Qualys Container Security App Released
June 19, 2018

Qualys released Qualys Container Security (CS), a new Cloud App that enables customers to build continuous security into their global container deployments and DevOps processes at any scale, and integrate the results into one unified view of their global hybrid IT security and compliance posture, breaking down silos and lowering ownership cost.

Built on the Qualys Cloud Platform, the new Qualys CS App delivers customers a container-ready security and compliance solution that extends visibility to container environments, and incorporates continuous visibility across the DevOps and CI/CD toolchain with that of existing traditional virtualization environments. Qualys CS performs inventory and real-time tracking of changes to containers deployed across on-premises and elastic cloud environments, and extends vulnerability detection and policy compliance checks to the image registries, containers and hosts.

"As businesses prioritize more responsive and adaptable IT, organizations need tools that optimize a variety of management demands to keep up with the pace of IT innovation," said Scott Crawford, Research Director, 451 Research. "Qualys' cloud platform strategy helps its customers meet many of these challenges, leveraging its early leadership in security offered as-a-service to consolidate and simplify the user experience across applications that address the security of new IT, including infrastructure deployed as containers and the automation that characterizes DevOps."

By integrating Qualys CS into their DevOps toolchain, organizations can identify and remediate risks early in development cycles and reduce those risks created by open development methods and their inherent sprawl. Security teams can participate in the DevOps process to gate vulnerable images entering the system, while developers get actionable data to remediate vulnerabilities. Qualys' high-accuracy vulnerability scanning also reduces the pain of clearing false-positives and allows security teams to focus on identifying and remediating actual risks.

"Containers are becoming an accelerator of the digital transformation and container security is now front and center," said Philippe Courtot, Chairman and CEO of Qualys, Inc. "Our new Container Security App is designed to help customers transparently extend their continuous security and compliance capabilities into new cloud workloads through the use of DevOps and containers, allowing them to build security into their digital transformation initiatives."

Qualys Container Security offers customers:

- Visibility into container projects: Qualys CS provides auto-discovery that gives customers complete visibility of container hosts wherever they are within their global IT environment, whether on-premises or in clouds. It gathers comprehensive topographic information about container projects — images, image registries, and containers spun from those images. With dynamic, customizable dashboards, users can see complete inventory and security posture from containers to hosts.

- Security for the entire DevOps pipeline: Security teams can enforce policies to block the use of images that have specific vulnerabilities, or that have vulnerabilities above a certain severity threshold. Developers can perform continuous vulnerability detection and remediation in the DevOps pipeline by deploying plugins for CI/CD tools like Jenkins or Bamboo, or via REST APIs.

- Threat identification, impact assessment and remediation prioritization: Teams can search for images with high-severity vulnerabilities, unapproved packages, and older or test release tags. They can then assess the impact by identifying all containers using unapproved, vulnerable images. Qualys CS helps determine if these images are cached on different hosts, and identify all the containers on exposed vulnerable network ports running with privileges, which could lead to attacks.

- Container runtime protection: CS helps teams scan, protect and secure their running containers. Customers can also detect runtime security and configuration drift that breaks the parent image's immutable behavior by using a different vulnerability posture and software configuration. Qualys CS also features policy-based orchestration to stop containers with vulnerable images from being spun up in Kubernetes clusters. Additionally, customers can understand how the host impacts the containers by easily drilling down to the host level to identify its vulnerabilities and patch compliance.

As a container-ready global IT security platform, the Qualys Cloud Platform consolidates visibility of container environments and other global infrastructure — on premises, at endpoints or in the cloud — into a single-pane-of-glass UI. Its revolutionary architecture provides customers a scalable, end-to-end solution for customers to consolidate their security stack across containerized and non-containerized environments, and also drastically reduce IT security spend by avoiding the cost and complexities that come with managing multiple security vendors.

Qualys Container Security is available now.

The Latest

July 19, 2018

Despite 95 percent of CIOs expecting cyberthreats to increase over the next three years, only 65 percent of their organizations currently have a cybersecurity expert, according to a survey from Gartner. The survey also reveals that skills challenges continue to plague organizations that undergo digitalization, with digital security staffing shortages considered a top inhibitor to innovation ...

July 17, 2018

In my first blog in this series, I highlighted some of the main challenges teams face with trying to scale mainframe DevOps. To get past these hurdles, the key is to develop an incremental approach that enables teams to capture value along each step of the journey ...

July 16, 2018

The key to mainframe DevOps success is in quickly identifying and removing major bottlenecks in the application delivery lifecycle. Major challenges include collaboration between mainframe and distributed teams, lack of visibility into the impact of software changes, and limited resource flexibility with scaling out necessary testing initiatives. Now let's take a closer look at some of these key challenges and how IT departments can address them ...

July 11, 2018

How much are organizations investing in the shift to cloud native, how much is it getting them? ...

July 10, 2018

In the shift to cloud native, many organizations have adopted a configuration-as-code approach. This helps drive up application deployment velocity by letting developers and DevOps teams reconfigure their deployments as their needs arise. Other organizations, particularly the more regulated ones, still have security people owning these tools, but that creates increased pressure on the security organization to keep up. How much are organizations investing in this process, and how much is it getting them? ...

June 28, 2018

More than a third of companies that use serverless functions are not employing any application security best practices and are not using any tools or standard security methodologies to secure them, according to the State of Serverless Security survey, conducted by PureSec ...

June 27, 2018

The popularity of social media platforms and applications is spurring enterprises to adopt "social business" models to better engage with employees and customers and improve collaboration, according to a new study published by ISG ...

June 25, 2018

The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

June 21, 2018

DevSecOps is quickly gaining support and traction, within and beyond information security teams. In fact, 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps, according to a new survey of 80 security professionals by Aqua Security ...

June 20, 2018

The larger the company size, the higher the proportion of low IT performers, according to the State of DevOps: Market Segmentation Report from Puppet, based on the 2017 State of DevOps Survey data ...

Share this