Deploying Container Sensor

The Container Security Sensor can be installed in either of the following ways:

- By downloading the sensor tar file from Qualys Cloud Platform and then install it on the host.
OR
- By installing the sensor from Docker Hub. See Installing the Sensor on Docker Hub.

To download the sensor from Qualys Cloud Platform, log in to your Qualys portal with your user credentials. Select Container Security from the module picker. As a first-time user, you’ll land directly on the Home page.

Go to Configurations > Sensors, and click Download Sensor.

The Download and Deploy Qualys Container Sensor window will appear, as shown below.

Pick the type of sensor you want to deploy.

Sensor deployment is one sensor in one mode on one host/node. Deploying more than one sensor or more than one sensor in another mode is not supported.

Sensor modes:

  • General (Host) Sensor: Scan any image and container on the host where sensor is running. General Sensor is installed by default if parameters for Registry or CI/CD are not provided.
  • Registry Sensor: Scan images in a registry (public / private). For Registry you need to append the install command with --registry-sensor or -r
  • Build (CI/CD) Sensor: Scan images on CI/CD pipeline (Jenkins / Bamboo). For CI/CD you need to append the install command with --cicd-deployed-sensor or -c

To deploy on a standalone host, pick the host’s operating system: MacOS, Linux or CoreOS.

In the window that appears, choose DOCKERHUB or BINARY(TAR.XZ) for how you want to install the sensor. Then simply follow the steps on the screen. For Tar, you’ll download the tar file and run the install commands on the screen. For Docker Hub, you’ll run the docker commands on the screen.

To deploy to a cluster, first pick from the cluster options: Kubernetes, Openshift, AWS ECS, or Docker Swarm.

In the window that appears, choose the runtime. In the example below for General sensor being deployed in Kubernetes, you’ll see DOCKER, CONTAINERD and CRI-O runtime options. After making your selection, follow the steps on the screen. The installation yaml file will already be pre-filled with your Activation ID, Customer ID and POD URL.

Be sure to note the System Requirements for installing the sensor. The sensor needs a minimum of 1 GB persistent storage on the host.

 

© 2026 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: February, 2026