Azure Defender should be enabled for Kubernetes Services


Azure Defender for Kubernetes monitors cluster logs for threats, such as exposed Kubernetes dashboards, over-privileged roles, digital currency mining, deleted Kubernetes events, and more.

Remediation Steps

Azure Portal

  • Navigate to Security Center.

  • In the left navigation, select Pricing & Settings.

  • Select the Subscription Name.

  • In the left navigation, select Azure Defender plans.

  • Verify that Azure Defender is on.

  • In the table under Kubernetes, select On.

  • Click Save.

Azure CLI

Remediation is not possible via the CLI.