Forum Discussion
Defender and Plans
Hi What is considered before enabling the various Microsoft Defender plans? - enable all by resources type or enable the specific ones? (what your subscription contains) There are no cost if...
StanislavBelov
Microsoft
MicrosoftYou are only charged for resources being used and protected. It's recommended to enable all defender plans to make sure when new resources get provisioned Defender for Cloud will start monitoring and protecting them right away.
Defender for Containers internals are very well documented here: https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-enable?tabs=aks-deploy-portal%2Ck8s-deploy-asc%2Ck8s-verify-asc%2Ck8s-remove-arc%2Caks-removeprofile-api&pivots=defender-for-container-aks
Defender for Containers internals are very well documented here: https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-enable?tabs=aks-deploy-portal%2Ck8s-deploy-asc%2Ck8s-verify-asc%2Ck8s-remove-arc%2Caks-removeprofile-api&pivots=defender-for-container-aks
What happens on the single VM when enabling the Defender for Servers plan? - and if auto provision is disabled?
The recommendation/Best Practices is to enable all Defender plans but when auto provision is enabled a lot of Managed Identities gets created (e.g enabling containers) - is there a way to "avoid" all/some of these Managed Identities, as it is possible to use the authentication tokens from a compromised managed identity?