Auteur/autrice : zigmax

ACR | Retention policy for untagged manifests

Hi!

Azure Container Registry gives you the option to set a retention policy for stored image manifests that don’t have any associated tags (untagged manifests). When a retention policy is enabled, untagged manifests in the registry are automatically deleted after a number of days you set.

The following example sets a retention policy of 30 days for untagged manifests in the registry zigmax:

az acr config retention update --registry zigmax --status enabled --days 30 --type UntaggedManifests

You can also define the retention policy for un tagged manifests in the Azure Portal:

Maxime.

Defender for Containers can now scan for vulnerabilities in Windows images

Hi!

Defender for Container’s image scan now supports Windows images that are hosted in Azure Container Registry. This feature is free while in preview, and will incur a cost when it becomes generally available.

Findings details pane.

I previously written an article in French to explain you how you can leverage Microsoft Defender to scan your Linux container images.

Azure Container Registry | Scanner vos images de containers

Maxime.

New alert for Microsoft Defender for Storage

Hi,

To expand the threat protections provided by Microsoft Defender for Storage, Microsoft added a new preview alert.

Alert (alert type)DescriptionMITRE tacticSeverity
PREVIEW – Access from a suspicious application
(Storage.Blob_SuspiciousApp)		Indicates that a suspicious application has successfully accessed a container of a storage account with authentication.
This might indicate that an attacker has obtained the credentials necessary to access the account, and is exploiting it. This could also be an indication of a penetration test carried out in your organization.
Applies to: Azure Blob Storage, Azure Data Lake Storage Gen2		Initial AccessMedium

Maxime.