Home

View Asset Details

The Assets section lists the Images and Containers discovered along with their metadata information like ports, networks, services, users, installed software, and so on. The assets are listed along with their associations like associated containers and hosts for an image, other containers from the same parent image. Users can search for images and containers based on their attributes.

ClustersClusters

The Assets > Clusters tab shows the discovered clusters and their details.

Column Name Description
CLUSTER Shows the name of the cluster. 
PROVIDER Shows the name of the cloud provider.
For example, 'AWS'.
REGION Indicates the region in which the cluster is deployed.
STATUS

Specify if the cluster is

  • ACTIVE - cluster is active
  • INACTIVE - cluster is inactive
  • UNKNOWN - If your container's updated date is older than 7 days and less than 13 months

 

View Cluster Details

Select View Details from the Quick Actions menu to see Cluster Summary. This page gives you detailed information about the cluster, its IDs, cloud provider, and region in which the cluster is deployed.

 

The Workloads page provides POD-level details such as namespace, name of the POD, number of containers in the POD, POD age (POD creation/updation time), and POD status. You can select a specific namespace to view selective PODs.

Whereas, the Admission Controller page gives you detailed information about the Admission Controller.

You will see the Admission Controller tab only if you have installed the Admission Controller in your cluster. To know more about Admission Controller, refer to Cluster Sensor & Admission Controller Online Help.

ContainersContainers

The Assets > Containers tab shows the discovered containers and their metadata information.

STATE of a container can be,

  • CREATED -  Indicates that the container is created.
  • DELETED - Indicates that the container is older than 13 months or it has been marked as 'Deleted' from the host.
  • PAUSED -  Indicates that the container is paused.
  • RUNNING - Indicates that the container is running.
  • STOPPED -  Indicates that the container is stopped.
  • UNKNOWN - Indicates that the container is old (less than 13 months) or it does not possess a sensor, and hence it is in a dangling state.

List of containers in your account.

View Container Details

Select View Details from the Quick Actions menu for any container in the list to get comprehensive information about the container. You'll get detailed information about the container, its associations with an image, drift containers, and hosts.

  • Container 'State' is updated based on the docker events (exec_start, kill, destroy, stop) that Qualys Sensor reports to Qualys Cloud Platform.
  • The Services/Users section displays the list of services available in the container and users associated with the container.
  • You'll see Kubernetes Metadata in Container Details, including Kubernetes attributes, resources, and labels. See Kubernetes Metadata to learn more.
  • The Installed Software section displays software having vulnerabilities, and for which fixes (patches) are available.
  • The Vulnerabilities section provides vulnerability information, such as confirmed and potential vulnerabilities with their severity. For each vulnerability, you'll see the vulnerability age (in days). Age is calculated from the point Qualys published the vulnerability.
  • The Compliance section provides a list of controls that were scanned with control details (CID, criticality, statement, category, technologies). Learn more

Summary section of container details

ImagesImages

The Assets > Images tab shows the discovered images along with their metadata information.

List of images in your account.

View Image Details

Select View Details from the Quick Actions menu for any image in the list to get comprehensive information about the image. You can view detailed information about the image, its associations with containers, drift containers, and hosts.

  • The Summary section provides a quick summary of the image. It provides summary of all other sections present under View Mode. It includes image details such as, tag, size, scan type, last scan and secret details, along with registry and repository details. Along with this, the Summary page displays display cards for found vulnerabilities, compliance, and associated containers.
  • The Installed Software section displays software having vulnerabilities, and for which fixes (patches) are available.
  • The Vulnerabilities section provides vulnerability information, such as confirmed and potential vulnerabilities with their severity. For each vulnerability, you can see the vulnerability age (in days). Age is calculated from the point Qualys published the vulnerability.
  • The Layers section displays a list of layers the image is made of.
  • The Compliance section provides a list of controls that were scanned with control details (CID, criticality, statement, category, technologies). For more information, see Compliance Scanning in Container Security.
  • The Malware section shows the malwares detected for the image. For more information, see Malware Scans.
  • The Secrets section shows the secrets detected for the image. For more information, see Detecting Container Secrets.
  • The Exceptions section shows the vulnerability exceptions associated with the image. For more information, see Defining Vulnerability Exceptions.

Summary section of Image Details

HostsHosts

The Assets > Hosts tab shows container hosts discovered and scanned by the Qualys Cloud Agent and/or Qualys Network Scanner.

Qualys Cloud Agent and Cluster Sensor discovery are not associated with each other. 

Currently, container hosts discovered, scanned only by the Qualys Container Sensor are not shown in this list. It is recommended you use the Images or Containers tabs for these. Additionally, Qualys Container sensors currently only support hosts and clusters with Linux-based host OSes and Mac OS.

For each host in the list, you'll see the image and container count. Image and container details can be viewed in their respective tabs.

You'll also see the asset criticality score, which represents the criticality of an asset to your business infrastructure. This score is calculated based on multiple tags assigned to the asset with asset criticality scores defined. Learn more about the asset criticality score.

list of assets in your environment

View Asset Details

Access the Asset Details page for a host from the Sensor details page.

The Asset Details view displays information about the host on which the sensor is deployed. Besides system, network, and port information, the Asset Details view also displays a list of software installed on the host, vulnerabilities present, certificates, and Threat Protection RTIs (when the Qualys TP app is enabled). The Container Security panel shows all containers installed on the host, their status, and the images from which the containers are spawned.

host details with container information

If the sensor is installed without any persistent storage, the Container Summary page may not display any sensor details, and instead, it may show the error "There is no sensor activity recorded".

RegistriesRegistries

The Assets > Registries tab shows the registries in your account. See Adding a new registry to scan to learn how to add and scan registries.

List of registries in your account.

View Registry Details

Select View Details from the Quick Actions menu for any registry in the list to get comprehensive information about the registry. You can view detailed information about the registry: number of repositories, total number of images and number of vulnerable images within that registry. The Scan Jobs panel lists the On Demand and Automatic Jobs created for that registry. For more information, see Vulnerability scanning of Registries.

Registry Details.