MicrosoftDocs
diff --git a/‎.openpublishing.redirection.defender-for-cloud.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.defender-for-cloud.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/defender-for-cloud/TOC.yml
Lines changed: 0 additions & 3 deletions b/‎articles/defender-for-cloud/TOC.yml
Lines changed: 0 additions & 3 deletions
diff --git a/‎articles/defender-for-cloud/auto-deploy-vulnerability-assessment.md
Lines changed: 3 additions & 9 deletions b/‎articles/defender-for-cloud/auto-deploy-vulnerability-assessment.md
Lines changed: 3 additions & 9 deletions
diff --git a/‎articles/defender-for-cloud/common-questions-microsoft-defender-vulnerability-management.md
Lines changed: 1 addition & 23 deletions b/‎articles/defender-for-cloud/common-questions-microsoft-defender-vulnerability-management.md
Lines changed: 1 addition & 23 deletions
diff --git a/‎articles/defender-for-cloud/custom-dashboards-azure-workbooks.md
Lines changed: 2 additions & 4 deletions b/‎articles/defender-for-cloud/custom-dashboards-azure-workbooks.md
Lines changed: 2 additions & 4 deletions
diff --git a/‎articles/defender-for-cloud/defender-for-container-registries-introduction.md
Lines changed: 5 additions & 5 deletions b/‎articles/defender-for-cloud/defender-for-container-registries-introduction.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/defender-for-cloud/defender-for-containers-enable.md
Lines changed: 1 addition & 1 deletion b/‎articles/defender-for-cloud/defender-for-containers-enable.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/defender-for-cloud/defender-for-containers-introduction.md
Lines changed: 0 additions & 5 deletions b/‎articles/defender-for-cloud/defender-for-containers-introduction.md
Lines changed: 0 additions & 5 deletions
@@ -920,6 +920,11 @@
             "redirect_url": "/azure/defender-for-cloud/multicloud",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/defender-for-containers-vulnerability-assessment-azure.md",
+            "redirect_url": "/azure/defender-for-cloud/agentless-vulnerability-assessment-azure",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/defender-for-cloud/concept-aws-connector.md",
             "redirect_url": "/azure/defender-for-cloud/quickstart-onboard-aws",
 
@@ -633,9 +633,6 @@
       - name: Kubernetes data plane hardening
         displayName: k8s, containers, aks
         href: kubernetes-workload-protections.md
-      - name: Vulnerability assessment for Azure powered by Qualys (Deprecated)
-        displayName: ACR, registry, images, qualys
-        href: defender-for-containers-vulnerability-assessment-azure.md
       - name: Defender for Kubernetes (deprecated)
         displayName: clusters, k8s, aks
         href: defender-for-kubernetes-introduction.md
 
@@ -1,6 +1,6 @@
 ---
-title: Configure Microsoft Defender for Cloud to automatically assess machines for vulnerabilities
-description: Use Microsoft Defender for Cloud to ensure your machines have a vulnerability assessment solution
+title: Automatically assess machines for vulnerabilities
+description: Use Microsoft Defender for Cloud to automatically ensure your machines have a vulnerability assessment solution
 ms.topic: how-to
 ms.date: 04/24/2023
 ---
@@ -36,13 +36,7 @@ To assess your machines for vulnerabilities, you can use one of the following so
 
     Learn more in [View and remediate findings from vulnerability assessment solutions on your machines](remediate-vulnerability-findings-vm.md).
 
-## Next steps
+## Next step
 
 > [!div class="nextstepaction"]
 > [Remediate the discovered vulnerabilities](remediate-vulnerability-findings-vm.md)
-
-Defender for Cloud also offers vulnerability assessment for your:
-
-- SQL databases - [Explore vulnerability assessment reports in the vulnerability assessment dashboard](defender-for-sql-on-machines-vulnerability-assessment.md#explore-vulnerability-assessment-reports)
-- Azure Container Registry images - [Use Microsoft Defender for container registries to scan your images for vulnerabilities](defender-for-containers-vulnerability-assessment-azure.md)
-- [Vulnerability assessments for AWS with Microsoft Defender Vulnerability Management](agentless-vulnerability-assessment-aws.md)
@@ -1,5 +1,5 @@
 ---
-title: Common questions about the Microsoft Defender Vulnerability Management solution
+title: Microsoft Defender Vulnerability Management FAQ
 description: Answers to common questions on the new Container VA offering powered by Microsoft Defender Vulnerability Management
 ms.topic: faq
 ms.date: 11/30/2023
@@ -29,10 +29,6 @@ No. Each unique image is billed once according to the pricing of the Defender pl
 Vulnerability assessment for container images in the registry is agentless.
 Vulnerability assessment for runtime supports both agentless and agent-based deployment. This approach allows us to provide maximum visibility when vulnerability assessment is enabled, while providing improved refresh rate for image inventory on clusters running our agent.
 
-## Is there any difference in supported environments between the Qualys and Microsoft Defender Vulnerability Management powered offerings?
-
-Both offerings support registry scan for ACR and ECR as well as runtime vulnerability assessment for AKS and EKS.
-
 ## How complicated is it to enable container vulnerability assessment powered by Microsoft Defender Vulnerability Management?
 
 The Microsoft Defender Vulnerability Management powered offering is already enabled by default in all supported plans. For instructions on how to re-enable Microsoft Defender Vulnerability Management with a single click if you previously disabled this offering, see [Enabling vulnerability assessments powered by Microsoft Defender Vulnerability Management](enable-vulnerability-assessment.md).
@@ -41,24 +37,6 @@ The Microsoft Defender Vulnerability Management powered offering is already enab
 
 In Azure, new images are typically scanned in a few minutes, and it might take up to an hour in rare cases. In AWS, new images are typically scanned within a few hours, and might take up to a day in rare cases.
 
-## Is there any difference between scanning criteria for the Qualys and Microsoft Defender Vulnerability Management offerings?
-
-Container vulnerability assessment powered by Microsoft Defender Vulnerability Management for Azure supports all scan triggers supported by Qualys, and in addition also supports scanning of all images pushed in the last 90 days to a registry. For more information, see [scanning triggers for Microsoft Defender Vulnerability Management for Azure](agentless-vulnerability-assessment-azure.md#scan-triggers). Container vulnerability assessment powered by Microsoft Defender Vulnerability Management for AWS supports a subset of the scanning criteria. For more information, see [scanning triggers for Microsoft Defender Vulnerability Management for AWS](agentless-vulnerability-assessment-aws.md#scan-triggers).
-
-## Is there a difference in rescan period between the Qualys and Microsoft Defender Vulnerability Management offerings?
-
-Vulnerability assessments performed using the Qualys scanner are refreshed weekly.
-Vulnerability assessments performed using the Microsoft Defender Vulnerability Management scanner are refreshed daily. For Defender for Container Registries (deprecated), rescan period is once every 7 days for vulnerability assessments performed by both the Qualys and Microsoft Defender Vulnerability Management scanner.
-
-## Is there any difference between the OS and language packages covered by the Qualys and Microsoft Defender Vulnerability Management offerings?
-
-Container vulnerability assessment powered by Microsoft Defender Vulnerability Management supports all OS packages and language packages supported by Qualys except FreeBSD. In addition, the offering powered by Microsoft Defender Vulnerability Management also provides support for Red Hat Enterprise version 8 and 9, CentOS versions 8 and 9, Oracle Linux 9, openSUSE Tumbleweed, Debian 12, Fedora 36 and 37, and CBL-Mariner 1 and 2.
-There's no difference for coverage of language specific packages between the Qualys and Microsoft Defender Vulnerability Management powered offerings.
-
-- [Full list of supported packages and their versions for Microsoft Defender Vulnerability Management](support-matrix-defender-for-containers.md#registries-and-images-support-for-azure---vulnerability-assessment-powered-by-microsoft-defender-vulnerability-management)
-
-- [Full list of supported packages and their versions for Qualys](support-matrix-defender-for-containers.md#registries-and-images-support-for-azure---vulnerability-assessment-powered-by-qualys-deprecated)
-
 ## Are there any other capabilities that are unique to the Microsoft Defender Vulnerability Management powered offering?
 
 - Each reported vulnerability is enriched with real-world exploit exploitability insights, helping customers prioritize remediation of vulnerabilities with known exploit methods and exploitability tools. Exploit sources include CISA key, exploit DB, Microsoft Security Response Center, and more.
 
@@ -1,5 +1,5 @@
 ---
-title: Use Azure Monitor gallery workbooks with Defender for Cloud data
+title: Azure Monitor workbooks with Defender for Cloud data
 description: Learn how to create rich, interactive reports for your Microsoft Defender for Cloud data by using workbooks from the integrated Azure Monitor workbooks gallery.
 ms.topic: conceptual
 ms.author: dacurwin
@@ -114,8 +114,6 @@ Defender for Cloud includes vulnerability scanners for your machines, containers
 Learn more about using these scanners:
 
 - [Find vulnerabilities with Microsoft Defender Vulnerability Management](deploy-vulnerability-assessment-defender-vulnerability-management.md)
-- [Find vulnerabilities with the integrated Qualys scanner](deploy-vulnerability-assessment-vm.md)
-- [Scan your ACR images for vulnerabilities](defender-for-containers-vulnerability-assessment-azure.md)
 - [Scan your SQL resources for vulnerabilities](defender-for-sql-on-machines-vulnerability-assessment.md)
 
 Findings for each resource type are reported in separate recommendations:
@@ -202,7 +200,7 @@ The DevOps Security workbook provides a customizable visual report of your DevOp
 :::image type="content" source="media/custom-dashboards-azure-workbooks/devops-workbook.png" alt-text="Screenshot that shows a sample results page after you select the DevOps workbook." lightbox="media/custom-dashboards-azure-workbooks/devops-workbook.png":::
 
 > [!NOTE]
-> To use this workbork, your environment must have a [GitHub connector](quickstart-onboard-github.md), [GitLab connector](quickstart-onboard-gitlab.md), or [Azure DevOps connector](quickstart-onboard-devops.md).
+> To use this workbook, your environment must have a [GitHub connector](quickstart-onboard-github.md), [GitLab connector](quickstart-onboard-gitlab.md), or [Azure DevOps connector](quickstart-onboard-devops.md).
 
 To deploy the workbook:
 
 
@@ -40,9 +40,9 @@ To protect the Azure Resource Manager based registries in your subscription, ena
 
 Defender for Cloud identifies Azure Resource Manager based ACR registries in your subscription and seamlessly provides Azure-native vulnerability assessment and management for your registry's images.
 
-**Microsoft Defender for container registries** includes a vulnerability scanner to scan the images in your Azure Resource Manager-based Azure Container Registry registries and provide deeper visibility into your images'  vulnerabilities. The integrated scanner is powered by Qualys, the industry-leading vulnerability scanning vendor.
+**Microsoft Defender for container registries** includes a vulnerability scanner to scan the images in your Azure Resource Manager-based Azure Container Registry registries and provide deeper visibility into your images' vulnerabilities.
 
-When issues are found – by Qualys or Defender for Cloud – you'll get notified in the workload protection dashboard. For every vulnerability, Defender for Cloud provides actionable recommendations, along with a severity classification, and guidance for how to remediate the issue. For details of Defender for Cloud's recommendations for containers, see the [reference list of recommendations](recommendations-reference.md#container-recommendations).
+When issues are found, you'll get notified in the workload protection dashboard. For every vulnerability, Defender for Cloud provides actionable recommendations, along with a severity classification, and guidance for how to remediate the issue. For details of Defender for Cloud's recommendations for containers, see the [reference list of recommendations](recommendations-reference.md#container-recommendations).
 
 Defender for Cloud filters and classifies findings from the scanner. When an image is healthy, Defender for Cloud marks it as such. Defender for Cloud generates security recommendations only for images that have issues to be resolved. Defender for Cloud provides details of each reported vulnerability and a severity classification. Additionally, it gives guidance for how to remediate the specific vulnerabilities found on each image.
 
@@ -72,7 +72,7 @@ Below is a high-level diagram of the components and benefits of protecting your
 
 ### How does Defender for Cloud scan an image?
 
-Defender for Cloud pulls the image from the registry and runs it in an isolated sandbox with the Qualys scanner. The scanner extracts a list of known vulnerabilities.
+Defender for Cloud pulls the image from the registry and runs it in an isolated sandbox with the scanner. The scanner extracts a list of known vulnerabilities.
 
 Defender for Cloud filters and classifies findings from the scanner. When an image is healthy, Defender for Cloud marks it as such. Defender for Cloud generates security recommendations only for images that have issues to be resolved. By only notifying you when there are problems, Defender for Cloud reduces the potential for unwanted informational alerts.
 
@@ -90,7 +90,7 @@ If you connect unsupported registries to your Azure subscription, Defender for C
 
 Yes. If you have an organizational need to ignore a finding, rather than remediate it, you can optionally disable it. Disabled findings don't impact your secure score or generate unwanted noise.
 
-[Learn about creating rules to disable findings from the integrated vulnerability assessment tool](defender-for-containers-vulnerability-assessment-azure.md#disable-specific-findings).
+[Learn about creating rules to disable findings from the integrated vulnerability assessment tool](disable-vulnerability-findings-containers.md).
 
 ### Why is Defender for Cloud alerting me to vulnerabilities about an image that isn’t in my registry?
 
@@ -99,4 +99,4 @@ Defender for Cloud provides vulnerability assessments for every image pushed or
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Scan your images for vulnerabilities](defender-for-containers-vulnerability-assessment-azure.md)
+> [Scan your images for vulnerabilities](agentless-vulnerability-assessment-azure.md)
@@ -118,7 +118,7 @@ You can check out the following blogs:
 
 Now that you enabled Defender for Containers, you can:
 
-- [Scan your ACR images for vulnerabilities](defender-for-containers-vulnerability-assessment-azure.md)
+- [Scan your ACR images for vulnerabilities](agentless-vulnerability-assessment-aws.md)
 - [Scan your AWS images for vulnerabilities with Microsoft Defender Vulnerability Management](agentless-vulnerability-assessment-aws.md)
 - [Scan your GGP images for vulnerabilities with Microsoft Defender Vulnerability Management](agentless-vulnerability-assessment-gcp.md)
 - Check out [common questions](faq-defender-for-containers.yml) about Defender for Containers.
@@ -68,11 +68,6 @@ Defender for Containers scans the container images in Azure Container Registry (
 
 Vulnerability information powered by Microsoft Defender Vulnerability Management is added to the [cloud security graph](concept-attack-path.md#what-is-cloud-security-graph) for contextual risk, calculation of attack paths, and hunting capabilities.
 
-> [!NOTE]
-> The Qualys offering is only available to customers who onboarded to Defender for Containers before November 15, 2023.
-
-There are two solutions for vulnerability assessment in Azure, one powered by Microsoft Defender Vulnerability Management and one powered by Qualys.
-
 Learn more about:
 
 - [Vulnerability assessments for Azure with Microsoft Defender Vulnerability Management](agentless-vulnerability-assessment-azure.md)