Azure Security Center Can Now Monitor Azure Kubernetes Service Containers -- Redmondmag.com

Azure Security Center Can Now Monitor Azure Kubernetes Service Containers

By Kurt Mackie
03/25/2020

Microsoft announced this week that the Azure Security Center management portal now works with the Azure Kubernetes Service (AKS) to ensure the security of Docker containers running on Linux systems or virtual machines.

Containers are an operating system virtualization approach, developed by Docker, that are advantageous for hosted applications because the possibility of application and configuration conflicts gets removed. AKS is Microsoft's service for container orchestration on datacenter clusters, based on the Google-fostered Kubernetes datacenter solution. Azure Security Center is a software dashboard for monitoring the security of public cloud services, on-premises workloads and so-called "hybrid" or mixed scenarios.

Container security might not be top of mind for organizations, but Microsoft contends that "defending the attack surfaces of a containerized application requires expertise to ensuring the infrastructure is configured securely and constantly monitored for potential threats."

To that end, Azure Security Center offers runtime protection for containers, vulnerability management and environmental hardening, according to a Microsoft document on "Container Security in Security Center."

Containers get scanned for vulnerabilities using Qualys' scanning service. It happens when a new container image gets pushed. The images are run and get scanned in an "isolated sandbox."

"When a new image is pushed, Security Center scans the image using a scanner from the industry-leading vulnerability scanning vendor, Qualys," the "Container Security" document explained.

The Azure Security Center also checks the configuration of containers by comparing them against the "Center for Internet Security (CIS) Docker Benchmark." However, these benchmark checks "will not run on AKS-managed instances or Databricks-managed VMs," Microsoft explained in a footnote.

To use Azure Security Center for AKS-managed containers, organizations will need to have the "Standard Tier" Azure Security Center licensing, which adds vulnerability scanning.

Users of the integrated solution get both container hosting alerts and AKS alerts in Azure Security Center. More details are described in Microsoft's "Azure Kubernetes Services Integration with Security Center" document landing page.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

Multi-Tenant Organization Hooks Released for Microsoft 365

Microsoft Entra ID's new multi-tenant organization capabilities have reached general availability (GA).
Real-World Ransomware Recovery

Here's how I was (mostly) successful in recovering a family PC infected with malware.
Microsoft Launches Small AI Models Family Phi-3

Recognizing that bigger isn't always better, Microsoft has released its smallest open AI models to date, Phi-3.
Microsoft and OpenAI Continue Global AI Expansions

Microsoft and OpenAI each continued their global expansion this month, with the announcements of new infrastructure investments and service rollouts in new regions, like Asia and the Middle East.
Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.