Microsoft Defender for Containers
Start course

This course introduces you to container security, Azure Container Registry authentication, Kubernetes clusters, and Microsoft Defender for Containers.

Learning Objectives

  • A solid understanding of what options are available for securing your containerized applications in Azure and how to protect them from emerging threats

Intended Audience

  • Developers, IT professionals, and security experts who are looking to understand the different ways to secure their containerized applications in Azure


  • Basic understanding of Containerized computing in Azure

Welcome to  Microsoft Defender for Containers. 

Defender for Containers is a cloud-native solution that helps you keep your containers secure. It focuses on three main areas: hardening your environment, assessing vulnerabilities, and protecting against run-time threats. Defender for Containers helps you harden your environment by continuously assessing your Kubernetes clusters, whether they're running on AKS, on-prem, or on Amazon EKS. It provides visibility into misconfigurations and gives you guidelines on how to mitigate identified threats.

Next, it can assess vulnerabilities in images that are stored in ACR registries and in those running in Azure Kubernetes Service. This allows you to identify and address vulnerabilities before they can be exploited. Finally, it provides run-time threat protection for nodes and clusters. It generates security alerts for suspicious activities, so you can take action quickly.

Certain roles and permissions are required to deploy the required components for Defender for Containers and to manage it. For example, Security admins can dismiss alerts, and Security readers can view vulnerability assessment findings. The table on your screen highlights key permissions and roles.

In Azure, Defender for Containers supports commercial clouds and national clouds. In non-Azure environments, it supports AWS and GCP accounts (in preview), and On-prem IaaS hybrid environments that are supported via Arc-enabled Kubernetes. This is also in preview.

Defender for Containers continuously assesses the configuration of clusters and then compares them with initiatives that you've applied to your subscriptions. When it finds misconfigurations, Defender for Containers generates security recommendations, which are shown on the Defender for Containers Recommendations page. You can use the resource filter to review the outstanding recommendations for your container-related resources.

Defender for Containers also allows you to protect the workloads of your Kubernetes containers with tailored recommendations by installing the Azure Policy for Kubernetes. This way you can monitor every request to the Kubernetes API server against the predefined set of best practices and configure it to enforce the best practices for future workloads.

Overall, Defender for Containers is a comprehensive solution that helps you keep your container environment secure.

About the Author
Learning Paths

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.

Covered Topics