Container Security free version

Qualys has introduced a free version of the Container Security App to enable customers to get a glimpse of what Container Security offers. The free version provides you a view of containers and images in your environment. You must upgrade to a Container Security paid subscription if you want to scan those images and containers for vulnerabilities.

Container Security gets image and container information from either of the following sources if the host contains Docker.

Cloud Agents / Scanners

Cloud Agents installed on hosts or Scanners (via Authenticated Scans) will fetch a list of containers and images present on the host, and provide this information in the AssetView app for each asset under the  Asset Details > Container Security pane.

Asset Details - Container Security Tab

Click the Take me to Container Security option to enable Container Security free version for your account.

The Container Security app will show metadata of the images and containers but not the vulnerability information. You must upgrade to a paid subscription in order to scan the images and containers for vulnerabilities.

See Host List

Container Sensor

Installing the Container Sensor on hosts will fetch vulnerability information for all official images from Docker Hub, and the first 10 general sensors installed on assets in your account (does not include sensors for CI/CD and registry scanning). Upgrading to a Trial or Full (Paid) subscription will remove this limitation.

API Support

APIs to list Containers, Images and Sensors, and fetch Container, Image, Sensor Details are available for Container Security Free. Upgrade to a paid subscription to get access to all Container Security APIs. For help on using the APIs, refer to the Qualys Container Security API Guide.