Deploying partner vulnerability scanners to virtual machines

%3CLINGO-SUB%20id%3D%22lingo-sub-1616347%22%20slang%3D%22en-US%22%3EDeploying%20partner%20vulnerability%20scanners%20to%20virtual%20machines%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1616347%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20Team%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20am%20looking%20for%20a%20solution%20to%20deploy%20%22deploying%20partner%20vulnerability%20scanners%20to%20virtual%20machines%20using%20(Third%20party%20vulnerability%20solution%20BYOL%20)%22%20.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20have%20created%20a%20partner%20vulnerability%20solution%20using%20REST%20API%20method%20and%20modified%20to%20loop%20over%20all%20subscriptions.%3C%2FP%3E%0A%3CDIV%3E%3CA%20tabindex%3D%22-1%22%20title%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity-center%2Fpartner-vulnerability-assessment%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity-center%2Fpartner-vulnerability-assessment%22%20target%3D%22_blank%22%20rel%3D%22noreferrer%20noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity-center%2Fpartner-vulnerability-assessment%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3EThe%20above%20solution%20though%20I%20select%20AutoDeploy%20ON%20it%20will%20not%20link%20existing%20VM%20to%20solution%20in%20Azure%20Security%20Center.%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3ECan%20anyone%20help%20me%20to%20find%20automated%20way%20to%20deploy%26nbsp%3Bpartner%20vulnerability%20scanners%20to%20virtual%20machines%20across%20200%20subscriptions%20VM's.%26nbsp%3B%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3EThanks%20in%20Advance.%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1643222%22%20slang%3D%22en-US%22%3ERe%3A%20Deploying%20partner%20vulnerability%20scanners%20to%20virtual%20machines%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1643222%22%20slang%3D%22en-US%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F733486%22%20target%3D%22_blank%22%3E%40Sahitya95%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Ewe're%20currently%20working%20on%20providing%20a%20script%20that%20will%20enable%20you%20to%20attach%20the%20BYOL%20VA%20solution%20to%20existing%20VMs.%20Once%20it's%20finished%2C%20it%20will%20be%20published%20in%20our%26nbsp%3B%3CA%20title%3D%22ASC%20GitHub.%22%20href%3D%22https%3A%2F%2Fgithub.com%2FAzure%2FAzure-Security-Center%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Security%20Center%20GitHub.%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAs%20a%20short%20cut%2C%20the%20REST%20API%20call%20to%20attach%20the%20VA%20solution%20to%20existing%20VMs%20is%3C%2FP%3E%0A%3CPRE%20class%3D%22lia-code-sample%20language-applescript%22%3E%3CCODE%3EPUT%20https%3A%2F%2Fmanagement.azure.com%2Fsubscriptions%2F%7BSubscriptionId%7D%2FresourceGroups%2F%7BRG%7D%2Fproviders%2FMicrosoft.Security%2Flocations%2F%7BsubscriptionLocation%7D%2FsecuritySolutions%2F%7BSolutionName%7D%2FprotectedResources%3F%7BapiVersion%20%7D%3C%2FCODE%3E%3C%2FPRE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBest%20regards%2C%3C%2FP%3E%0A%3CP%3ETom%20Janetscheck%3C%2FP%3E%0A%3CP%3ESenior%20Program%20Manager%3C%2FP%3E%0A%3CP%3ECxE%20%7C%20Azure%20Security%20Center%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

Hello Team,

 

I am looking for a solution to deploy "deploying partner vulnerability scanners to virtual machines using (Third party vulnerability solution BYOL )" .

 

I have created a partner vulnerability solution using REST API method and modified to loop over all subscriptions.

 
The above solution though I select AutoDeploy ON it will not link existing VM to solution in Azure Security Center.
 
Can anyone help me to find automated way to deploy partner vulnerability scanners to virtual machines across 200 subscriptions VM's.  
 
Thanks in Advance.
 
 
1 Reply

Hello @Sahitya95 

we're currently working on providing a script that will enable you to attach the BYOL VA solution to existing VMs. Once it's finished, it will be published in our Azure Security Center GitHub. 

 

As a short cut, the REST API call to attach the VA solution to existing VMs is

PUT https://management.azure.com/subscriptions/{SubscriptionId}/resourceGroups/{RG}/providers/Microsoft.Security/locations/{subscriptionLocation}/securitySolutions/{SolutionName}/protectedResources?{apiVersion }

 

Best regards,

Tom Janetscheck

Senior Program Manager

CxE | Azure Security Center