Skip to content

Commit e180c44

Browse files
tspivakmstspivakms
authored
Update agentless-container-registry-vulnerability-assessment.md
1 parent 9b39316 commit e180c44

File tree

1 file changed

+5
-2
lines changed

1 file changed

+5
-2
lines changed

articles/defender-for-cloud/agentless-container-registry-vulnerability-assessment.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -38,19 +38,22 @@ Container vulnerability assessment powered by MDVM (Microsoft Defender Vulnerabi
3838

3939
The triggers for an image scan are:
4040

41-
- **One-time triggering**
41+
- **One-time triggering**:
4242
– each image pushed or imported to a container registry is scanned shortly after being pushed or imported to a registry. In most cases, the scan is completed within a few minutes, but sometimes it may take up to an hour.
4343
- [preview] each image pull from a registry is scanned shortly after being pulled from a registry.In most cases, the scan is completed within a few minutes, but sometimes it may take up to an hour.
4444

4545
> [!NOTE]
46-
> While Container vulnerability assessment powered by MDVM is generally available for Defender CSPM, scan-on-push is currently in public preview.
46+
> While Container vulnerability assessment powered by MDVM is generally available for Defender CSPM, scan-on-push and scan on pull is currently in public preview.
4747
4848
- **Continuous rescan triggering** – Continuous rescan is required to ensure images that have been previously scanned for vulnerabilities are rescanned to update their vulnerability reports in case a new vulnerability is published.
4949
- **Re-scan** is performed once a day for:
5050
- images pushed in the last 90 days.
5151
- [preview] images pulled in the last 30 days.
5252
- images currently running on the Kubernetes clusters monitored by Defender for Cloud (either via [agentless discovery and visibility for Kubernetes](how-to-enable-agentless-containers.md) or the [Defender agent](tutorial-enable-containers-azure.md#deploy-the-defender-agent-in-azure)).
5353

54+
> [!NOTE]
55+
> While Container vulnerability assessment powered by MDVM is generally available for Defender CSPM, scan images pulled in the last 30 days is currently in public preview
56+
5457
## How does image scanning work?
5558

5659
A detailed description of the scan process is described as follows:

0 commit comments

Comments
 (0)