Azure Defender for Cloud BYOL Rapid 7 license

AdamBudzinskiAZA-0329 91 Reputation points
2023-11-08T16:15:11.7566667+00:00

Hi,

 

Reading here I can enable Rapid 7 as my own BYOL vulnerability assessment solution for Azure VM’s as described here https://learn.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-byol-vm

 

Now if I search for the Machines should have a vulnerability assessment solution recommendation in Defender for Cloud:

User's image

Click on a VM to fix the recommendation:

User's image

And provide all the necessary information as seen below AND selecting AUTO DEPLOY to ON:

User's image

How can I make sure it does automatically update the extension, since when I go under extensions for a given VM it says automatic extension upgrade is not supported for this extension!!!! How can I make sure, or how does Azure make sure that I’m running the latest version ??

User's image

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,377 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 17,786 Reputation points Microsoft Employee
    2023-11-10T13:07:15.42+00:00

    @AdamBudzinskiAZA-0329

    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you have been deploying rapid7 agent via Microsoft defender for cloud (BYOL) solution but can't have the auto updates enabled for the same.

    Please do correct me if this is not the case by responding in the comments section:

    Update1:

    As per Supported extensions automatic Extension Upgrade supports the following extensions (and more are added periodically):

    • Azure Automation Hybrid Worker extension - Linux and Windows
    • Dependency Agent – Linux and Windows
    • Application Health Extension – Linux and Windows
    • Guest Attestation Extension - Linux and Windows
    • Guest Configuration Extension – Linux and Windows
    • Key Vault – Linux and Windows
    • Azure Monitor Agent
    • Log Analytics Agent for Linux
    • Azure Diagnostics extension for Linux

    Considering the documentation, it seems like a limitation with Azure VM which is beyond support for Microsoft Defender for cloud. For automatic upgrades of Insight agent extension , I would recommend to post the feedback on AzureVM feedback portal which is monitored by the service engineering team for AzureVM.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.