Edit

Share via

How to find Azure Container Registry image vulnerability scanning results

This article discusses how to view Azure Container Registry (ACR) image vulnerability scanning results in Microsoft Cloud for Defender.

View image vulnerability scanning results

Check the status of the Agentless container vulnerability assessment extension

  1. In the Azure portal, navigate to the Microsoft Defender for Cloud. Under Management, select the Environment Settings page.

  2. Select your Azure subscription, and then select Settings.

  3. Make sure that the Agentless container vulnerability assessment extension is set to On.

    Screenshot of selecting 'Agentless container registries vulnerability assessment' component.

    If you don't see the setting, upgrade Microsoft Defender for Cloud to Defender CSPM plan, Defender for Containers plan or Defender for Container Registries plan.

  4. Select Continue.

  5. Select Save.

Find vulnerability assessment results

  1. In the Azure portal, navigate to Microsoft Defender for Cloud.

  2. Under General, select Recommendations.

  3. Search for recommendations that are titled Azure registry container images should have vulnerabilities resolved. The following screenshot shows an example recommendation:

    Screenshot that shows the registry container images related recommendations.

Verify registry images vulnerability

We recommend that you rebuild the images by using the latest base images and packages, push them again to the container registry, and then wait for the new scan results.

If vulnerabilities are still detected in Microsoft Cloud for Defender, you will have to work with the package developer to fix them.

Why some vulnerabilities are not detected by Microsoft Defender for Cloud

The success rate in detecting vulnerabilities can vary depending on the security tools that are used and the conditions they use for assessment. For example, certain parameters and conditions that third-party tools rely on might not be included in Microsoft Defender for Cloud's vulnerability assessments. Conversely, parameters that are used by Microsoft Defender for Cloud's ACR vulnerability assessments might not be covered by some third-party tools. The different detection criteria can cause discrepancies between the lists of vulnerabilities that are identified by different tools.

Contact us for help

If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.