View and remediate vulnerabilities for registry images (risk-based)

Note

This page describes the new risk-based approach to vulnerability management in Defender for Cloud. Defender for CSPM customers should use this method. To use the classic secure score approach, see View and remediate vulnerabilities for registry images (Secure Score).

Defender for Cloud offers customers the capability to remediate vulnerabilities in container images while they're still stored in the registry. Additionally, it conducts contextual analysis of the vulnerabilities in your environment, aiding in prioritizing remediation efforts based on the risk level associated with each vulnerability.

In this article, we review the Container images in Azure registry should have vulnerability findings resolved recommendation. For the other clouds, see the parallel recommendations in Vulnerability assessments for AWS with Microsoft Defender Vulnerability Management and Vulnerability assessments for GCP with Microsoft Defender Vulnerability Management.

View vulnerabilities on a specific container image

  1. In Defender for Cloud, open the Recommendations page. If you're not on the new risk-based page, select Recommendations by risk on the top menu. If issues were found, you'll see the recommendation Container images in Azure registry should have vulnerability findings resolved. Select the recommendation.

    Screenshot showing the line for recommendation container registry images should have vulnerability findings resolved.

  2. The recommendation details page opens with additional information. This information includes details about your registry image and the remediation steps.

    Screenshot showing the recommendation details and affected registries.

  3. Select the Findings tab to see the list of vulnerabilities impacting the registry image.

    Screenshot showing the list of vulnerabilities impacting the registry image.

  4. Select each vulnerability for a detailed description of the vulnerability, additional images affected by that vulnerability, information on the software version that contributes to resolving the vulnerability, and links to external resources to help with patching the vulnerability.

    Screenshot showing the list of findings on the specific image.

To find all images impacted by a specific vulnerability, group recommendations by title. For more information, see Group recommendations by title.

For information on how to remediate the vulnerabilities, see Remediate recommendations.

Next step