Container Security Data Collection

The Qualys Container Security sensor fetches the following information about Images and Containers in your environment:

  • Inventory of Images and Containers in your environment using commands such as docker ps that lists all containers.
  • Metadata information about Images and Containers from commands such as docker inspect and docker info that fetches low level information on docker objects.
  • Event information about Images and Containers from the docker host for docker events like created, started, killed, push, pull, and so on.
  • Vulnerabilities found on Images and Containers. This is the output of the vulnerability management manifests run for identifying vulnerability information in Images and Containers. This is primarily software package listing, services running, ports, and so on.

    For example, package manager outputs like rpm -qa, npm. This is supported across various Linux distributions (CentOS, Ubuntu, CoreOS, and so on.) and across images like Python, NodeJS, Ruby, and so on.

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.