Get Started

CRS (Container Runtime Security) provides runtime visibility and protection for containers. This is achieved by instrumenting images with Container Security components that gather functional-level behavioral data about the processes running within a container. This behavioral data is used by Container Security to visualize process activity. You can create and apply security policies that provide custom security controls based on the container’s activity.

Accessing the APIs

Several features of Container Runtime Security are available through REST APIs.

Permissions required to use APIs:

Qualys API URLs

Container Security supports the Qualys API gateway for API requests.

The Qualys API gateway URL you should use for API requests depends on the Qualys platform where your account is located.

Click here to identify your Qualys platform and get the API Gateway URL

Authentication for Gateway URLs

You must authenticate to the Qualys Cloud Platform using Qualys account credentials (user name and password) and get the JSON Web Token (JWT) before you can start using the Gateway URLs. Use the Qualys Authentication API to get the JWT.

For example:

curl -X POST 
-H "Content-Type: application/x-www-form-urlencoded" 
--data-urlencode "username=Value" 
--data-urlencode "password=Value" 
--data-urlencode "token=true" 
--data-urlencode "permissions=true"


The Authentication API returns a JSON Web Token (JWT), which you can use for authentication during Container Security API calls. The token expires in 4 hours. You must regenerate the token to continue using the Container Security API.

Swagger API Documentation

You can directly access the Swagger API documentation using the following URL:


For example, if your account is on US Platform 1




Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.