You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/security-center/monitor-container-security.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ author: memildin
6
6
manager: rkarlin
7
7
ms.service: security-center
8
8
ms.topic: conceptual
9
-
ms.date: 02/11/2020
9
+
ms.date: 02/12/2020
10
10
ms.author: memildin
11
11
---
12
12
@@ -20,8 +20,10 @@ Azure Security Center covers the following three aspects of container security:
20
20
-**Vulnerability management** - If you're on Security Center's standard pricing tier (see [pricing](/azure/security-center/security-center-pricing)), you can scan your ARM-based Azure Container Registry every time a new image is pushed. The scanner (powered by Qualys) presents findings as Security Center recommendations.
21
21
For detailed instructions, see [Scanning your container registries for vulnerabilities](#scanning-your-arm-based-container-registries-for-vulnerabilities) below.
22
22
23
-
-**Hardening of the container's environment (Kubernetes clusters and Docker machines)** - Security Center finds unmanaged containers hosted on IaaS Linux VMs or other Linux machines running Docker, and continuously compares the containers' configurations with the Center for Internet Security (CIS) Docker Benchmark. Security Center alerts you if your containers don't satisfy any of the controls. Continuous monitoring for security risks due to misconfigurations is a crucial component of any security program.
24
-
For detailed instructions, see [Hardening your containers' hosts](#hardening-your-containers-hosts) below.
23
+
-**Hardening your containers' Docker hosts** - Security Center finds unmanaged containers hosted on IaaS Linux VMs or other Linux machines running Docker, and continuously compares the containers' configurations with the Center for Internet Security (CIS) Docker Benchmark. Security Center alerts you if your containers don't satisfy any of the controls. Continuous monitoring for security risks due to misconfigurations is a crucial component of any security program.
24
+
For detailed instructions, see [Hardening your containers' Docker hosts](#hardening-your-containers-docker-hosts) below.
25
+
26
+
-**Hardening your Azure Kubernetes Service clusters** - Security Center provides recommendations when it finds vulnerabilities in the configuration of your Azure Kubernetes Service clusters. For details of the specific recommendations that may appear, see the [Kubernetes Service recommendations](recommendations-reference.md#recs-containers).
25
27
26
28
-**Runtime protection** - If you're on Security Center's standard pricing tier, you'll get real-time threat detection for your containerized environments. Security Center generates alerts for suspicious activities at the host and AKS cluster level. For details of the relevant security alerts that might appear, see the [Alerts for Azure Kubernetes Service clusters](alerts-reference.md#alerts-akscluster) and [Alerts for containers - host level](alerts-reference.md#alerts-containerhost) sections of the alerts reference table.
27
29
@@ -96,8 +98,6 @@ Azure Security Center covers the following three aspects of container security:
96
98
97
99
## Hardening your containers' Docker hosts
98
100
99
-
>[!TIP] To harden your Azure Kubernetes Service clusters, check the **Recommendations** page for any of the [Kubernetes Service recommendations](recommendations-reference.md#recs-containers).
100
-
101
101
Security Center constantly monitors the configuration of your Docker hosts, and generates security recommendations that reflect industry standards.
102
102
103
103
To view Azure Security Center's security recommendations for your containers' Docker hosts:
0 commit comments