Protect your Azure containers with Defender for Containers

Microsoft Defender for Containers is a cloud-native solution to improve, monitor, and maintain the security of your containerized assets (Kubernetes clusters, Kubernetes nodes, Kubernetes workloads, container registries, container images and more), and their applications, and on-premises environments.

Learn more about Overview of Microsoft Defender for Containers.

You can learn more about Defender for Container's pricing on the pricing page.

Prerequisites

Enable the Defender for Containers plan

By default, when enabling the plan through the Azure portal, Microsoft Defender for Containers is configured to automatically enable all capabilities and install required components to provide the protections offered by plan, including the assignment of a default workspace.

If you would prefer to assign a custom workspace, one can be assigned through the Azure Policy.

To enable Defender for Containers plan on your subscription:

  1. Sign in to the Azure portal.

  2. Search for and select Microsoft Defender for Cloud.

  3. In the Defender for Cloud menu, select Environment settings.

  4. Select the relevant Azure subscription.

  5. On the Defender plans page, toggle the Containers plan to On.

    Screenshot of the Defender plans page that shows where to toggle the containers plan switch to on is located.

  6. Select Save.

Deploy the Defender sensor in Azure

Note

To enable or disable individual Defender for Containers capabilities, either globally or for specific resources, see How to enable Microsoft Defender for Containers components.

You can enable the Defender for Containers plan and deploy all of the relevant components in different ways. We walk you through the steps to accomplish this using the Azure portal. Learn how to deploy the Defender sensor with REST API, Azure CLI or with a Resource Manager template.

To deploy the Defender sensor in Azure:

  1. Sign in to the Azure portal.

  2. Search for and select Microsoft Defender for Cloud.

  3. Navigate to the Recommendations page.

  4. Search for and select the Azure Kubernetes Service clusters should have Defender profile enabled recommendation.

    Screenshot of the recommendations page that shows where to search for and find the Azure Kubernetes service cluster recommendation is located.

  5. Select all of the relevant affected resources.

  6. Select Fix.

    Screenshot of the recommendation with the affected resources selected that shows you how to select the fix button.

Next steps