Azure Kubernetes Services integration with Security Center

Azure Kubernetes Service (AKS) is Microsoft's managed service for developing, deploying, and managing containerized applications.

Use AKS together with Azure Security Center's standard tier (see pricing) to gain deeper visibility to your AKS nodes, cloud traffic, and security controls.

Security Center brings security benefits to your AKS clusters using data already gathered by the AKS master node.

Azure Security Center and Azure Kubernetes Service (AKS) high-level overview

Together, these two tools form the best cloud-native Kubernetes security offering.

Benefits of integration

Using the two services together provides:

  • Security recommendations - Security Center identifies your AKS resources and categorizes them: from clusters to individual virtual machines. You can then view security recommendations per resource. For more information, see the containers recommendations in the reference list of recommendations.

  • Environment hardening - Security Center constantly monitors the configuration of your Kubernetes clusters and Docker configurations. It then generates security recommendations that reflect industry standards.

  • Run-time protection - Through continuous analysis of the following AKS sources, Security Center alerts you to threats and malicious activity detected at the host and AKS cluster level:

    • Raw security events, such as network data and process creation
    • The Kubernetes audit log

    For more information, see threat protection for Azure containers

    For the list of possible alerts, see these sections in the alerts reference table: AKS cluster level alerts and Container host level alerts.

Azure Security Center and Azure Kubernetes Service (AKS) in more detail

Note

Some of the data scanned by Azure Security Center from your Kubernetes environment may contain sensitive information.

Next steps

To learn more about Security Center's container security features, see: