Investigate Resource Health

Implementation Effort: Low
This task involves using built-in dashboards and tools in Microsoft Defender for Cloud to assess the health and security posture of container resources, requiring minimal configuration.

User Impact: Low
Only security administrators or SOC analysts are involved in this activity; no action is needed from end users.

Overview

Investigating resource health in Microsoft Defender for Containers helps security teams identify misconfigurations, vulnerabilities, and threats affecting containerized workloads across Azure, AWS, GCP, and hybrid environments. This process ensures that all container resources are operating securely and are compliant with organizational policies.

Key actions include:

• Accessing the Resource Health page in Microsoft Defender for Cloud.
• Reviewing outstanding security recommendations and alerts.
• Evaluating the deployment status of Defender components (e.g., sensors, agents).
• Using Threat Analytics and incident graphs to trace attack paths and understand the scope of threats 1 2.

This activity supports the Zero Trust principle of "Verify Explicitly" by continuously assessing the health and security posture of container resources based on real-time telemetry and threat intelligence.

Risks if not implemented: Without regular health checks, misconfigurations or missing protections may go unnoticed, increasing the risk of successful attacks or compliance violations.

Reference

• Investigate and respond to container threats in the Microsoft Defender portal
• Overview of Microsoft Defender for Containers
• Tutorial - Investigate the health of your resources