---
title: "Microsoft Defender for Cloud"
slug: "azure"
updated: 2026-01-22T17:57:48Z
published: 2026-01-22T17:57:48Z
canonical: "help.nucleussec.com/azure"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Microsoft Defender for Cloud

## Overview

Nucleus enables you to ingest your Microsoft Defender for Cloud data directly into your Nucleus console using an automated connector. The connector uses the APIs provided by Azure Cloud to seamlessly sync data into your Nucleus project for use in analysis, triage, automation, and reporting.

The Azure CSPM ( Microsoft Defender for Cloud) connector supports importing CVE vulnerabilities and misconfiguration findings (recommendation subassessments) for Azure virtual machines , Container Images, and Cloud Resources.

Availability

The Azure / Microsoft Defender for Cloud connector is currently in beta. We are actively looking for customers to trial their connector in their non-production Nucleus projects. Please contact support to have the connector enabled for your Nucleus organization.

## Connector Setup

### Connector Setup Checklist

Follow the steps in this checklist to successfully set up this connector:

1. **API Access** Create an App Registration in Microsoft Azure and generate an OAuth 2.0 client id and secret key
2. **Connector Configuration** Create and configure the connector in your Nucleus project.
3. **Vulnerability Data Ingestion** Create a vulnerability scan ingest rules to ingest vulnerabilities from Microsoft Defender for Cloud.

### 1. API Access

1. Log on to [Azure](https://portal.azure.com/) through a user account that has the "Global Administrator" role.
2. Go to **Azure Active Directory > App registrations > + New registration**.
3. Enter in a descriptive name for this app, such as "Nucleus Security" and click **Register** to complete the registration.
4. In Azure, navigate to **Subscriptions**, and for each subscription that you want to ingest from, navigate to **Access control (IAM)** and click on the **Add**button.
5. Select **Reader** as the role, then add your new app registration as the member.
6. Click on the **Review + assign** button.
7. Navigate back to the app registration that you created, **Certificates & Secrets > Client secrets > + New client secret**.
8. Save the secret value for future use. This is your **Client Secret**.
9. Navigate to **Overview**, and take note of the **Directory (tenant) ID**and **Application (client) ID**.

### 2. Connector Configuration

1. Open Nucleus and Select the Project , Locate **Integration Hub > Connector Setup.**
2. Under the **Scanners** section, click the **Azure CSPM**icon. You will see the following popup:

![](https://cdn.document360.io/3888970a-6501-459e-acc9-c47b71c6d64c/Images/Documentation/Screenshot 2025-09-05 at 4.43.34 PM.png)
3. In the **Setup Azure CSPM Connector**popup, enter the following information:

| Field | Description |
| --- | --- |
| Name | (Optional) enter a name for your connector. If left blank, this will default to Azure. |
| Description | (Optional) Enter a description for your connector. |
| Tenant ID | Enter the Directory (tenant) ID from above. |
| Client ID | Enter the Application (client) ID from above. |
| Client secret | Enter the Client Secret from above. |
| Ignore Sub-Assessments | **Default behavior:** Sub-assessments will still be ingested during the ingestion process. **If the box is checked:** Sub-assessments will be ignored and not ingested. |

1. Click **Verify Credentials.**
2. Click **Save**.

### 3. Vulnerability Data Ingestion

1. Go to **Integration Hub > Import via Connector**.
2. Select the Azure CSPM connector you just created.
3. Select the method of import: All VMs + Cloud Resources or All Container Images
4. Create a 2nd import if both are required

![](https://cdn.document360.io/3888970a-6501-459e-acc9-c47b71c6d64c/Images/Documentation/Screenshot 2026-01-13 at 8.32.20 PM.png)
5. Select a schedule to import scans into the project.
6. Click **Save & Finish**.

## Frequently Asked Questions

### What support does the Azure connector have?

The connector currently supports ingesting CVE's on Azure Virtual Machines, Container Images and Cloud Resources discovered by Microsoft Defender Threat and Vulnerability Management, as well as recommendation sub-assessments / misconfiguration checks identified by Microsoft Defender for Cloud.

### 

|  |  |
| --- | --- |