Control: Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.04 - Defender Plan: Containers > 8.01.04.01 - Ensure That Microsoft Defender for Containers Is Set To 'On'

Configures auditing against a CIS Benchmark item.

Level: 2

Microsoft Defender for Containers helps improve, monitor, and maintain the security of containerized assets—including Kubernetes clusters, nodes, workloads, container registries, and images—across multi-cloud and on-premises environments.

By default, when enabling the plan through the Azure Portal, Microsoft Defender for Containers automatically configures the following components: - Agentless scanning for machines - Defender sensor for runtime protection - Azure Policy for enforcing security best practices - K8S API access for monitoring and threat detection - Registry access for vulnerability assessment

Note: Microsoft Defender for Container Registries ('ContainerRegistry') is deprecated and has been replaced by Microsoft Defender for Containers ('Containers').

Enabling Microsoft Defender for Containers enhances defense-in-depth by providing advanced threat detection, vulnerability assessment, and security monitoring for containerized environments, leveraging insights from the Microsoft Security Response Center (MSRC).