You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/upcoming-changes.md
+30Lines changed: 30 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,6 +20,8 @@ If you're looking for the latest release notes, you'll find them in the [What's
20
20
|--|--|
21
21
|[Deprecation of legacy compliance standards across cloud environments](#deprecation-of-legacy-compliance-standards-across-cloud-environments)| April 2023 |
22
22
|[Multiple changes to identity recommendations](#multiple-changes-to-identity-recommendations)| May 2023 |
23
+
|[Release of containers Vulnerability Assessment powered by Microsoft Defender Vulnerability Management (MDVM) in Defender CSPM](#release-of-containers-vulnerability-assessment-powered-by-microsoft-defender-vulnerability-management-mdvm-in-defender-cspm)| May 2023 |
24
+
|[Renaming container recommendations powered by Qualys](#renaming-container-recommendations-powered-by-qualys)| May 2023 |
23
25
|[DevOps Resource Deduplication for Defender for DevOps](#devops-resource-deduplication-for-defender-for-devops)| June 2023 |
24
26
25
27
### Deprecation of legacy compliance standards across cloud environments
@@ -73,6 +75,34 @@ The following security recommendations will be released as GA and replace the V1
73
75
| Blocked accounts with owner permissions on Azure resources should be removed | 050ac097-3dda-4d24-ab6d-82568e7a50cf |
74
76
| Blocked accounts with read and write permissions on Azure resources should be removed | 1ff0b4c9-ed56-4de6-be9c-d7ab39645926 |
75
77
78
+
### Release of containers Vulnerability Assessment powered by Microsoft Defender Vulnerability Management (MDVM) in Defender CSPM
79
+
80
+
**Estimated date for change: May 2023**
81
+
82
+
We're announcing the release of Vulnerability Assessment for Linux images in Azure container registries powered by Microsoft Defender Vulnerability Management (MDVM) in Defender CSPM. This release includes daily scanning of images. Findings used in the Security Explorer and attack paths will rely on MDVM Vulnerability Assessment instead of the Qualys scanner.
83
+
84
+
The existing recommendation "Container registry images should have vulnerability findings resolved" is replaced by a new recommendation powered by MDVM:
85
+
86
+
|Recommendation | Description | Assessment Key|
87
+
|--|--|--|
88
+
| Container registry images should have vulnerability findings resolved (powered by Microsoft Defender Vulnerability Management)| Container image vulnerability assessment scans your registry for commonly known vulnerabilities (CVEs) and provides a detailed vulnerability report for each image. This recommendation provides visibility to vulnerable images currently running in your Kubernetes clusters. Remediating vulnerabilities in container images that are currently running is key to improving your security posture, significantly reducing the attack surface for your containerized workloads. |dbd0cb49-b563-45e7-9724-889e799fa648 <br> is replaced by c0b7cfc6-3172-465a-b378-53c7ff2cc0d5
89
+
90
+
The recommendation "Running container images should have vulnerability findings resolved" (assessment key 41503391-efa5-47ee-9282-4eff6131462c) is temporarily removed and will be replaced soon by a new recommendation powered by MDVM.
91
+
92
+
Learn more about [Microsoft Defender Vulnerability Management (MDVM)](https://learn.microsoft.com/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management).
93
+
94
+
### Renaming container recommendations powered by Qualys
95
+
96
+
**Estimated date for change: May 2023**
97
+
98
+
The current container recommendations in Defender for Containers are renamed as follows:
99
+
100
+
|Recommendation | Description | Assessment Key|
101
+
|--|--|--|
102
+
| Container registry images should have vulnerability findings resolved (powered by Qualys) | Container image vulnerability assessment scans your registry for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks. | dbd0cb49-b563-45e7-9724-889e799fa648 |
103
+
| Running container images should have vulnerability findings resolved (powered by Qualys) | Container image vulnerability assessment scans container images running on your Kubernetes clusters for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks. | 41503391-efa5-47ee-9282-4eff6131462c |
104
+
105
+
76
106
### DevOps Resource Deduplication for Defender for DevOps
0 commit comments