Skip to main content

No vulnerability data received (Azure)

Administrators may notice servers or containers from Microsoft Azure showing No Vulnerability data received in Vanta on the Vulnerabilities page.

Troubleshooting

Follow the steps below based on the type of Azure resource you're troubleshooting. Steps 1 and 2 apply to both servers and containers.

Step 1: Confirm the Microsoft Defender for Cloud feature is enabled in Vanta (Servers & Containers)

Go to the Azure integration permissions page and confirm that the Microsoft Defender for Cloud feature is toggled ON (purple).

Step 2: Confirm the correct plan is enabled in Azure (Servers & Containers)

In Azure, go to Microsoft Defender for Cloud > Environment Settings > [Select the relevant subscription] and verify the appropriate plan is enabled:

  • For servers: Confirm the Servers plan is enabled (Plan 1 or Plan 2 both work). Ensure monitoring coverage is set to Full.

  • If monitoring coverage is not set to Full, click into the settings and confirm that Vulnerability assessment for machines is turned on. You may also use agentless scanning for machines.

  • Next, go to Environment Settings > [Select the subscription] > Settings > Security Policies and ensure that "Microsoft cloud security benchmark" is set to ON.

  • For containers: Confirm the Containers plan is enabled. Ensure monitoring coverage is set to Full.

  • If monitoring coverage is not set to Full, click into the settings and confirm that Registry Access is turned on. You may also optionally use agentless scanning for machines.

Step 3: Confirm a scan has been completed

For servers:

Go to Microsoft Defender for Cloud > Recommendations and search for "Machines should have vulnerability findings resolved." You should see the server listed under the Affected Resource column.

  • If there is no entry for that recommendation, first make sure the server is powered on (its status should not be "stopped").

  • If the server is running but the recommendation still isn't showing, confirm it is not on an exemption list.

  • If the server is running, not on an exemption list, and the recommendation still doesn't appear, Vanta will display "No Vulnerability Data Received" -- because Vanta pulls vulnerability data from that specific recommendation. To fix this, run a Defender scan on the server. Administrators can reach out to Microsoft support to further troubleshoot why the recommendation is not appearing.

For containers:

Go to Microsoft Defender for Cloud > Recommendations and search for "Container images in Azure registry should have vulnerability findings resolved." You should find the container listed under the Affected Resource column.

  • If a scan has not yet been completed for that container, you will need to wait until one is performed. Until then, the "No Vulnerability Data Received" status is expected and correct.

What if I Recently Enabled a Server Scanning Plan?

If you recently enabled a scanning plan (for servers or containers), you will need to wait for the scheduled scan to run.

  • If the scan runs and no vulnerabilities are found: The resource is considered healthy and the status in Vanta will change to "No Actionable Vulnerabilities Found."

  • If the scan runs and vulnerabilities are found: They will be listed in the relevant Defender recommendation:

    • Servers: "Machines should have vulnerability findings resolved"

    • Containers: "Container images in Azure registry should have vulnerability findings resolved"

  • These vulnerabilities will also appear in Vanta. If they do not appear in Vanta, please send a screenshot of the relevant recommendation with the resource name in view and the Findings tab open.​