microsoft Defender for Containers, a new offering, merges the capabilities from Azure Defender for Kubernetes and Azure Defender for Container registries, and adds several new and improved features related to Kubernetes on Azure:
- AKS Profile: Frictionless onboarding & maintenance as an AKS Profile so you no longer have a dependency in Log Analytics agent.
- Multi cloud support: Multi cloud support for AKS, Amazon EKS, Kubernetes on-prem / IaaS (GCP will be added in the future).
- Runtime visibility of vulnerabilities: A new recommendation monitors Kubernetes clusters and surfaces a list of running images with vulnerabilities based on vulnerability assessment scans powered by Qualys. This can help you focus on the most critical vulnerabilities that expose your runtime environments to security threats and attacks.
- Advanced threat protection: Additional Kubernetes-aware AI analytics and anomaly detection based on process signals.
- Enhanced ACR vulnerability assessment: The Azure Container Registry (ACR) vulnerability assessment recommendation is enhanced with runtime information added on top of image scan results, to enable prioritization and filtering based on image deployment status
- Continuous image scanning: In addition to periodically scanning Azure Container Registry (ACR) images during the last 30 days, continuous image scan will periodically scan ACR images running on Kubernetes clusters.