Microsoft Defender for Containers is a powerful cloud-native solution that helps organizations improve, monitor, and maintain the security of their containerized assets across multi-cloud and on-premises environments. This comprehensive platform protects Kubernetes clusters, nodes, workloads, container registries, and container images, ensuring the security and resilience of your containerized applications.

Enabling Defender for Containers

To get started with Defender for Containers, you’ll need a few prerequisites:

  1. Azure Subscription: You’ll need an active Microsoft Azure subscription. If you don’t have one, you can sign up for a free Azure subscription.
  2. Enable Microsoft Defender for Cloud: Ensure that you have enabled Microsoft Defender for Cloud on your Azure subscription.
  3. Configure Egress Endpoints: Make sure the required Fully Qualified Domain Names (FQDN) and application endpoints are configured for outbound access, allowing the Defender sensor to connect to Microsoft Defender for Cloud and send security data and events.

Once you have the prerequisites in place, you can enable the Defender for Containers plan on your Azure subscription:

  1. Sign in to the Azure portal.
  2. Search for and select Microsoft Defender for Cloud.
  3. In the Defender for Cloud menu, navigate to Environment settings.
  4. Select the relevant Azure subscription.
  5. On the Defender plans page, toggle the Containers plan to On.
  6. Click Save to apply the changes.

Deploying the Defender Sensor

Microsoft Defender for Containers provides a sensor that collects and sends security data to the Defender for Cloud service. You can deploy this sensor in a few different ways, but the easiest is through the Azure portal:

  1. Sign in to the Azure portal.
  2. Search for and select Microsoft Defender for Cloud.
  3. Navigate to the Recommendations page.
  4. Search for and select the recommendation Azure Kubernetes Service clusters should have Defender profile enabled.
  5. Choose the relevant affected resources.
  6. Click Fix to deploy the Defender sensor.

Exploring Advanced Enablement Features

Microsoft Defender for Containers offers a range of advanced features and capabilities to enhance your container security. To learn more, be sure to check out the Enable Microsoft Defender for Containers documentation.

Additionally, you can find an overview of the Microsoft Defender for Containers solution at the Overview of Microsoft Defender for Containers page.

Source: Protect your Azure containers with the Defender for Containers plan on your Azure subscription