Qualys Container Security
Qualys Container Security provides tools for discovery, inventory, and real-time tracking of container events, utilizing Cloud Agents, Scanners, and a Container Sensor for vulnerability analysis.
| Category | Container & Kubernetes Security |
|---|---|
| This page updated | a month ago |
| Pricing Details | Free version available with limited functionality; paid subscription required for full features. |
| Target Audience | DevOps teams, security professionals, and organizations using containerized environments. |
Qualys Container Security addresses the core problem of securing containerized environments by providing a comprehensive set of tools for discovery, inventory, and real-time threat tracking of container events. It utilizes a combination of Cloud Agents, Scanners, and a native 'Container Sensor' distributed as a Docker image to gather detailed metadata and perform vulnerability analysis on container images, registries, and hosts. This approach allows for the identification of assets based on multiple attributes and visualization of container environment assets through topology views, enabling better understanding and isolation of exposed members.
The implementation involves integrating with CI/CD pipelines using REST APIs, which allows DevOps teams to analyze container images for known vulnerabilities before they are deployed. The Container Sensor provides native container support, scanning images and containers for vulnerabilities and compliance issues, and it can be deployed directly on container hosts or integrated with orchestration tools like Kubernetes and Docker Swarm. Qualys Container Security also performs real-time, event-driven assessments of containers in the runtime environment, blocking malicious runtime behavior and enforcing policy-driven security automation of file access, network communications, and process behaviors.
Operationally, Qualys Container Security supports aspects of ISO27001 controls such as A.8.8 (Technical vulnerability management through its vulnerability scanning capabilities, and A.8.9 (Configuration management compliance) by assessing the compliance of container images against defined standards like CIS Docker benchmarks. The solution requires the use of Cloud Agents or authenticated scans for comprehensive host vulnerability and compliance posture assessment. It provides monitoring and reporting of Docker events, listing and scanning of registry images, and complete image introspection to assess various layers within a Docker image, ensuring that only secure images reach production environments.