Security Experts:

Qualys Launches Container Security Product

Cloud-based security and compliance solutions provider Qualys on Monday announced a new product designed for securing containers across cloud and on-premises deployments.

Qualys Container Security, which the company expects to become available in beta starting in Q3 2017, aims to help organizations proactively integrate security into container deployments and DevOps processes by extending visibility, vulnerability detection and policy compliance checks.

One of the main features of the initial release will allow users to discover containers and track changes in real time. Organizations can visualize assets and relationships, enabling them to identify and isolate exposed elements.Qualys

The product also provides vulnerability analysis capabilities for images, registries and containers. These capabilities can be integrated via the Qualys API into an organization’s Continuous Integration (CI) and Continuous Development (CD) tool chains, allowing DevOps and security teams to scan container images for known flaws before they are widely distributed.

“Containers are core to the IT fabric powering digital transformation,” said Philippe Courtot, chairman and CEO of Qualys. “Our new solution for containers enables customers on that journey to incorporate 2-second visibility and continuous security as a critical part of their agile development.”

In addition to Container Security, Qualys has announced a new add-on for the company’s Vulnerability Management product. The add-on, named Security Configuration Assessment (SCA), provides cloud-based tools for automating configuration assessment of IT assets using Center for Internet Security (CIS) benchmarks.

The SCA add-on allows companies to scan their systems and assess, monitor and remediate security-related issues introduced by improper configurations. The product is already available for an annual subscription whose price depends on number of IPs.

“Recent global cyber-attacks have served as a reminder that companies must take a proactive stance in securing the infrastructure and operations underpinning their digital transformation,” Courtot said. “Qualys SCA helps customers automate the security best practices behind leading benchmarks, and integrate them with DevSecOps for a more proactive approach towards securing today’s digital business.”

Related: Qualys Launches Threat Intelligence Solution

Related: Qualys Expands Detection, Web App Security, and Data Sharing Portfolio

Related: Docker Patches Container Escape Vulnerability

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.