Edit

Share via

Build a Cloud Security Explorer query to identify software vulnerabilities in virtual machines (VMs) and container images

  • Article

You can use the Cloud Security Explorer to identify software vulnerabilities. The following examples build queries to identify software vulnerabilities in Virtual Machines (VMs) and container images.

Read Build queries Cloud Security Explorer for an introduction to Cloud Security Explorer queries.

Create a query to identify software vulnerabilities in VMs

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Cloud Security Explorer

    Screenshot of main page of Cloud Security Explorer.

  3. Filter on the software in the VMs to query.

    Screenshot of Cloud Security Explorer query options to retrieve list of VMs with software installed.

  4. Select the View details link of the VM of interest to see the result details. In the Insights section of the Result details pane is a drop-drown list of the software installed on the VM. Select the installed software for review.

    Screenshot shows results of Cloud Security Explorer query to retrieve VMs with software installed.

  5. View the details of the installed software in the Insights section.

    Screenshot shows Cloud Security Explorer query result details and insight results from the selected VM.

Create a query to identify software vulnerabilities in container images

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Cloud Security Explorer

    Screenshot of main page of Cloud Security Explorer.

  3. Filter on the software in the container images to query.

    Screenshot of Cloud Security Explorer query options to retrieve list of container images with software installed.

  4. Select the View details link of the container image of interest to see the result details. In the Insights section of the Result details pane is a drop-drown list of the software installed on the container image. Select the installed software for review.

    Screenshot shows results of Cloud Security Explorer query to retrieve container images with software installed.

  5. View the details of the installed software in the Insights section.

    Screenshot shows Cloud Security Explorer query result details and insight results from the selected containers image.