- after detection of malicious container, we could delete the cluster and redeploy / re-attach to the existing ACR. - defender for containers - ACR permissions restrictions
