With the release of image scanning using Microsoft Defender for container registries, we received enormous interest in findings among wide audiences including traditional Microsoft Defender for Cloud...
Updated Nov 30, 2021
Version 5.0
Blog Post
4 MIN READ
Enhance your CI/CD deployment by using Vulnerability Assessments from Microsoft Defender for ACR
I've noticed the following on Microsoft docs:
| Unsupported registries and images: | Windows images 'Private' registries Registries with access limited with a firewall, service endpoint, or private endpoints such as Azure Private Link Super-minimalist images such as https://hub.docker.com/_/scratch/ images, or "Distroless" images that only contain an application and its runtime dependencies without a package manager, shell, or OS |
& the following on Microsoft security baselines:
Guidance: Azure Virtual Network provides secure, private networking for your Azure and on-premises resources. By limiting access to your private Azure container registry from an Azure virtual network, you ensure that only resources in the virtual network access the registry. For cross-premises scenarios, you can also configure firewall rules to allow registry access only from specific IP addresses. From behind a firewall, configure firewall access rules and service tags to access your container registry
Are there any plans for Microsoft to support Azure Defender for container registries that do not have public access?