Qualys QScanner
QScanner is a Linux command-line utility specifically developed for scanning container images and conducting Software Composition Analysis (SCA).
Here are some key features of QScanner:
- Instant Console Results: Scan for vulnerabilities and receive real-time results directly on the console.
- Seamless Integration: Seamlessly integrate QScanner with your CI/CD pipelines and leverage the benefits of security policy-based evaluations.
- Broad Runtime Support: QScanner is compatible with multiple container runtimes enabling flexibility in deployment options. Currently, QScanner supports Docker, containerd, and cri-o runtimes.
- Software Composition Analysis (SCA): QScanner supports scanning software packages besides vulnerability scanning. The SCA feature is enabled by default across diverse codebases. It covers many programming languages, including Ruby, Rust, PHP, Java, Go, Python, .NET, and Node.js.
To know more about QScanner, refer to QScanner Online Help.