You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/support-matrix-defender-for-containers.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -33,8 +33,8 @@ Following are the features for each of the domains in Defender for Containers:
33
33
|--|--|--|--|--|--|--|--|--|
34
34
|[Agentless discovery for Kubernetes](defender-for-containers-introduction.md#security-posture-management)| Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. | AKS | GA | GA | Enable **Agentless discovery on Kubernetes** toggle | Agentless | Defender for Containers **OR** Defender CSPM | Azure commercial clouds |
35
35
| Comprehensive inventory capabilities | Enables you to explore resources, pods, services, repositories, images, and configurations through [security explorer](how-to-manage-cloud-security-explorer.md#build-a-query-with-the-cloud-security-explorer) to easily monitor and manage your assets. | ACR, AKS | GA | GA | Enable **Agentless discovery on Kubernetes** toggle | Agentless| Defender for Containers **OR** Defender CSPM | Azure commercial clouds |
36
-
| Attack path analysis | A graph-based algorithm that scans the cloud security graph. The scans expose exploitable paths that attackers might use to breach your environment. | ACR, AKS | GA |-| Activated with plan | Agentless | Defender CSPM (requires Agentless discovery for Kubernetes to be enabled) | Azure commercial clouds |
37
-
| Enhanced risk-hunting | Enables security admins to actively hunt for posture issues in their containerized assets through queries (built-in and custom) and [security insights](attack-path-reference.md#insights) in the [security explorer](how-to-manage-cloud-security-explorer.md). | ACR, AKS | GA |-| Enable **Agentless discovery on Kubernetes** toggle | Agentless | Defender for Containers **OR** Defender CSPM | Azure commercial clouds |
36
+
| Attack path analysis | A graph-based algorithm that scans the cloud security graph. The scans expose exploitable paths that attackers might use to breach your environment. | ACR, AKS | GA |GA| Activated with plan | Agentless | Defender CSPM (requires Agentless discovery for Kubernetes to be enabled) | Azure commercial clouds |
37
+
| Enhanced risk-hunting | Enables security admins to actively hunt for posture issues in their containerized assets through queries (built-in and custom) and [security insights](attack-path-reference.md#insights) in the [security explorer](how-to-manage-cloud-security-explorer.md). | ACR, AKS | GA |GA| Enable **Agentless discovery on Kubernetes** toggle | Agentless | Defender for Containers **OR** Defender CSPM | Azure commercial clouds |
38
38
|[Control plane hardening](defender-for-containers-architecture.md)| Continuously assesses the configurations of your clusters and compares them with the initiatives applied to your subscriptions. When it finds misconfigurations, Defender for Cloud generates security recommendations that are available on Defender for Cloud's Recommendations page. The recommendations let you investigate and remediate issues. | ACR, AKS | GA | Preview | Activated with plan | Agentless | Free | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
39
39
|[Kubernetes data plane hardening](kubernetes-workload-protections.md)|Protect workloads of your Kubernetes containers with best practice recommendations. |AKS | GA | - | Enable **Azure Policy for Kubernetes** toggle | Azure Policy | Free | Commercial clouds<br><br> National clouds: Azure Government, Azure operated by 21Vianet |
40
40
| Docker CIS | Docker CIS benchmark | VM, Virtual Machine Scale Set | GA | - | Enabled with plan | Log Analytics agent | Defender for Servers Plan 2 | Commercial clouds<br><br> National clouds: Azure Government, Microsoft Azure operated by 21Vianet |
@@ -98,7 +98,7 @@ Learn how to [use Azure Private Link to connect networks to Azure Monitor](../az
98
98
|--|--| -- | -- | -- | -- | --|
99
99
| Security posture management |[Agentless discovery for Kubernetes](defender-for-containers-introduction.md#security-posture-management)| EKS | GA | GA | Agentless | Defender for Containers **OR** Defender CSPM |
100
100
| Security posture management | Comprehensive inventory capabilities | ECR, EKS | GA | GA | Agentless| Defender for Containers **OR** Defender CSPM |
@@ -107,7 +107,7 @@ Learn how to [use Azure Private Link to connect networks to Azure Monitor](../az
107
107
|[Vulnerability assessment](agentless-vulnerability-assessment-aws.md)| Agentless/sensor-based runtime (powered by Microsoft Defender Vulnerability Management) [supported packages](#registries-and-images-support-for-aws---vulnerability-assessment-powered-by-microsoft-defender-vulnerability-management)| EKS | GA | GA | Agentless **OR/AND** Defender sensor | Defender for Containers or Defender CSPM |
108
108
| Runtime protection| Control plane | EKS | GA | GA | Agentless | Defender for Containers |
109
109
| Runtime protection| Workload | EKS | GA | - | Defender sensor | Defender for Containers |
110
-
| Deployment & monitoring | Discovery of unprotected clusters | EKS | GA |-| Agentless | Defender for Containers |
110
+
| Deployment & monitoring | Discovery of unprotected clusters | EKS | GA |GA| Agentless | Defender for Containers |
111
111
| Deployment & monitoring | Auto provisioning of Defender sensor | EKS | GA | - | - | - |
112
112
| Deployment & monitoring | Auto provisioning of Azure Policy for Kubernetes | EKS | GA | - | - | - |
113
113
@@ -142,7 +142,7 @@ Outbound proxy without authentication and outbound proxy with basic authenticati
142
142
|--|--| -- | -- | -- | -- | --|
143
143
| Security posture management |[Agentless discovery for Kubernetes](defender-for-containers-introduction.md#security-posture-management)| GKE | GA | GA | Agentless | Defender for Containers **OR** Defender CSPM |
144
144
| Security posture management | Comprehensive inventory capabilities | GAR, GCR, GKE | GA | GA | Agentless| Defender for Containers **OR** Defender CSPM |
| Security posture management | Enhanced risk-hunting | GAR, GCR, GKE | GA | GA | Agentless | Defender for Containers **OR** Defender CSPM |
147
147
| Security posture management | Docker CIS | GCP VMs | GA | - | Log Analytics agent | Defender for Servers Plan 2 |
148
148
| Security posture management | Control plane hardening | GKE | GA | GA | Agentless | Free |
@@ -151,7 +151,7 @@ Outbound proxy without authentication and outbound proxy with basic authenticati
151
151
|[Vulnerability assessment](agentless-vulnerability-assessment-gcp.md)| Agentless/sensor-based runtime (powered by Microsoft Defender Vulnerability Management) [supported packages](#registries-and-images-support-for-gcp---vulnerability-assessment-powered-by-microsoft-defender-vulnerability-management)| GKE | GA | GA | Agentless **OR/AND** Defender sensor | Defender for Containers or Defender CSPM |
152
152
| Runtime protection| Control plane | GKE | GA | GA | Agentless | Defender for Containers |
153
153
| Runtime protection| Workload | GKE | GA | - | Defender sensor | Defender for Containers |
154
-
| Deployment & monitoring | Discovery of unprotected clusters | GKE | GA |-| Agentless | Defender for Containers |
154
+
| Deployment & monitoring | Discovery of unprotected clusters | GKE | GA |GA| Agentless | Defender for Containers |
155
155
| Deployment & monitoring | Auto provisioning of Defender sensor | GKE | GA | - | Agentless | Defender for Containers |
156
156
| Deployment & monitoring | Auto provisioning of Azure Policy for Kubernetes | GKE | GA | - | Agentless | Defender for Containers |
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments