![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 38%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELJ%3C/text%3E%3C/svg%3E)
1,563 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello Leonord Joseph
Agentless scanning for machines and Vulnerability assessment for machines is available in Microsoft Defender for Cloud's Government Community Cloud High (GCCH) environment, provided you have the appropriate plans enabled.
Defender for Servers Plan 2 This plan includes both agentless scanning and agent-based vulnerability assessment. Agentless scanning is enabled by default when Defender for Servers Plan 2 is activated. If it's not enabled, you can manually turn it on through the Environment settings in Defender for Cloud.
Microsoft Learn
Defender Cloud Security Posture Management (CSPM): This plan also supports agentless scanning for machines. If you have CSPM enabled, you can activate agentless scanning via the Environment settings. Plan protection features
If you're not seeing the options to enable these features:
-Ensure you have Owner or Security Admin permissions at the subscription level. These roles are required to enable agentless scanning and vulnerability assessment.
-Verify that either Defender for Servers Plan 2 or Defender CSPM is activated in your subscription. Without these plans, the features won't be available.
-Navigate to Defender for Cloud > Environment settings > Your Subscription > Settings & Monitoring. Here, you should find options to enable both agentless scanning and vulnerability assessment.
Check these below documents this has detail steps to turn on these settings:
Enable agentless machine scanning
Enable vulnerability scanning
Agentless machine scanning
I hope this clarifies things.
Please remember to "Accept Answer", so that others in the community facing similar issues can easily find the answers. if you have any further query do let us know in comment section.