dcsimg

Qualys Container Security: Product Overview and Analysis

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

Qualys

See our complete list of top container and Kubernetes security vendors

Company Description

Founded in 1999, Qualys is headquartered in Foster City, CA, and led by chairman and CEO Philippe Courtot. Qualys became publicly traded on Nasdaq with the symbol QLYS on September 28, 2012. Its initial cloud-based product was QualysGuard in December 2000, which marked the company as one of the first entrants in the vulnerability management and cloud-based security markets. Qualys now offers more than 18 Cloud Apps, including Qualys Container Security (CS), that are fully integrated within the Qualys Cloud Platform.

In October 2018, Qualys acquired Layered Insight, a container-native application protection solution. Now with Layered Insight technology embedded within the Qualys Container Security solution, Qualys offers organizations an embedded security approach, which provides accurate insight into container images, adaptive analysis of running containers, and automated enforcement of container behavior.

Products

Qualys Container Security discovers, tracks and continuously secures containers from the DevOps pipeline to runtime deployments. This includes CI/CD pipeline integration with Jenkins, image assessment, monitor running containers, and tracking drift of containers from images.

Key Features

Visibility: Qualys Container Security (CS) gives organizations visibility into container hosts wherever they are in their global IT environment, on premises and in clouds. It gathers comprehensive topographic information about an organization's container projects — images, image registries, and containers spun from the images. With dynamic, customizable dashboards, teams can see complete inventory and security posture from containers to hosts.

DevOps pipeline security: With Qualys CS, security teams can enforce policies to block the use of images that have specific vulnerabilities, or that have vulnerabilities above a certain severity threshold. Additionally, enterprises can also enforce package-related compliance policies on container images to ensure that only those open source packages that have been reviewed and approved by the enterprise are included in the images. Developers can also do continuous vulnerability detection and remediation in the DevOps pipeline by deploying plugins for CI/CD tools like Jenkins or Bamboo, or via REST APIs.

Threat identification, impact assessment and remediation prioritization: With Qualys CS, teams can search for images in their environment with high-severity vulnerabilities, unapproved packages, and older or test release tags. They can then assess their impact by identifying all containers — active or dormant — which use the unapproved, vulnerable images.

Container runtime visibility and protection: Qualys CS lets teams scan, protect and secure the runtime container stack, including the host, container engine and orchestration layer. For containerized workload protection, Qualys CS uses a 'layered-in' approach to embed deep visibility and protection in each running container instance, and it tracks all application activities to automatically create and enforce the normal behavior profile.

Delivery

Qualys CS is a fully SaaS-based offering. It can also be deployed via AMI, Kubernetes, Docker Swarm, or any of the container platforms in a customer’s private cloud environment.

Pricing

For details about pricing, contact the company.

Submit a Comment

Loading Comments...