: Onboard Azure Accounts for Agentless Scanning
Focus
Focus

Onboard Azure Accounts for Agentless Scanning

Table of Contents

Onboard Azure Accounts for Agentless Scanning

Agentless scanning lets you inspect the risks and vulnerabilities of a cloud workload without having to install an agent or affecting the execution of the workload. Prisma Cloud gives you the flexibility to choose between agentless and agent-based security using Defenders. Currently, Prisma Cloud supports agentless scanning on Azure hosts, containers, and clusters for vulnerabilities and compliance. To learn more about how agentless scanning works, refer to our article on Agentless scanning architecture.
To enable agentless scanning for Prisma Cloud Enterprise Edition (PCEE or SaaS) in Azure, complete the following tasks.
  1. Onboard the Azure Cloud account you want to use for agentless scanning in Prisma Cloud.
  2. Configure the onboarded account in Prisma Cloud.

Start an Agentless Scan

Agentless scans start immediately after onboarding the cloud account. By default, agentless scans are performed every 24 hours, but you can change the interval on the
Manage > System > Scan
page under
Scheduling > Agentless
.
To manually start a scan, complete the following steps.
  1. Go to
    Compute > Manage > Cloud accounts
    .
  2. Click the scan icon on the top right corner of the accounts table.
  3. Click
    Start Agentless scan
    .
  4. Click the scan icon in the top right corner of the console to view the scan status.
  5. View the results.
    1. Go to
      Compute > Monitor > Vulnerabilities > Hosts
      or
      Compute > Monitor > Vulnerabilities > Images
      .
    2. Click on the
      Filter hosts
      text bar.
    3. Select the
      Scanned by
      filter.
    4. Select the
      Agentless
      filter.

Recommended For You