Qualys Container Security Overview
Qualys Container Security is a comprehensive solution designed to discover, track, and continuously secure container environments throughout their entire lifecycle, from the DevOps pipeline to runtime deployments.
Key Features and Functionality
Visibility and Inventory
Qualys Container Security provides organizations with detailed visibility into their container hosts across global IT environments, whether on-premises or in cloud settings. It gathers extensive topographic information about container projects, including images, image registries, and containers spun from these images. Customizable dashboards enable teams to monitor a complete inventory and assess the security posture of containers and their associated hosts in real-time.
DevOps Pipeline Security
The solution integrates seamlessly with CI/CD tools such as Jenkins or Bamboo via plugins or REST APIs, allowing security teams to enforce strict policies. This includes blocking the use of images with specific vulnerabilities or those above a certain severity threshold. Additionally, it enforces package-related compliance policies to ensure only reviewed and approved open source packages are included in container images. Continuous vulnerability detection and remediation are also supported within the DevOps pipeline.
Vulnerability Analysis and Compliance
Qualys Container Security performs thorough vulnerability analysis for container images, running containers, and registries. It identifies images with high-severity vulnerabilities, unapproved packages, and outdated or test release tags. The solution also conducts compliance assessments for images and containers, ensuring they adhere to organizational standards and regulatory requirements.
Threat Identification and Remediation
The product allows teams to search for and assess the impact of vulnerable images across all containers, whether active or dormant. This enables prioritized remediation efforts, ensuring that the most critical vulnerabilities are addressed promptly.
Container Runtime Visibility and Protection
Qualys Container Security offers deep visibility and protection for the runtime container stack, including the host, container engine, and orchestration layer. Using a ‘layered-in’ approach, it embeds protection within each running container instance and tracks all application activities to create and enforce normal behavior profiles. This ensures comprehensive security for containerized workloads.
Integration and Deployment
The solution supports integration with various container platforms such as Kubernetes, Docker Swarm, and can be deployed via AMI or in a customer’s private cloud environment. Qualys Container Security is also available as a fully SaaS-based offering, providing flexibility in deployment options.
APIs and Access Control
Qualys Container Security utilizes a Role-Based Access Control (RBAC) model to manage access to its features. It also provides APIs for integrating with CI/CD pipelines and other DevOps tools, ensuring seamless integration into existing workflows.
In summary, Qualys Container Security is a robust tool that enhances the security and compliance of container environments through comprehensive visibility, integrated DevOps security, vulnerability analysis, and runtime protection, making it an essential component for organizations leveraging containerized applications.