Qualys Container Security App Released
June 19, 2018

Qualys released Qualys Container Security (CS), a new Cloud App that enables customers to build continuous security into their global container deployments and DevOps processes at any scale, and integrate the results into one unified view of their global hybrid IT security and compliance posture, breaking down silos and lowering ownership cost.

Built on the Qualys Cloud Platform, the new Qualys CS App delivers customers a container-ready security and compliance solution that extends visibility to container environments, and incorporates continuous visibility across the DevOps and CI/CD toolchain with that of existing traditional virtualization environments. Qualys CS performs inventory and real-time tracking of changes to containers deployed across on-premises and elastic cloud environments, and extends vulnerability detection and policy compliance checks to the image registries, containers and hosts.

"As businesses prioritize more responsive and adaptable IT, organizations need tools that optimize a variety of management demands to keep up with the pace of IT innovation," said Scott Crawford, Research Director, 451 Research. "Qualys' cloud platform strategy helps its customers meet many of these challenges, leveraging its early leadership in security offered as-a-service to consolidate and simplify the user experience across applications that address the security of new IT, including infrastructure deployed as containers and the automation that characterizes DevOps."

By integrating Qualys CS into their DevOps toolchain, organizations can identify and remediate risks early in development cycles and reduce those risks created by open development methods and their inherent sprawl. Security teams can participate in the DevOps process to gate vulnerable images entering the system, while developers get actionable data to remediate vulnerabilities. Qualys' high-accuracy vulnerability scanning also reduces the pain of clearing false-positives and allows security teams to focus on identifying and remediating actual risks.

"Containers are becoming an accelerator of the digital transformation and container security is now front and center," said Philippe Courtot, Chairman and CEO of Qualys, Inc. "Our new Container Security App is designed to help customers transparently extend their continuous security and compliance capabilities into new cloud workloads through the use of DevOps and containers, allowing them to build security into their digital transformation initiatives."

Qualys Container Security offers customers:

- Visibility into container projects: Qualys CS provides auto-discovery that gives customers complete visibility of container hosts wherever they are within their global IT environment, whether on-premises or in clouds. It gathers comprehensive topographic information about container projects — images, image registries, and containers spun from those images. With dynamic, customizable dashboards, users can see complete inventory and security posture from containers to hosts.

- Security for the entire DevOps pipeline: Security teams can enforce policies to block the use of images that have specific vulnerabilities, or that have vulnerabilities above a certain severity threshold. Developers can perform continuous vulnerability detection and remediation in the DevOps pipeline by deploying plugins for CI/CD tools like Jenkins or Bamboo, or via REST APIs.

- Threat identification, impact assessment and remediation prioritization: Teams can search for images with high-severity vulnerabilities, unapproved packages, and older or test release tags. They can then assess the impact by identifying all containers using unapproved, vulnerable images. Qualys CS helps determine if these images are cached on different hosts, and identify all the containers on exposed vulnerable network ports running with privileges, which could lead to attacks.

- Container runtime protection: CS helps teams scan, protect and secure their running containers. Customers can also detect runtime security and configuration drift that breaks the parent image's immutable behavior by using a different vulnerability posture and software configuration. Qualys CS also features policy-based orchestration to stop containers with vulnerable images from being spun up in Kubernetes clusters. Additionally, customers can understand how the host impacts the containers by easily drilling down to the host level to identify its vulnerabilities and patch compliance.

As a container-ready global IT security platform, the Qualys Cloud Platform consolidates visibility of container environments and other global infrastructure — on premises, at endpoints or in the cloud — into a single-pane-of-glass UI. Its revolutionary architecture provides customers a scalable, end-to-end solution for customers to consolidate their security stack across containerized and non-containerized environments, and also drastically reduce IT security spend by avoiding the cost and complexities that come with managing multiple security vendors.

Qualys Container Security is available now.

The Latest

November 15, 2018

Serverless infrastructure environments are set to become the dominant paradigm for enterprise technology deployments, according to a new report — Why the Fuss About Serverless? — released by Leading Edge Forum ...

November 14, 2018

What to automate? Which parts of the delivery process are good candidates? Which applications will benefit from automation? At first, those sound like silly questions. Automate all your repetitive processes. If you think that you'll do the same thing manually more than once, automate it. Why would you waste your creative potential and knowledge by doing things that are much better done by scripts? Yet, an average company does not adhere to that logic. Why is that? ...

November 13, 2018

I'd love to see more security automation deeply integrated into the development process. Everybody knows since the 1990s that security as an afterthought just doesn't work, yet we keep doing it. The reason, I think, is because it's very hard to automate security ...

November 09, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 5, the final installment, covers deployment and production ...

November 08, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 4 is all about security ...

November 07, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 3 covers the development environment and the infrastructure ...

November 06, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 2 covers the coding process ...

November 05, 2018

Everyone talks about automating the software development lifecycle (SDLC) but the first question should be: What should you automate? With this question in mind, DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 1 starts with by-far the most popular recommendation: Testing ...

October 31, 2018

Halloween is a time for all things spooky, but not when it comes to your mobile app experience. A poor experience can not only scare off your customers but keep them away for good ...

October 30, 2018

As organizations have embraced open source, they have become polyglot — using multiple programming languages and technology stacks to accomplish software and hardware related tasks. Enterprises are caught between the benefits provided by a polyglot environment and the complexities and challenges these environments bring. Ultimately, if the situation remains unchecked, polyglot will kill your enterprise ...

Share this