Remove vulnerable container images#
Remove container images with known vulnerabilities.
When Azure Defender for container registries is enabled, Azure Defender scans container images. Container images are scanned for known vulnerabilities and marked as healthy or unhealthy. Vulnerable container images should not be used.
Consider using removing container images with known vulnerabilities.
This rule applies when analyzing resources deployed (in-flight) to Azure.
- Introduction to Azure Defender for container registries
- Container security in Security Center
- Secure the images and run time
- Follow best practices for container security