Qualys Cloud Agent GCP-COS
Overview
Google Cloud COS is a lightweight, hardened OS designed specifically for running containers securely and efficiently. The Qualys Cloud Agent for COS integrates seamlessly as a containerized workload, enabling real-time telemetry for:
- Vulnerability Management (VMDR)
- Policy Compliance
- Asset Inventory
By leveraging COS’s optimized design, Qualys delivers deep insight into host-level configurations and software without compromising performance or system integrity.
Who Should Use This Guide?
- Google Cloud Architects and Engineers
- DevSecOps and Platform Engineering Teams
- Kubernetes Cluster Operators
- Security Compliance and Governance Teams
Before You Begin
- Running a supported Google COS image (e.g., COS 101, 105)
- Access to gcloud CLI and proper IAM permissions
- A valid Qualys activation key
- Outbound internet access to Qualys Cloud Platform (HTTPS/443)
What You’ll Learn
- COS architecture and compatibility considerations
- Pulling and configuring the Qualys Cloud Agent container image
- Passing configuration parameters via metadata or user data
- Automating deployment using cloud-init, Startup Scripts, or GKE DaemonSets
- Validating agent communication with the Qualys Platform
Deployment Highlights
- Runs as a privileged container alongside your workloads
- Lightweight, stateless design with auto-reconnect capabilities
- Ideal for securing both standalone COS VMs and GKE worker nodes
Related Resources
Need Help?
For customized deployment scenarios, troubleshooting, or cloud automation best practices, reach out to your Qualys Technical Account Manager or explore peer guidance on the Qualys Community. You can also contact Qualys Support for technical assistance.