Industry-leading solution for addressing security of containers in DevOps pipelines and deployments across cloud and on-premises environments
Discovery, inventory, and near-real time tracking of container events
Container Security identifies detailed inventory and provides advanced metadata search so users can identify assets based on multiple attributes. Additionally, they can use topology views to visualize container environment assets and their relationships, in order to understand and isolate members impacted by an exposure even when deployed at scale.
Vulnerability analysis for image registries and containers
Qualys provides high accuracy vulnerability scanning of images, registries and containers in addition to the underlying host operating system. This allows security analysts to rapidly analyze the cause and focus on remediation, rather than spending time clearing false positives, which can be common with ordinary off-the-shelf container vulnerability scanners.
Integration with CI/CD toolchain using APIs (DevOps flow)
Users can integrate vulnerability scanning into their Continuous Integration (CI) and Continuous Development (CD) tool chain using the Qualys API, which offers the complete Qualys Container Security feature set. Qualys’ REST APIs can be integrated into various toolchains, enabling DevOps/DevSecOps teams to analyze container images for known vulnerabilities before they are widely distributed.
New Qualys 'Container Sensor'
FIM operates on endpoints via the lightweight Qualys Cloud Agent. Modules can be instantly activated across any or all assets without reinstalling the agent or rebooting the endpoint. The Cloud Agent minimizes performance impact on the endpoint by simply monitoring for file changes and system activity locally, sending all data to the Qualys Cloud Platform for storage, correlation, analysis, and reporting.
Powered by the Qualys Cloud Platform
See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all of their IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.
Centralized & customized
Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption & strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.
Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, no software to install, and no databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.
Scalable and extensible
Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.