Microsoft Defender for Containers is the cloud-native solution for securing your containers, whether they’re running in Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), or on-premises Kubernetes clusters using Azure Arc.

Defender for Containers provides a comprehensive set of security capabilities to protect your container-based applications, including:

Cloud Security Posture Management (CSPM):

  • Assess and strengthen the security configuration of your cloud resources
  • Manage compliance against critical industry and regulatory standards

Cloud Workload Protection (CWP):

  • Protect critical workloads including containers, servers, and more against malicious attacks
  • Leverage advanced threat detection capabilities powered by Microsoft’s security graph
  • Gain visibility into vulnerabilities in your container images and deployments

To get started, you’ll first need to connect your Kubernetes environments to Microsoft Defender for Cloud. The steps vary slightly depending on your cloud platform:

Azure Kubernetes Service (AKS):

  1. Enable the Defender for Containers plan for your AKS clusters
  2. Optionally, assign a custom Log Analytics workspace to store your security data

Amazon Elastic Kubernetes Service (EKS):

  1. Connect your AWS account and EKS clusters to Microsoft Defender for Cloud
  2. Enable the Defender for Containers plan

Google Kubernetes Engine (GKE):

  1. Connect your GCP project and GKE clusters to Microsoft Defender for Cloud
  2. Enable the Defender for Containers plan

On-premises Kubernetes (using Azure Arc):

  1. Connect your on-premises Kubernetes clusters to Microsoft Defender for Cloud
  2. Enable the Defender for Containers plan

Once enabled, Defender for Containers will automatically onboard and protect your container workloads, providing security recommendations, vulnerability assessments, and threat detection capabilities across your multi-cloud Kubernetes environment.

You can learn more about the latest Defender for Containers features and enhancements in these recent blog posts:

By enabling Microsoft Defender for Containers, you can secure your container-based applications across clouds and on-premises, with a single pane of glass for visibility and control over your cloud security posture and workload protection.