Build Cloud Security Explorer queries to identify vulnerabilities in Kubernetes clusters
Article
You can use the Cloud Security Explorer to identify vulnerabilities in your Kubernetes clusters. The following examples demonstrate the building of queries that you can modify for your specific needs.
Filter on the software in the container images to query.
Select the View details link of the container image of interest to see the result details pane. In the Insights section of the Result details pane is a drop-drown list of the software installed on the container image. Select the installed software for review.
View the details of the installed software in the Insights section.
Create a query to identify vulnerabilities in cluster nodes
Filter on the cluster nodes in the Azure Kubernetes Services environment to query.
Select the View details link of the cluster node pool of interest to see the result details pane. In the Result details pane, select the virtual machine scale set icon, to see the vulnerabilities.
Explore network traffic filtering with Network Security Group, set up Microsoft Defender for Cloud, create a Log Analytics workspace, configure Log Analytics agent integration, Azure Key Vault networking, and connect an Azure SQL server using Azure Private Endpoint in the Azure portal. Enhance cloud security effectively. (SC-5002)
Demonstrate the skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities.
