Azure Kubernetes Services integration with Security Center
Azure Kubernetes Service (AKS) is Microsoft's managed service for developing, deploying, and managing containerized applications.
Use AKS together with Azure Security Center's standard tier (see pricing) to gain deeper visibility to your AKS nodes, cloud traffic, and security controls.
Security Center brings security benefits to your AKS clusters using data already gathered by the AKS master node.
Together, these two tools form the best cloud-native Kubernetes security offering.
Benefits of integration
Using the two services together provides:
Security recommendations - Security Center identifies your AKS resources and categorizes them: from clusters to individual virtual machines. You can then view security recommendations per resource. For more information, see the containers recommendations in the reference list of recommendations.
Environment hardening - Security Center constantly monitors the configuration of your Kubernetes clusters and Docker configurations. It then generates security recommendations that reflect industry standards.
Run-time protection - Through continuous analysis of the following AKS sources, Security Center alerts you to threats and malicious activity detected at the host and AKS cluster level:
- Raw security events, such as network data and process creation
- The Kubernetes audit log
For more information, see threat protection for Azure containers
Some of the data scanned by Azure Security Center from your Kubernetes environment may contain sensitive information.
To learn more about Security Center's container security features, see: