Editar

Configure vulnerability assessment for JFrog Artifactory

Onboard a JFrog Artifactory tenant to Microsoft Defender for Cloud to enable agentless vulnerability assessment for container images.

JFrog Artifactory is supported as an external registry. After onboarding, images are scanned and vulnerability findings are surfaced as recommendations.

Each connector represents a single JFrog Artifactory tenant. To onboard multiple tenants, create a separate connector for each one.

Prerequisites

  • An Azure subscription with Microsoft Defender for Cloud enabled. If you don't have one, create an Azure account.

  • Security administrator permissions (or higher) in Microsoft Defender for Cloud.

  • One of the following plans enabled:

    • Defender for Containers
    • Defender CSPM

  • A JFrog Artifactory (Cloud) tenant with administrative access.

  • JFrog CLI installed.

  • jq JSON parser installed.

Onboard JFrog Artifactory to Defender for Cloud

  1. Sign in to the Azure portal.

  2. Go to Microsoft Defender for Cloud > Environment settings.

  3. Select Add environment > JFrog.

    Screenshot of selecting Add environment and JFrog in Environment settings.

  4. Enter a Connector name.

  5. Select a Location.

  6. Select a Subscription and a Resource group.

  7. Select a Scanning interval.

  8. Enter the Server ID (JFrog Artifactory URL prefix).

    Screenshot of the JFrog connector details page showing connector fields.

  9. Select Next : Select plans >.

  10. Under the Status column, toggle on the relevant plans:

    • Foundational CSPM: Inventory only
    • Defender for Containers: Inventory and vulnerability assessment
    • Defender CSPM: Adds contextual risk signals

    Screenshot of the select plans page for JFrog Artifactory.

  11. Select Next : Configure access >.

  12. Select your operating system.

  13. Download the generated connection script and run it using the JFrog CLI.

    Screenshot of the configure access page showing operating system selection and connection script.

  14. Select Next : Review and generate >.

  15. Select Create.

Validate onboarding

After onboarding completes:

  • Verify the Connectivity status for your JFrog environment shows as Connected in Environment settings.

  • Verify images from your JFrog Artifactory tenant appear in Inventory in Defender for Cloud.

  • Verify vulnerability recommendations for your JFrog images appear in Defender for Cloud.

Scanning typically begins within one hour after onboarding.

Related content

  • Last updated on