MicrosoftDocs
diff --git a/‎.openpublishing.redirection.defender-for-cloud.json
Lines changed: 6 additions & 1 deletion b/‎.openpublishing.redirection.defender-for-cloud.json
Lines changed: 6 additions & 1 deletion
diff --git a/‎articles/defender-for-cloud/TOC.yml
Lines changed: 5 additions & 3 deletions b/‎articles/defender-for-cloud/TOC.yml
Lines changed: 5 additions & 3 deletions
diff --git a/‎articles/defender-for-cloud/alerts-reference.md
Lines changed: 15 additions & 13 deletions b/‎articles/defender-for-cloud/alerts-reference.md
Lines changed: 15 additions & 13 deletions
diff --git a/‎articles/defender-for-cloud/defender-for-container-registries-usage.md
Lines changed: 10 additions & 10 deletions b/‎articles/defender-for-cloud/defender-for-container-registries-usage.md
Lines changed: 10 additions & 10 deletions
diff --git a/‎articles/defender-for-cloud/defender-for-containers-introduction.md
Lines changed: 17 additions & 15 deletions b/‎articles/defender-for-cloud/defender-for-containers-introduction.md
Lines changed: 17 additions & 15 deletions
diff --git a/‎articles/defender-for-cloud/defender-for-servers-introduction.md
Lines changed: 2 additions & 2 deletions b/‎articles/defender-for-cloud/defender-for-servers-introduction.md
Lines changed: 2 additions & 2 deletions
@@ -60,6 +60,11 @@
             "redirect_url": "/azure/defender-for-cloud/os-coverage",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/supported-machines-endpoint-solutions-clouds.md",
+            "redirect_url": "/articles/defender-for-cloud/supported-machines-endpoint-solutions-clouds-containers",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/security-center/security-center-just-in-time.md",
             "redirect_url": "/azure/defender-for-cloud/just-in-time-access-usage",
@@ -632,7 +637,7 @@
         },
         {
             "source_path_from_root": "/articles/security-center/supported-machines-endpoint-solutions-clouds.md",
-            "redirect_url": "/azure/defender-for-cloud/supported-machines-endpoint-solutions-clouds",
+            "redirect_url": "/azure/defender-for-cloud/supported-machines-endpoint-solutions-clouds-containers",
             "redirect_document_id": true
         },
         {
 
@@ -16,11 +16,13 @@
     href: upcoming-changes.md
   - name: Availability
     items:
-    - name: Supported platforms
+    - name: Supported platforms for servers
       displayName: coverage
       href: os-coverage.md
-    - name: Coverage by OS, machine type, and cloud
-      href: supported-machines-endpoint-solutions-clouds.md
+    - name: Servers coverage by OS, machine type, and cloud
+      href: supported-machines-endpoint-solutions-clouds-servers.md
+    - name: Defender for Containers feature availability
+      href: supported-machines-endpoint-solutions-clouds-containers.md
     - name: Feature coverage for Azure PaaS resources
       href: features-paas.md
     - name: User roles and permissions
 
@@ -1,17 +1,17 @@
 ---
-title: How to use Microsoft Defender for container registries
-description: Learn about using Microsoft Defender for container registries to scan Linux images in your Linux-hosted registries
-ms.date: 12/09/2021
+title: How to use Defender for Containers
+description: Learn how to use  Defender for Containers to scan Linux images in your Linux-hosted registries
+ms.date: 03/07/2022
 ms.topic: how-to
 ---
 
-# Use Microsoft Defender for container registries to scan your images for vulnerabilities
+# Use Defender for Containers to scan your ACR images for vulnerabilities
 
 [!INCLUDE [Banner for top of topics](./includes/banner.md)]
 
 This page explains how to use the built-in vulnerability scanner to scan the container images stored in your Azure Resource Manager-based Azure Container Registry.
 
-When **Microsoft Defender for container registries** is enabled, any image you push to your registry will be scanned immediately. In addition, any image pulled within the last 30 days is also scanned.
+When **Defender for Containers** is enabled, any image you push to your registry will be scanned immediately. In addition, any image pulled within the last 30 days is also scanned.
 
 When the scanner reports vulnerabilities to Defender for Cloud, Defender for Cloud presents the findings and related information as recommendations. In addition, the findings include related information such as remediation steps, relevant CVEs, CVSS scores, and more. You can view the identified vulnerabilities for one or more subscriptions, or for a specific registry.
 
@@ -22,7 +22,7 @@ When the scanner reports vulnerabilities to Defender for Cloud, Defender for Clo
 
 To enable vulnerability scans of images stored in your Azure Resource Manager-based Azure Container Registry:
 
-1. Enable **Microsoft Defender for container registries** for your subscription. Defender for Cloud is now ready to scan images in your registries.
+1. Enable **Defender for Containers** for your subscription. Defender for Cloud is now ready to scan images in your registries.
 
     >[!NOTE]
     > This feature is charged per image.
@@ -83,22 +83,22 @@ To enable vulnerability scans of images stored in your Azure Resource Manager-ba
 
 1. Follow the steps in the remediation section of this pane.
 
-1. When you have taken the steps required to remediate the security issue, replace the image in your registry:
+1. When you've taken the steps required to remediate the security issue, replace the image in your registry:
 
-    1. Push the updated image. This will trigger a scan.
+    1. Push the updated image to trigger a scan.
 
     1. Check the recommendations page for the recommendation [Container registry images should have vulnerability findings resolved (powered by Qualys)](https://portal.azure.com/#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/dbd0cb49-b563-45e7-9724-889e799fa648).
 
         If the recommendation still appears and the image you've handled still appears in the list of vulnerable images, check the remediation steps again.
 
-    1. When you are sure the updated image has been pushed, scanned, and is no longer appearing in the recommendation, delete the “old” vulnerable image from your registry.
+    1. When you're sure the updated image has been pushed, scanned, and is no longer appearing in the recommendation, delete the “old” vulnerable image from your registry.
 
 ## Disable specific findings
 
 > [!NOTE]
 > [!INCLUDE [Legalese](../../includes/defender-for-cloud-preview-legal-text.md)]
 
-If you have an organizational need to ignore a finding, rather than remediate it, you can optionally disable it. Disabled findings don't impact your secure score or generate unwanted noise.
+If you have an organizational need to ignore a finding, rather than remediate it, you can optionally disable it. Disabled findings don't affect your secure score or generate unwanted noise.
 
 When a finding matches the criteria you've defined in your disable rules, it won't appear in the list of findings. Typical scenarios include:
 
 
@@ -2,7 +2,7 @@
 title: Container security with Microsoft Defender for Cloud
 description: Learn about Microsoft Defender for Containers
 ms.topic: overview
-ms.date: 02/28/2022
+ms.date: 03/09/2022
 ---
 
 # Overview of Microsoft Defender for Containers
@@ -13,16 +13,15 @@ Microsoft Defender for Containers is the cloud-native solution for securing your
 
 On this page, you'll learn how you can use Defender for Containers to improve, monitor, and maintain the security of your clusters, containers, and their applications.
 
-## Availability
+## Microsoft Defender for Containers plan availability
 
 | Aspect | Details |
 |--|--|
-| Release state: | General availability (GA)<br>Where indicated, specific features are in preview. [!INCLUDE [Legalese](../../includes/defender-for-cloud-preview-legal-text.md)] |
+| Release state: | General availability (GA)<br> Certain features  are in preview, for a full list see the [availability](supported-machines-endpoint-solutions-clouds-containers.md) section. |
+| Feature availability | Refer to the [availability](supported-machines-endpoint-solutions-clouds-containers.md) section for additional information on feature release state and availability.|
 | Pricing: | **Microsoft Defender for Containers** is billed as shown on the [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/) |
-| Registries and images: | **Supported**<br> • Linux images in Azure Container Registry (ACR) registries accessible from the public internet with shell access<br> • Private registries with access granted to [Trusted Services](../container-registry/allow-access-trusted-services.md#trusted-services)<br> • [ACR registries protected with Azure Private Link](../container-registry/container-registry-private-link.md)<br><br>**Unsupported**<br> • Windows images<br> • Super-minimalist images such as [Docker scratch](https://hub.docker.com/_/scratch/) images<br> • "Distroless" images that only contain an application and its runtime dependencies without a package manager, shell, or OS<br> • Images with [Open Container Initiative (OCI) Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/spec.md) |
-| Kubernetes distributions and configurations: | **Supported**<br> • Any Cloud Native Computing Foundation (CNCF) certified Kubernetes clusters<br><br>**Unsupported**<br> • Any [taints](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) applied to your nodes *might* disrupt the configuration of Defender for Containers<br>•The AKS Defender profile doesn't support AKS clusters that don't have RBAC role enabled.<br><br>**Tested on**<br> • [Azure Kubernetes Service](../aks/intro-kubernetes.md)<br> • [Amazon Elastic Kubernetes Service (EKS)](https://aws.amazon.com/eks/)<br> • [Google GKE Standard clusters](https://cloud.google.com/kubernetes-engine/) <br> • [Azure Kubernetes Service on Azure Stack HCI](/azure-stack/aks-hci/overview)<br> • [Kubernetes](https://kubernetes.io/docs/home/)<br> • [AKS Engine](https://github.com/Azure/aks-engine)<br> • [Azure Red Hat OpenShift](https://azure.microsoft.com/services/openshift/)<br> • [Red Hat OpenShift](https://www.openshift.com/learn/topics/kubernetes/) (version 4.6 or newer)<br> • [VMware Tanzu Kubernetes Grid](https://tanzu.vmware.com/kubernetes-grid)<br> • [Rancher Kubernetes Engine](https://rancher.com/docs/rke/latest/en/) |
 | Required roles and permissions: | • To auto provision the required components, [Contributor](../role-based-access-control/built-in-roles.md#contributor), [Log Analytics Contributor](../role-based-access-control/built-in-roles.md#log-analytics-contributor), or [Azure Kubernetes Service Contributor Role](../role-based-access-control/built-in-roles.md#azure-kubernetes-service-contributor-role)<br> • **Security admin** can dismiss alerts<br> • **Security reader** can view vulnerability assessment findings<br> See also [Azure Container Registry roles and permissions](../container-registry/container-registry-roles.md) |
-| Clouds: | :::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: National (Azure Government, Azure China 21Vianet) (Except for preview features)<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Connected AWS accounts (Preview) <br> :::image type="icon" source="./media/icons/yes-icon.png"::: Connected GCP projects|
+| Clouds: | **Azure**:<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: National clouds (Azure Government, Azure China 21Vianet) (Except for preview features))<br><br>**Non Azure**:<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Connected AWS accounts (Preview) <br> :::image type="icon" source="./media/icons/yes-icon.png"::: Connected GCP projects (Preview) <br> :::image type="icon" source="./media/icons/yes-icon.png"::: On-prem/IaaS supported via Arc enabled Kubernetes (Preview). <br> <br>For more details, see the [availability section](supported-machines-endpoint-solutions-clouds-containers.md#defender-for-containers-feature-availability). |
 |  |  |
 
 ## What are the benefits of Microsoft Defender for Containers?
@@ -84,7 +83,7 @@ The **Azure Policy add-on for Kubernetes** collects cluster and workload configu
 | azuredefender-collector-misc-* | kube-system | [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) | A set of containers that focus on collecting inventory and security events from the Kubernetes environment that aren't bounded to a specific node. | N/A | memory: 64Mi <br> <br>cpu: 60m | No |
 | azuredefender-publisher-ds-* | kube-system | [DeamonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) | Publish the collected data to Microsoft Defender for Containers' backend service where the data will be processed for and analyzed. | N/A | memory: 64Mi  <br> <br> cpu: 60m | Https 443 <br> <br> Learn more about the [outbound access prerequisites](../aks/limit-egress-traffic.md#microsoft-defender-for-containers) |
 
-\* resource limits are not configurable
+\* resource limits aren't configurable
 
 ### [**On-premises / IaaS (Arc)**](#tab/defender-for-container-arch-arc)
 
@@ -176,17 +175,17 @@ Defender for Containers includes an integrated vulnerability scanner for scannin
 
 There are four triggers for an image scan:
 
-- **On push** - Whenever an image is pushed to your registry, Defender for container registries automatically scans that image. To trigger the scan of an image, push it to your repository.
+- **On push** - Whenever an image is pushed to your registry, Defender for Containers automatically scans that image. To trigger the scan of an image, push it to your repository.
 
 - **Recently pulled** - Since new vulnerabilities are discovered every day, **Microsoft Defender for Containers** also scans, on a weekly basis, any image that has been pulled within the last 30 days. There's no extra charge for these rescans; as mentioned above, you're billed once per image.
 
 - **On import** - Azure Container Registry has import tools to bring images to your registry from Docker Hub, Microsoft Container Registry, or another Azure container registry. **Microsoft Defender for container Containers** scans any supported images you import. Learn more in [Import container images to a container registry](../container-registry/container-registry-import-images.md).
 
 - **Continuous scan**- This trigger has two modes:
 
-    - A Continuous scan based on an image pull.  This scan is performed every 7 days after an image was pulled, and only for 30 days after the image was pulled. This mode doesn't require the security profile, or extension.
+    - A Continuous scan based on an image pull.  This scan is performed every seven days after an image was pulled, and only for 30 days after the image was pulled. This mode doesn't require the security profile, or extension.
 
-    -  (Preview) Continuous scan for running images. This scan is performed every 7 days for as long as the image runs. This mode runs instead of  the above mode when the Defender profile, or extension is running on the cluster.
+    -  (Preview) Continuous scan for running images. This scan is performed every seven days for as long as the image runs. This mode runs instead of  the above mode when the Defender profile, or extension is running on the cluster.
 
 This scan typically completes within 2 minutes, but it might take up to 40 minutes. For every vulnerability identified, Defender for Cloud provides actionable recommendations, along with a severity classification, and guidance for how to remediate the issue. 
 
@@ -197,11 +196,14 @@ Defender for Cloud filters, and classifies findings from the scanner. When an im
 
 ### View vulnerabilities for running images
 
-Defender for Containers expands on the registry scanning features of the Defender for container registries plan by introducing the **preview feature** of run-time visibility of vulnerabilities powered by the Defender profile, or extension.
+Defender for Containers expands on the registry scanning features by introducing the **preview feature** of run-time visibility of vulnerabilities powered by the Defender profile, or extension.
+
+> [!NOTE]
+> There's no Defender profile for Windows, it's only available on Linux OS.
 
 The new recommendation, **Running container images should have vulnerability findings resolved**, only shows vulnerabilities for running images, and relies on the Defender security profile, or extension to discover which images are currently running. This recommendation groups running images that have vulnerabilities, and provides details about the issues discovered, and how to remediate them. The Defender profile, or extension is used to gain visibility into vulnerable containers that are active.
 
-This recommendation shows running images, and their vulnerabilities based on ACR image image. Images that are deployed from a non ACR registry, will not be scanned, and will appear under the Not applicable tab.
+This recommendation shows running images, and their vulnerabilities based on ACR image. Images that are deployed from a non ACR registry, won't be scanned, and will appear under the Not applicable tab.
 
 :::image type="content" source="media/defender-for-containers/running-image-vulnerabilities-recommendation.png" alt-text="Screenshot showing where the recommendation is viewable" lightbox="media/defender-for-containers/running-image-vulnerabilities-recommendation-expanded.png":::
 
@@ -219,20 +221,20 @@ The full list of available alerts can be found in the [Reference table of alerts
 
 ## FAQ - Defender for Containers
 
-- [What happens to subscriptions with Microsoft Defender for Kubernetes or Microsoft Defender for container registries enabled?](#what-happens-to-subscriptions-with-microsoft-defender-for-kubernetes-or-microsoft-defender-for-container-registries-enabled)
+- [What happens to subscriptions with Microsoft Defender for Kubernetes or Microsoft Defender for Containers enabled?](#what-happens-to-subscriptions-with-microsoft-defender-for-kubernetes-or-microsoft-defender-for-containers-enabled)
 - [Is Defender for Containers a mandatory upgrade?](#is-defender-for-containers-a-mandatory-upgrade)
 - [Does the new plan reflect a price increase?](#does-the-new-plan-reflect-a-price-increase)
 - [What are the options to enable the new plan at scale?](#what-are-the-options-to-enable-the-new-plan-at-scale)
 
-### What happens to subscriptions with Microsoft Defender for Kubernetes or Microsoft Defender for container registries enabled?
+### What happens to subscriptions with Microsoft Defender for Kubernetes or Microsoft Defender for Containers enabled?
 
 Subscriptions that already have one of these plans enabled can continue to benefit from it.
 
 If you haven't enabled them yet, or create a new subscription, these plans can no longer be enabled.
 
 ### Is Defender for Containers a mandatory upgrade?
 
-No. Subscriptions that have either Microsoft Defender for Kubernetes or Microsoft Defender for container registries enabled don't need to be upgraded to the new Microsoft Defender for Containers plan. However, they won't benefit from the new and improved capabilities and they’ll have an upgrade icon shown alongside them in the Azure portal. 
+No. Subscriptions that have either Microsoft Defender for Kubernetes or Microsoft Defender for Containers Registries enabled doesn't need to be upgraded to the new Microsoft Defender for Containers plan. However, they won't benefit from the new and improved capabilities and they’ll have an upgrade icon shown alongside them in the Azure portal. 
 
 ### Does the new plan reflect a price increase?
 No. There’s no direct price increase. The new comprehensive Container security plan  combines Kubernetes protection and container registry image scanning, and removes the previous dependency on the (paid) Defender for Servers plan. 
 
@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender for servers - the benefits and features
 description: Learn about the benefits and features of Microsoft Defender for servers.
-ms.date: 11/09/2021
+ms.date: 03/08/2022
 ms.topic: overview
 ---
 # Introduction to Microsoft Defender for servers
@@ -15,7 +15,7 @@ To protect machines in hybrid and multi-cloud environments, Defender for Cloud u
 - [Connect your AWS accounts to Microsoft Defender for Cloud](quickstart-onboard-aws.md)
 
 > [!TIP]
-> For details of which Defender for servers features are relevant for machines running on other cloud environments, see [Supported features for virtual machines and servers](supported-machines-endpoint-solutions-clouds.md?tabs=features-windows#supported-features-for-virtual-machines-and-servers-).
+> For details of which Defender for servers features are relevant for machines running on other cloud environments, see [Supported features for virtual machines and servers](supported-machines-endpoint-solutions-clouds-servers.md?tabs=features-windows#supported-features-for-virtual-machines-and-servers-).
 
 ## What are the benefits of Microsoft Defender for servers?