You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/enable-agentless-scanning-vms.md
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
---
2
-
title: Enable agentless vulnerability scanning
2
+
title: Enable agentless scanning for VMs
3
3
description: Find installed software and software vulnerabilities on your Azure machines and AWS machines without installing an agent.
4
4
author: dcurwin
5
5
ms.author: dacurwin
@@ -8,7 +8,7 @@ ms.custom: ignite-2022
8
8
ms.date: 06/29/2023
9
9
---
10
10
11
-
# Enable agentless vulnerability scanning
11
+
# Enable agentless scanning for VMs
12
12
13
13
Agentless scanning provides visibility into installed software and software vulnerabilities on your workloads to extend vulnerability assessment coverage to server workloads without a vulnerability assessment agent installed.
14
14
@@ -26,8 +26,8 @@ When you enable agentless vulnerability assessment:
26
26
27
27
- If you select **Microsoft Defender Vulnerability Management** as part of an [integration with Microsoft Defender for Endpoint](integration-defender-for-endpoint.md), Defender for Cloud shows a unified and consolidated view that optimizes coverage and freshness.
28
28
29
-
- Machines covered by just one of the sources (Defender Vulnerability Management or agentless) show the results from that source.
30
-
- Machines covered by both sources show the agent-based results only for increased freshness.
29
+
- Machines covered by just one of the sources (Defender Vulnerability Management or agentless) show the results from that source.
30
+
- Machines covered by both sources show the agent-based results only for increased freshness.
31
31
32
32
- If you select **Vulnerability assessment with Qualys or BYOL integrations** - Defender for Cloud shows the agent-based results by default. Results from the agentless scan are shown for machines that don't have an agent installed or from machines that aren't reporting findings correctly.
33
33
@@ -68,17 +68,17 @@ If you have Defender for Servers P2 already enabled and agentless scanning is tu
68
68
When you enable agentless scanning on either plan, the setting applies to both plans.
69
69
70
70
1. In the settings pane, turn on **Agentless scanning for machines**.
71
-
71
+
72
72
:::image type="content" source="media/enable-vulnerability-assessment-agentless/agentless-scan-on-aws.png" alt-text="Screenshot of the agentless scanning status for AWS accounts." lightbox="media/enable-vulnerability-assessment-agentless/agentless-scan-on-aws.png":::
73
73
74
74
1. Select **Save and Next: Configure Access**.
75
75
76
76
1. Download the CloudFormation template.
77
-
77
+
78
78
1. Using the downloaded CloudFormation template, create the stack in AWS as instructed on screen. If you're onboarding a management account, you need to run the CloudFormation template both as Stack and as StackSet. Connectors will be created for the member accounts up to 24 hours after the onboarding.
79
-
79
+
80
80
1. Select **Next: Review and generate**.
81
-
81
+
82
82
1. Select **Update**.
83
83
84
84
After you enable agentless scanning, software inventory and vulnerability information are updated automatically in Defender for Cloud.
0 commit comments