Check Resource Coverage

Implementation Effort: Low
This task involves using built-in tools in Microsoft Defender for Cloud to review coverage status, which can be done by security admins without requiring major changes or deployments.

User Impact: Low
Only administrators or security teams need to take action; end users are not affected or required to participate.

Overview

Checking resource coverage in Microsoft Defender for Containers ensures that all relevant Kubernetes clusters, container registries, and workloads are properly onboarded and monitored. This step is critical to verify that Defender for Containers is actively protecting your assets across Azure, AWS, GCP, and on-premises environments.

Administrators can use the Azure portal, Defender for Cloud security explorer, or resource filters to:

• Identify unmonitored or partially monitored Kubernetes clusters.
• Detect missing sensors or agents.
• Review outstanding recommendations related to container security.
• Validate that runtime threat protection and vulnerability assessments are active.

This activity supports the Zero Trust principle of "Verify Explicitly" by ensuring that all container resources are continuously monitored and assessed for security posture and threats.

Risks if not implemented: If resource coverage is incomplete, critical workloads may be left unprotected, leading to blind spots in threat detection and compliance gaps.

Reference

• Overview of Microsoft Defender for Containers
• Configure Microsoft Defender for Containers components
• Protect your Azure containers with Defender for Containers