Ensure that Microsoft Defender for Kubernetes is set to ‘On’
Enabling Microsoft Defender for Kubernetes allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).
Blog
Ensure that Microsoft Defender for Container Registries is set to ‘On’
Enabling Azure Defender for Container Registries allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center...
Ensure that Microsoft Defender for App Service is set to ‘On’
Enabling Microsoft Defender for Servers allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).
Ensure that Microsoft Defender for Servers is set to ‘On’
Enabling Microsoft Defender for Servers allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).
Missing Alert for Firewall Rules Editing
Monitoring for Create or Update or Delete SQL Server Firewall Rule events gives insight into network access changes and may...
Controller creating pods with privileged Docker
Docker privileged mode grants a Docker container root capabilities to all devices on the host system. Controller {K8sController} was found...
Controller creating containers with secrets as environment variables
Kubernetes supports mounting secrets as data volumes or as environment variables. It is reasonably common for application code to log...
Controller of pods with the ability to read secrets
Controllers are responsible for pods state using a declaration of pod definition. Pods utilize a service account associated with them...
Controller of pods with administrator-like permissions in cluster scope
Controllers are responsible for pods state using a declaration of pod definition. Pods utilize a service account associated with them...