Muokkaa

Jaa


Build Cloud Security Explorer queries to identify vulnerabilities in Kubernetes clusters

You can use the Cloud Security Explorer to identify vulnerabilities in your Kubernetes clusters. The following examples demonstrate the building of queries that you can modify for your specific needs.

Read Build queries with Cloud Security Explorer for an introduction to Cloud Security Explorer queries.

Create a query to identify software vulnerabilities in container images

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Cloud Security Explorer

    Screenshot of main page of Cloud Security Explorer.

  3. Filter on the software in the container images to query.

    Screenshot of Cloud Security Explorer query options to retrieve list of container images with software installed.

  4. Select the View details link of the container image of interest to see the result details pane. In the Insights section of the Result details pane is a drop-drown list of the software installed on the container image. Select the installed software for review.

    Screenshot shows results of Cloud Security Explorer query to retrieve container images with software installed.

  5. View the details of the installed software in the Insights section.

    Screenshot shows Cloud Security Explorer query result details and insight results from the selected containers image.

Create a query to identify vulnerabilities in cluster nodes

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Cloud Security Explorer

    Screenshot of main page of Cloud Security Explorer.

  3. Filter on the cluster nodes in the Azure Kubernetes Services environment to query.

    Screenshot of Cloud Security Explorer query options to retrieve list of cluster nodes with vulnerabilities.

  4. Select the View details link of the cluster node pool of interest to see the result details pane. In the Result details pane, select the virtual machine scale set icon, to see the vulnerabilities.

    Screenshot shows results of Cloud Security Explorer query to retrieve vulnerabilities in cluster nodes.