Was this topic helpful?
Last updated: March 28, 2023
This article lists the Qualys Container Security Sensor versions and interoperability with 3rd party solutions. With each new sensor release, we test and certify the latest sensor version with 3rd party solutions. We will review this product interoperability matrix on a quarterly basis and update the tests accordingly.
As a general guideline, we recommend users use the latest sensor version whenever possible. This will ensure that you always have the latest features that work with 3rd party solutions. Container Security does not support any 3rd party solutions with EOL status.
If you do not see your container registry or registry version listed below, please reach out to Qualys Support to request this support be added.
| Container Registry (Private) | Registry Version | Minimum Supported CS Sensor Version |
|---|---|---|
| Harbor | 2.5.6 | 1.21.0 or later |
| JFrog Artifactory | 7.46.13 | 1.21.0 or later |
| Docker Private Registry | Docker Registry V2 API* | 1.21.0 or later |
| RedHat Quay | 1.21.0 or later | |
| Mirantis Secure Registry (MSR) | 2.9.4 | 1.16 or later |
| OpenShift Container Registry (OCR) | 4.10 |
1.11 or later |
| OpenShift Container Registry (OCR) | 4.12 | 1.21.0 or later |
| Sonatype Nexus Repository | Docker Registry V2 API* | 1.17 or later |
*These items are tested and certified by using Docker Container Registry API V2.
If you do not see your container registry or registry version listed below, please reach out to Qualys Support to request this support be added.
| Container Registry (Public) | Minimum Supported CS Sensor Version |
|---|---|
| AWS ECR | 1.21.0 or later |
| Azure Container Registry | 1.21.0 or later |
| DockerHub | 1.21.0 or later |
| Google Artifact Registry | 1.21.0 or later |
| Google Container Registry | 1.21.0 or later |
Container Security sensors have different modes, including General, Registry and CICD, which are tested with different Container Runtimes, including ContainerD, CRI-O and Docker. Without explicitly testing every sensor mode with every possible runtime engine, Container Security sensors are tested with the most used container runtime, typically ContainerD or CRI-O.
| Upstream OSS Kubernetes Version | Container Runtime Tested | Minimum Supported CS Version |
|---|---|---|
| Kubernetes 1.24.x | containerd | 1.21.0 or later |
| Kubernetes 1.25.x | containerd | 1.21.0 or later |
| Kubernetes 1.26.x | containerd | 1.21.0 or later |
| Kubernetes | Minimum Supported CS Version |
|---|---|
| Azure Kubernetes Service (AKS) | 1.21.0 or later |
| Google Kubernetes Engine (GKE) | 1.21.0 or later |
| AWS (EKS) | 1.21.0 or later |
| OpenShift 4.12.1 | 1.21.0 or later |
| Tanzu Kubernetes Grid | 1.21.0 or later |
| Name | OS Architecture | Docker Engine Version | Minimum Supported CS Version |
|---|---|---|---|
| Docker Engine | Linux x86-64 | 20.10.x | 1.21.0 or later |
| Docker Engine | Linux ARM64 | 20.10.x | 1.21.0 or later |
Was this topic helpful?