Container Security Interoperability Matrix

Last updated: June 19, 2023

This article lists the Qualys Container Security Sensor versions and interoperability with 3rd party solutions. With each new sensor release, we test and certify the latest sensor version with 3rd party solutions. We will review this product interoperability matrix on a quarterly basis and update the tests accordingly.   

As a general guideline, we recommend users use the latest sensor version whenever possible. This will ensure that you always have the latest features that work with 3rd party solutions. Container Security does not support any 3rd party solutions with EOL status.

Private Registries

If you do not see your container registry or registry version listed below, please reach out to Qualys Support to request this support be added. 

Qualys no longer provides support for container registries that have reached their end of life as determined by the respective vendors.

Container Registry (Private) Registry Version Minimum Supported CS Sensor Version
Harbor 2.5.6  1.21.0 or later 
JFrog Artifactory  7.46.13  1.21.0 or later 
Docker Private Registry  Docker Registry V2 API*  1.21.0 or later 
RedHat Quay   1.21.0 or later
Mirantis Secure Registry (MSR)  2.9.4  1.16 or later 
OpenShift Container Registry (OCR)  4.10 
 
1.11 or later 
OpenShift Container Registry (OCR)  4.12  1.21.0 or later 
Sonatype Nexus Repository Docker Registry V2 API*  1.17 or later  

*These items are tested and certified by using Docker Container Registry API V2.

Public Registries

If you do not see your container registry or registry version listed below, reach out to Qualys Support to request this support be added. 

Qualys no longer provides support for container registries that have reached their end of life as determined by the respective vendors.

Container Registry (Public)  Minimum Supported CS Sensor Version
AWS ECR  1.21.0 or later 
Azure Container Registry  1.21.0 or later 
DockerHub 1.21.0 or later 
Google Artifact Registry  1.21.0 or later 
Google Container Registry  1.21.0 or later 

Upstream OSS Kubernetes Version

Container Security sensors have different modes, including General, Registry and CICD, which are tested with different Container Runtimes, including ContainerD, CRI-O and Docker. Without explicitly testing every sensor mode with every possible runtime engine, Container Security sensors are tested with the most used container runtime, typically ContainerD or CRI-O.

Any that has reached its end-of-life as defined by upstream Kubernetes will no longer be supported by Qualys.

Qualys no longer provides support for a Kubernetes version that has reached its end of life as defined by upstream Kubernetes.

Upstream OSS Kubernetes Version Container Runtime Tested  Minimum Supported CS Version
Kubernetes 1.24.x  containerd 1.21.0 or later 
Kubernetes 1.25.x  containerd 1.21.0 or later
Kubernetes 1.26.x  containerd 1.21.0 or later 

Kubernetes Cluster Environments

Kubernetes Minimum Supported CS Version 
Azure Kubernetes Service (AKS)  1.21.0 or later
Google Kubernetes Engine (GKE)  1.21.0 or later 
AWS (EKS)  1.21.0 or later
OpenShift 4.12.1  1.21.0 or later
Tanzu Kubernetes Grid 1.21.0 or later

Docker Orchestrated Environments

Name OS Architecture  Docker Engine Version Minimum Supported CS Version
Docker Engine  Linux x86-64 20.10.x 1.21.0 or later
Docker Engine  Linux ARM64 20.10.x 1.21.0 or later

 

Note: The information provided here is believed to be accurate at the time of publication; however, note that updates and revisions may occur periodically and without prior notice.


 

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.