This chapter covers Microsoft Defender for Containers and its integration with Azure Kubernetes Service (AKS), a critical topic for the AZ-500 exam. You will learn how Defender for Containers provides threat detection, vulnerability assessment, and compliance monitoring for containerized environments. Expect 15-20% of Security Operations questions to touch on container security, and up to 10% to focus specifically on Defender for Containers and AKS. Mastering this material is essential for passing the exam and for securing real-world container deployments.
Jump to a section
Imagine a busy shipping port (your AKS cluster) where thousands of containers (your pods) are constantly being loaded, unloaded, and moved between ships (nodes). Each container has its own manifest (image layers) and cargo (application code). The port authority needs to inspect every container for dangerous goods (vulnerabilities), ensure no unauthorized containers enter (image integrity), and monitor all crane operations (runtime behavior) for suspicious activity. Microsoft Defender for Containers acts like a high-tech customs and surveillance system. First, it scans every container's manifest before it enters the port (image scanning in ACR or during pull). It maintains a registry of known dangerous cargo (threat intelligence feeds). During operations, it watches all crane movements and container interactions via security cameras and sensors (eBPF-based runtime monitoring on each node). If a crane starts moving containers erratically or a container leaks toxic fumes (privilege escalation or malware), the system immediately alerts port security (alerts in Defender for Cloud) and can even remotely shut down the suspicious crane (automatic response). The system also tracks which shipping lines (namespaces) are most active and which containers have been sitting too long (compliance checks). Without this system, the port would be vulnerable to smuggling, theft, and accidents — just as an unmonitored cluster is vulnerable to container escapes, cryptojacking, and data exfiltration.
What is Microsoft Defender for Containers and Why It Exists
Microsoft Defender for Containers is a cloud-native security solution within Microsoft Defender for Cloud that protects your Kubernetes clusters, including AKS, Amazon EKS, Google GKE, and on-premises clusters. It provides three core capabilities: - Vulnerability assessment: Scans container images in Azure Container Registry (ACR) and other registries for known vulnerabilities (CVEs). - Runtime threat detection: Monitors cluster activities, including node-level and Kubernetes audit logs, to detect suspicious behavior. - Compliance and hardening: Assesses clusters against industry standards like CIS benchmarks for Kubernetes and Azure Security Benchmark.
Why does this exist? Containers introduce unique security challenges: they share the host kernel, images may contain outdated libraries, and Kubernetes itself has a large attack surface (e.g., misconfigured RBAC, exposed dashboards). Defender for Containers addresses these by providing a single pane of glass for container security, integrating with your CI/CD pipeline, and automating detection of threats like cryptojacking, container escapes, and privilege escalations.
How Defender for Containers Works Internally
Defender for Containers operates at multiple layers:
1. Image Scanning When you push an image to ACR, Defender automatically triggers a scan. It extracts the image layers and compares the installed packages against a database of known vulnerabilities (CVE database updated daily). The scan is agentless — it happens in the registry, not on the cluster. Scans are free for the first 30 days after enabling Defender for Containers; after that, images are scanned on pull and weekly. The scanning engine uses the same technology as Microsoft Defender for Cloud's vulnerability assessment for VMs.
2. Cluster-Level Threat Detection
Defender for Containers uses two data sources:
- Kubernetes audit logs: It enables the Kubernetes audit log feature (if not already enabled) and streams these logs to Defender for Cloud. It analyzes API requests for suspicious patterns, such as attempts to create pods with privileged containers, use of host network, or mounting of sensitive host paths.
- Node-level monitoring via an Azure Arc-enabled Kubernetes extension: On each AKS node, Defender deploys a DaemonSet (called microsoft.azuredefender.kubernetes) that uses eBPF (Extended Berkeley Packet Filter) to monitor system calls and network traffic at the kernel level. This allows detection of container escapes (e.g., a process breaking out of its container namespace), crypto mining processes, and unusual network connections.
3. Compliance and Hardening
Defender for Containers continuously assesses your cluster against the CIS Kubernetes Benchmark (v1.6.1 for AKS). It checks 100+ rules, such as:
- --anonymous-auth should be set to false
- --authorization-mode should include RBAC
- Pod Security Policies (or OPA/Gatekeeper) should be enforced
- etcd should have TLS encryption
Results appear as recommendations in Defender for Cloud with a severity level and a remediation step.
Key Components, Values, Defaults, and Timers
Default scan frequency for images: On push to ACR and weekly for images that have been pulled in the last 30 days.
Audit log retention: Kubernetes audit logs are retained for 90 days in Defender for Cloud.
eBPF monitoring: Installed as a DaemonSet with resource limits: CPU 250m, memory 256Mi per node. It does not require privileged containers.
Alert severity: Defender for Cloud uses four levels: Informational, Low, Medium, High. Container alerts are mostly Medium and High.
CIS benchmark version: AKS clusters are assessed against CIS AKS Benchmark v1.6.1.
Pricing: Defender for Containers is billed per cluster per hour. As of 2025, the price is approximately $0.03 per cluster per hour (free for the first 30 days per cluster).
Configuration and Verification Commands
To enable Defender for Containers on an AKS cluster via Azure CLI:
# Enable Defender for Cloud on the subscription (if not already)
az security pricing create -n Containers --tier Standard
# Or enable at the cluster level (recommended)
az aks update --name myAKSCluster --resource-group myResourceGroup --enable-defenderTo verify that Defender is enabled:
az aks show --name myAKSCluster --resource-group myResourceGroup --query securityProfileOutput should show "defender": {"enabled": true}.
To check the status of the Defender DaemonSet:
kubectl get pods -n kube-system -l app=defenderTo view alerts for a cluster in Defender for Cloud:
az security alert list --query "[?contains(properties.compromisedEntity, 'myAKSCluster')]"How It Interacts with Related Technologies
Azure Policy for Kubernetes: Defender for Containers can integrate with Azure Policy to enforce security configurations (e.g., disallow privileged containers). The Defender recommendation "Kubernetes clusters should not use the default namespace" can be enforced via a built-in policy.
Azure Container Registry (ACR): Defender scans images in ACR. You can also enable Defender for ACR (separate plan) for additional registry-specific threat detection, but Defender for Containers already includes image scanning.
Azure Sentinel: You can stream Defender for Cloud alerts to Sentinel for advanced correlation and incident response.
Azure Arc: Defender for Containers supports non-Azure clusters via Azure Arc-enabled Kubernetes. The same eBPF-based monitoring is deployed on those clusters.
Threat Detection Examples
Defender for Containers generates alerts for scenarios like:
- Crypto mining: Detection of CPU spikes and network connections to known mining pools.
- Privileged container creation: API calls to create a pod with privileged: true.
- Container escape: System calls indicating a process has broken out of its container (e.g., using nsenter or unshare).
- Suspicious network activity: Connections to known malicious IPs or unusual ports.
- Kubernetes dashboard exposure: An API request that exposes the dashboard via a LoadBalancer service.
Each alert includes a description, severity, affected entities (pod, node, cluster), and recommended remediation steps.
Enable Defender for Containers
First, ensure your Azure subscription has Defender for Cloud enabled at the Standard tier for containers. You can do this via the Azure portal (Defender for Cloud > Environment settings > Select subscription > Defender plans > Containers > On) or using Azure CLI. This action activates the container security plan, which includes image scanning, runtime monitoring, and compliance assessments. The plan is billed per cluster per hour, with a 30-day free trial per cluster. After enabling, Defender for Cloud begins deploying the necessary agents on your AKS clusters.
Verify Agent Deployment
Once enabled, Defender for Cloud deploys a DaemonSet named `microsoft.azuredefender.kubernetes` in the `kube-system` namespace. This DaemonSet runs on each node and uses eBPF to monitor system calls and network activity. Verify deployment using `kubectl get pods -n kube-system -l app=defender`. If pods are not in Running state, check node resource constraints or network policies that might block the agent. The agent requires outbound connectivity to the Defender for Cloud backend (specific endpoints are documented).
Review Image Scan Results
Defender automatically scans images stored in ACR when they are pushed or pulled. Scan results appear in Defender for Cloud under Recommendations > Container images should be scanned for vulnerabilities. Each vulnerability lists the CVE ID, severity (Critical, High, Medium, Low), and a fix (e.g., update a package). You can trigger an on-demand scan using the Azure CLI: `az acr scan --registry myregistry --image myimage:tag`. Scan results are also available via the ACR portal under Services > Vulnerabilities.
Monitor Security Alerts
Security alerts generated by Defender for Containers appear in the Defender for Cloud Alerts blade. Filter by resource type 'Container' to see cluster-related alerts. Each alert includes a description, affected resource, and remediation steps. Example alerts: 'Crypto miner detected on Kubernetes node' or 'Privileged container created'. Alerts can be configured to trigger automated responses via Azure Logic Apps or sent to SIEM systems via continuous export.
Remediate Recommendations
Defender for Cloud provides recommendations for hardening your cluster, such as 'Kubernetes clusters should disable automounting API credentials' or 'Kubernetes clusters should not use the default namespace'. Each recommendation has a severity, description, and remediation steps (often a kubectl command or Azure CLI). Implement these to improve your secure score. For example, to disable automounting API credentials for a service account, set `automountServiceAccountToken: false` in the pod spec.
Enterprise Scenario 1: E-Commerce Platform with Microservices
A large e-commerce company runs hundreds of microservices on AKS, with images built and pushed to ACR multiple times a day. They need to ensure no vulnerable libraries reach production. Defender for Containers is configured to scan all images on push and block deployment if critical vulnerabilities exist (via Azure Policy integration). In production, they use the runtime monitoring to detect cryptojacking — a common threat where attackers deploy containers that mine cryptocurrency. One incident involved a container that was using excessive CPU and making connections to a known mining pool. Defender alerted within seconds, and the team used the alert to kill the pod and investigate the compromised image. The key lesson: Defender's eBPF-based detection caught the mining process even though the container was not privileged.
Enterprise Scenario 2: Financial Services with Compliance Requirements
A bank runs AKS clusters that must comply with PCI DSS. Defender for Containers provides continuous compliance assessment against the CIS Kubernetes Benchmark. The security team uses the recommendations to enforce RBAC, disable anonymous authentication, and ensure that etcd is encrypted. They also use Defender's integration with Azure Policy to automatically deny the creation of pods that mount sensitive host paths. A common misconfiguration: developers creating pods with hostPID: true to debug, which can lead to container escape. Defender flags this as a high-severity alert. The bank also exports all alerts to Azure Sentinel for correlation with other security events.
Common Pitfalls
Not enabling audit logs: Defender requires Kubernetes audit logs to be enabled. If you disable them, you lose API-level threat detection. Always ensure --enable-audit-log is set (enabled by default in AKS).
Network policies blocking the agent: The Defender agent needs outbound connectivity to specific Azure endpoints. If you have restrictive network policies, the agent may not report status. Check the required FQDNs in the documentation.
Ignoring image scan results: Many teams deploy images with known vulnerabilities because they don't have a process to remediate. Defender's scans are only useful if you act on them. Set up automated build pipelines that block images with critical vulnerabilities.
Exactly What AZ-500 Tests on This Topic
The AZ-500 exam objective 4.1 (Secure containerized workloads) covers:
Implement and manage security for containerized workloads (15-20% of Security Operations)
Configure threat detection for containers using Microsoft Defender for Cloud
Manage vulnerability assessment for container images
Implement compliance and hardening for AKS clusters
Specific tasks you must know:
Enable Defender for Containers via CLI (az aks update --enable-defender) or portal
Understand that image scanning is automatic on push to ACR and weekly for active images
Know that runtime detection uses eBPF and does not require privileged containers
Recognize that Defender for Containers supports AKS, EKS, GKE, and Arc-enabled clusters
Know the CIS benchmark version for AKS (v1.6.1)
Most Common Wrong Answers and Why
"Defender for Containers requires privileged containers to monitor runtime." This is wrong. The eBPF-based agent runs with minimal privileges and does not require privileged: true. Candidates often confuse it with older monitoring solutions that needed privileged access.
"Image scanning only occurs on push." Wrong. Scans also happen weekly for images that have been pulled in the last 30 days. The exam may test this by asking when a vulnerability is detected for an image that hasn't been pushed recently.
"Defender for Containers only works with AKS." Wrong. It also supports Amazon EKS, Google GKE, and on-premises clusters via Azure Arc. The exam may present a scenario with a multi-cloud environment.
"You must manually enable Kubernetes audit logs." In AKS, audit logs are enabled by default when you enable Defender for Containers. However, if you disable them, Defender will not receive API logs. The exam may test the default state.
Specific Numbers and Terms to Memorize
CIS benchmark version: CIS AKS Benchmark v1.6.1
Scan frequency: on push and weekly
Agent name: microsoft.azuredefender.kubernetes
Namespace: kube-system
Resource limits: CPU 250m, memory 256Mi
Pricing: ~$0.03 per cluster per hour (but you don't need exact price, just that it's per cluster)
Audit log retention: 90 days
Edge Cases and Exceptions
If you have an existing Defender for Cloud plan, enabling Defender for Containers may increase costs. The exam may ask about cost implications.
For clusters with node resource constraints (e.g., low memory), the Defender agent may not deploy. You must ensure nodes have sufficient resources.
If the cluster is private (no public endpoint), the agent needs a private link to the Defender backend. This is a common scenario in regulated industries.
How to Eliminate Wrong Answers
Always ask: Does this option require privileged access? If yes, it's likely wrong for Defender for Containers. Does it claim to work only with AKS? Wrong — it supports multiple platforms. Does it mention manual scanning? Wrong — scanning is automatic. By applying these filters, you can quickly eliminate 2-3 options.
Defender for Containers provides image scanning, runtime threat detection, and compliance assessment for AKS and other Kubernetes clusters.
Image scanning is automatic on push to ACR and weekly for images pulled within the last 30 days.
Runtime monitoring uses eBPF and does not require privileged containers.
The agent is deployed as a DaemonSet named microsoft.azuredefender.kubernetes in kube-system.
CIS AKS Benchmark v1.6.1 is used for compliance checks.
Defender for Containers supports AKS, EKS, GKE, and on-premises clusters via Azure Arc.
Alerts include cryptojacking, container escapes, privileged container creation, and suspicious network activity.
Kubernetes audit logs are automatically enabled when you enable Defender for Containers on AKS.
Defender does not automatically remediate vulnerabilities; it only detects and recommends actions.
The cost is per cluster per hour, with a 30-day free trial per cluster.
These come up on the exam all the time. Here's how to tell them apart.
Defender for Containers
Purpose-built for containers: monitors images, Kubernetes audit logs, and runtime via eBPF.
Scans images in ACR automatically on push and weekly.
Provides CIS Kubernetes Benchmark compliance checks.
Supports AKS, EKS, GKE, and Arc-enabled clusters.
Billed per cluster per hour.
Defender for Servers (on AKS nodes)
Designed for VMs: monitors OS-level threats, file integrity, and network activity.
Does not scan container images; only scans the host OS for vulnerabilities.
Provides CIS benchmark for OS (e.g., Windows Server, Linux), not Kubernetes.
Only protects the underlying node OS, not the containers themselves.
Billed per server (node) per hour.
Mistake
Defender for Containers requires a privileged container to monitor runtime activity.
Correct
The agent uses eBPF, which runs in user space and does not require privileged mode. It operates with minimal permissions and is deployed as a non-privileged DaemonSet.
Mistake
Image scanning only occurs when you manually trigger it.
Correct
Scanning is automatic: on every push to ACR and weekly for images that have been pulled within the last 30 days. Manual scanning is possible but not required.
Mistake
Defender for Containers only supports Azure Kubernetes Service (AKS).
Correct
It also supports Amazon EKS, Google GKE, and on-premises clusters via Azure Arc-enabled Kubernetes. The same eBPF-based monitoring works across these environments.
Mistake
You must enable Kubernetes audit logs separately for Defender to work.
Correct
Defender for Containers automatically enables audit logs on AKS clusters when you enable the plan. If audit logs are disabled, Defender will not receive API-level events, but it still provides runtime monitoring.
Mistake
Defender for Containers can automatically remediate vulnerabilities by updating images.
Correct
Defender only detects and alerts. Remediation (e.g., updating the image) must be done manually or through a CI/CD pipeline. It does not automatically patch images.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Yes, Defender for Containers supports Amazon EKS, Google GKE, and on-premises clusters via Azure Arc-enabled Kubernetes. You need to connect the cluster to Azure Arc and then enable Defender for Containers on the Arc-enabled cluster. The same eBPF-based monitoring and image scanning capabilities apply.
Images are scanned automatically on every push to Azure Container Registry (ACR). Additionally, images that have been pulled within the last 30 days are rescanned weekly. There is also a one-time scan for existing images when you first enable Defender for Containers. You can trigger a manual scan using the Azure CLI or portal.
No. The agent uses eBPF (Extended Berkeley Packet Filter) which operates in user space and does not require privileged mode. The DaemonSet runs with standard Kubernetes service account permissions and does not have access to the host's full capabilities. This is a common misconception.
Defender for Containers includes image scanning as part of its capabilities, so you do not need Defender for ACR separately. However, Defender for ACR provides additional registry-specific threat detection (e.g., unusual push patterns) and is billed separately. For most scenarios, Defender for Containers is sufficient for image scanning.
Yes, but you need to ensure the cluster has outbound connectivity to the Defender for Cloud backend. For private clusters, you may need to configure a private link or use a firewall with the appropriate service tags. The agent communicates over HTTPS to specific Azure endpoints.
Alerts appear in Microsoft Defender for Cloud under the 'Security alerts' blade. You can filter by resource type 'Container' to see cluster-related alerts. Each alert includes details such as the affected pod, node, and cluster, along with a description and remediation steps. You can also export alerts to Azure Sentinel or a SIEM via continuous export.
Defender for Containers assesses AKS clusters against the CIS AKS Benchmark version 1.6.1. This benchmark includes over 100 rules covering control plane, etcd, kubelet, and pod security. The results appear as recommendations in Defender for Cloud.
You've just covered Microsoft Defender for Containers and AKS — now see how well it sticks with free AZ-500 practice questions. Full explanations included, no account needed.
Done with this chapter?