Administrators may notice they have containers coming from Microsoft Azure showing No Vulnerability data received in Vanta on the Vulnerabilities page:
Troubleshooting
Please ensure you have the Microsoft Defender for Cloud product feature enabled by going to this page and confirming it is toggled ON (purple):
Please ensure that inside Azure --> Microsoft Defender for Cloud --> Environment settings --> [Select the subscription the container is on] and confirm that you have the container plan enabled:
If monitoring coverage is not set to full, please click into the settings:
And confirm that Registry Access is turned on. You can also use optionally use agentless scanning for machines:
If you have a plan enabled with the correct settings please also confirm a scan has been completed on the container. You can find this by going to Microsoft Defender for Cloud --> Recommendations then searching for "Container images in Azure registry should have vulnerability findings resolved":
You should find the container name listed under the "Affected Resource" column. If a scan has not yet been completed for said container, you will need to wait until one is performed. Until then, the status indicating "no vulnerability data received" is expected and correct.
What if I Recently Enabled a Container Scanning Plan?
If you recently enabled the container scanning plan you will need wait for the scheduled scan to run. If an initial scan is ran and not vulnerabilities are found the container, the container is considered healthy and the status in vanta will change to "No Actionable Vulnerabilities".
If a scan is ran and vulnerabilities are found they will be listed in the "Container images in Azure registry should have vulnerability findings resolved" recommendation:
And these vulnerabilities will also appear in Vanta: