Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security

Download QScanner

QScanner is a command-line utility specifically developed for scanning container images and conducting Software Composition Analysis (SwCA). QScanner is designed to be compatible with various container orchestration systems, container runtimes, and operating systems.

Here are some key features of QScanner:

  • Instant Console Results: Scan for vulnerabilities and receive real-time results directly on the console.
  • Seamless Integration: Seamlessly integrate QScanner with your CICD pipelines and leverage the benefits of security policy-based evaluations.
  • Broad Runtime Support: QScanner is compatible with multiple container runtimes enabling flexibility in deployment options. Currently, QScanner supports Docker, containerd, and cri-o runtimes.
  • Software Composition Analysis: In addition to vulnerability scanning, QScanner supports the scanning of software packages. It covers a wide range of programming languages, including Ruby, Rust, PHP, Java, Go, Python, .NET, and Node.js, enabling comprehensive Software Composition Analysis (SwCA) across diverse codebases.

Download QScanner Copy URL to Clipboard

After downloading, you receive a shell script file. By executing this script, your system's configuration including the OS architecture is assessed, and the suitable binary is downloaded accordingly.

Once the binary is successfully downloaded, you can either run it directly or incorporate it into your integration systems as needed.

Qualys QScanner Documentation

Previous Versions

Version Release Notes
4.0.0 View release notes
2.0.0 View release notes