Rediger

Del via

Review and remediate malware alerts for Kubernetes nodes

Defender for Containers uses the Microsoft Defender Antivirus anti-malware engine to scan Kubernetes nodes for malicious files. When malware is detected, Defender for Cloud generates security alerts that can be investigated and remediated in Defender for Cloud and Defender XDR.

Prerequisites

Before you begin, make sure that:

Review and remediate Kubernetes node malware alerts

  1. Sign in to the Azure portal.

  2. Go to Microsoft Defender for Cloud > Security alerts.

  3. Select the relevant malware alert for the Kubernetes node.

    Screenshot of selecting the line showing the malware security alert for the Kubernetes node.

  4. Select View full details to review the detected malware, including affected node pools and malware files.

    Screenshot of selecting the view full details button to view the full details.

  5. Select Next: Take Action >> to open the remediation guidance.

    Screenshot of selecting the take action tab to see the instructions to remediate the threat.

  6. Follow the recommended steps to remediate the threat.

    Screenshot showing the instructions to remediate the threat.

Related content

  • Last updated on