AtIgniteAzure SecurityCenterteamannouncedmanynewfeatures and capabilities in the CSPMand the CWPPsegments.The entire list can be found in this blog post.
One out of many areas that the product team invested a lot of resources and innovationis the containersworkload andspecificallyAKS(Azure Kubernetes Service).
The new capabilities in thispublicpreview release include:
Discovery & Visibility - Continuous discovery of managed AKS instances within Security Center’s registered subscriptions.
Secure Score recommendations - Actionable items to help customers comply to security best practices in AKS as part of the customer’s Secure Score, such as "Role-Based Access Control should be used to restrict access to a Kubernetes Service Cluster".
Threat Detection - Host and cluster-based analytics, such as “A privileged container detected”.
Scan container images in Azure Container Registry (ACR) for vulnerabilities.
You can learn more about these capabilities reading the following articles: