Qualys Container Sensor is designed for native support of Docker environments. Sensor is packaged and delivered as a Docker Image. Download the image and deploy it as a Container alongside with other application containers on the host.
The sensor is docker based, can be deployed on hosts in your data center or cloud environments like AWS ECS, Azure Container Service or Google Container Service. Sensor currently is only supported on Linux Operating systems like CentOS, Ubuntu, RHEL, Debian and requires docker daemon of version 1.12 and higher to be available.
Since they are docker based, the sensor can be deployed into orchestration tool environments like Kubernetes, Mesos or Docker Swarm just like any other application container.
Upon installation, the sensor does automatic discovery of Images and Containers on the deployed host, provides a vulnerability analysis of them, and additionally it monitors and reports on the docker related events on the host. The sensor also performs compliance assessments. The sensor container runs in non-privileged mode. It requires a persistent storage for storing and caching files.
Currently, the sensor only scans Images and Containers. To scan Hosts, you would require Qualys Cloud Agents or a scan through Qualys Virtual Scanner Appliance.
The Qualys Container Security sensor fetches the following information about Images and Containers in your environment:
The compliance scans of containers, images will be transparent to customers and will function in a similar real-time cloud native manner like the vulnerability scanning feature. The configuration scan results will be available in the UI and API. For more information, see Compliance Scanning.
Refer to the Sensor Deployment Guide for a list of supported systems.
Installing the sensor on a MAC