Container Image Scanning: Characteristics, Advantages, and Operation of QScanner
QScanner, a new command-line utility from Qualys, is set to revolutionise container image security. This zero-installation, standalone tool offers a seamless integration into workflows, empowering various teams to secure container images efficiently.
QScanner works with a variety of platforms, including local runtimes like Docker, Containerd, or Podman, local archives such as Docker images or OCI layouts, and remote registries such as AWS ECR, Azure Container Registry, and more. This versatility ensures comprehensive image scanning across all stages of the container lifecycle.
One of the key features of QScanner is its ability to provide immediate vulnerability reports in various output formats like SBOM, JSON, Table, and SARIF. This flexibility makes it easy to integrate into existing processes.
QScanner's trusted engine, boasting a 99.99966% Six Sigma accuracy for vulnerability detection, is maintained by over 35 threat feeds. This ensures the highest level of security and compliance.
The tool identifies vulnerabilities in OS and software packages within container images, helping to detect and remediate security issues in software dependencies. It also proactively scans for exposed secrets, such as passwords, API keys, and tokens, to safeguard sensitive data and meet compliance requirements.
QScanner calculates a TruRiskTM score for container images, providing a quantifiable measure of the risk associated with each image. This score can help prioritise remediation efforts.
In addition, QScanner offers centralised policy management through the Qualys Portal. Security teams can centrally define compliance standards and vulnerability thresholds, making it easier to enforce security across the organisation.
QScanner's insights help address identified issues promptly, enhancing container security, and enabling centralised policy enforcement via the Qualys Portal. Its command-line interface and support for multiple output formats make it a versatile tool for various use cases.
Moreover, QScanner supports Software Composition Analysis (SCA) for languages including Ruby, Rust, PHP, Java, Go, Python, .NET, and Node.js. It also offers custom workflow integration, making it adaptable to various tools and systems.
While the exact release date for QScanner is not specified, it is clear that it is set to become an invaluable tool for teams seeking to improve container image security. With its comprehensive features and ease of use, QScanner is poised to make a significant impact in the world of container security.
Read also:
- Attend NAB 2022 Event
- Revitalize bouncing back: gaming sector rebounds from sales slowdown
- US unveils fresh, globally designed Acura RSX Prototype platform, manufactured domestically
- Switched from gas trucks, unfamiliar with EVs, but after trying the GMC Sierra EV, instantly realized it was the desired choice for me
