Azure Defender should be enabled for Container Registries


Azure Defender for Container Registries scans container images for vulnerabilities when an image is pushed to the registry, imported into the registry, or pulled within the last 30 days from the registry.

Remediation Steps

Azure Portal

  • Navigate to Security Center.

  • In the left navigation, select Pricing & Settings.

  • Select the Subscription Name.

  • In the left navigation, select Azure Defender plans.

  • Verify that Azure Defender is on.

  • In the table under Container Registries, select On.

  • Click Save.

Azure CLI

Remediation is not possible via the CLI.