Share via

Container Scanning MDVM vs Deprecated Qualys

LaBombard, Lory 41 Reputation points
2024-01-11T19:05:04.96+00:00

We have been pulling container vulnerabilities from both MDVM (Azure registry container images should have vulnerabilities resolved (powered by Microsoft Defender Vulnerability Management)and the Deprecated Qualys scanner ([Deprecated] Azure registry container images should have vulnerabilities resolved (powered by Qualys). We noticed that some of the vulnerabilities that are in the Qualys scanner aren't showing in MDVM, a couple of which we are trying to get confirmation as False Positives. Is the intention to start only using MDVM vulnerability assessment and stop looking at the Qualys scanner output? Is that supposed to be a 1-1 replacement? Thank you!

Azure Container Registry
Azure Container Registry
An Azure service that provides a registry of Docker and Open Container Initiative images.
487 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. deherman-MSFT 37,876 Reputation points Microsoft Employee
    2024-01-31T18:45:39.15+00:00

    We have engaged offline and they have been connected with our Service Team to review this issue.

    If you still have questions, please let us know in the "comments" and we would be happy to help you. Comment is the fastest way of notifying the experts. If the answer has been helpful, we appreciate hearing from you and would love to help others who may have the same question. Accepting answers helps increase visibility of this question for other members of the Microsoft Q&A community. Thank you for helping to improve Microsoft Q&A! User's image

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.