Catégorie : Microsoft Defender for Cloud

Defender for Containers can now scan for vulnerabilities in Windows images

Hi!

Defender for Container’s image scan now supports Windows images that are hosted in Azure Container Registry. This feature is free while in preview, and will incur a cost when it becomes generally available.

Findings details pane.

I previously written an article in French to explain you how you can leverage Microsoft Defender to scan your Linux container images.

Maxime.

New alert for Microsoft Defender for Storage

Hi,

To expand the threat protections provided by Microsoft Defender for Storage, Microsoft added a new preview alert.

Alert (alert type)DescriptionMITRE tacticSeverity
PREVIEW – Access from a suspicious application
(Storage.Blob_SuspiciousApp)
Indicates that a suspicious application has successfully accessed a container of a storage account with authentication.
This might indicate that an attacker has obtained the credentials necessary to access the account, and is exploiting it. This could also be an indication of a penetration test carried out in your organization.
Applies to: Azure Blob Storage, Azure Data Lake Storage Gen2
Initial AccessMedium

Maxime.