You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When performing container image scanning would it be possible to add alerting to notify people when a vulnerability has been detected?
Apologies if I have missed it, but this does not currently appear to be possible. Security alerts are not generated within Microsoft Defender for Cloud, which means that you have to manually keep checking the recommendations within the Azure Portal.
There does appear to be provision for integrating the vulnerability scanning into CI/CD workflows as per https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-cicd. However, this capability appears to only be available for GitHub and is not available for Azure Devops. I also don't think alerting during the CI/CD workflow is a complete solution, as vulnerabilities may be detected in a container image long after the image was created.
The only alternatives I've seen that others have come up with is to create custom scripts and integrate them with Azure Devops pipelines, or to create Logic Apps to perform this function. These are all reasonable solutions, however I think it would be a great benefit if the alerting was built into Microsoft Defender for Cloud.
I hope you take the idea under consideration, and apologies if this is not the correct place for this, or if I have just overlooked this functionality.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi all,
When performing container image scanning would it be possible to add alerting to notify people when a vulnerability has been detected?
Apologies if I have missed it, but this does not currently appear to be possible. Security alerts are not generated within Microsoft Defender for Cloud, which means that you have to manually keep checking the recommendations within the Azure Portal.
There does appear to be provision for integrating the vulnerability scanning into CI/CD workflows as per https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-cicd. However, this capability appears to only be available for GitHub and is not available for Azure Devops. I also don't think alerting during the CI/CD workflow is a complete solution, as vulnerabilities may be detected in a container image long after the image was created.
It does appear to be possible to access the required information via Azure Resource Graph as per https://github.com/Azure/Microsoft-Defender-for-Cloud/tree/main/Container%20Image%20Scan%20Vulnerability%20Assessment/ARG%20queries/Container%20Registry%20Vulnerability%20Assessment%20Images%20Scan%20Summary. Unfortunately, it doesn't appear to be possible to query the "securityresources" table as a custom search in Azure Monitor Alerts, so I cannot create standard alerts for this.
The only alternatives I've seen that others have come up with is to create custom scripts and integrate them with Azure Devops pipelines, or to create Logic Apps to perform this function. These are all reasonable solutions, however I think it would be a great benefit if the alerting was built into Microsoft Defender for Cloud.
I hope you take the idea under consideration, and apologies if this is not the correct place for this, or if I have just overlooked this functionality.
Regards,
Mark
Beta Was this translation helpful? Give feedback.
All reactions