Build a Cloud Security Explorer query to identify software vulnerabilities in virtual machines (VMs) and container images

You can use Cloud Security Explorer to identify software vulnerabilities. The following examples show how to build queries for virtual machines (VMs) and container images.

For an introduction to Cloud Security Explorer queries, see Build queries with Cloud Security Explorer.

Create a query to identify software vulnerabilities in VMs

To create a query that finds software vulnerabilities in VMs:

1. Sign in to the Azure portal.

2. Go to Microsoft Defender for Cloud > Cloud Security Explorer.

   

3. Filter for the software installed on VMs.

   

4. Select View details for the VM you want to investigate.

5. In the Result details pane, go to Insights and select the software from the drop-down list for review.

   

6. View the details of the installed software in the Insights section.

   

Create a query to identify software vulnerabilities in container images

To create a query that finds software vulnerabilities in container images:

1. Sign in to the Azure portal.

2. Go to Microsoft Defender for Cloud > Cloud Security Explorer.

   

3. Filter for the software installed in container images.

   

4. Select View details for the container image you want to investigate.

5. In the Result details pane, go to Insights and select the software from the drop-down list for review.

   

6. View the details of the installed software in the Insights section.