De-risk your cloud with KCS – an integral part of Qualys TotalCloud 2.0 – an AI-powered CNAPP solution.

Features

Discover and inventory container assets

Unlock continuous discovery and tracking of containers and images, including:

• Pre-built dashboards and customizable widgets.
• Topographic information on the container environments: images, registries, associated containers (active and dormant), and hosts.
• Comprehensive metadata for every image, including labels, tags, installed software, layers, and association information.

Container-native vulnerability analysis

Rapidly analyze threats with high-accuracy vulnerability scanning and eliminate false positives to deliver:

• Comprehensive coverage, from standard Linux OS distributions to container-centric OSes (like CoreOS and Alpine), applications (like NGINX, PostgreSQL, MySQL, Redis, and MongoDB), and programming languages (like Python, NodeJS, RubyGems, GoLang, and Java).
• Detailed reports of vulnerable software with patchable version information.
• Identify the composition of the image using layer details gathered by Qualys CS.

Vulnerability analysis in the DevOps pipeline

Integrate with CI/CD tools like Jenkins, Bamboo, TeamCity, and CircleCI to:

• Provide actionable data to developers to remediate vulnerabilities.
• Set policies based on criteria such as severity QID to prevent vulnerable images from entering repositories.
• Review specific vulnerabilities and patch data from within the plugin.