KCS

Kubernetes and Container Security

Your Cloud. De-risked.

Discover, track, and continuously secure Kubernetes and containers from build to runtime.

Try KCS Now Speak to an Expert

De-risk your cloud with KCS – an integral part of Qualys TotalCloud™ 2.0 – an AI-powered CNAPP solution

Discover and inventory container assets

Unlock continuous discovery and tracking of containers and images, including:

Pre-built dashboards and customizable widgets.
Topographic information on the container environments: images, registries, associated containers (active and dormant), and hosts.
Comprehensive metadata for every image, including labels, tags, installed software, layers, and association information.

Kubernetes & Container Security Overview Dashboard

Container-native vulnerability analysis

Rapidly analyze threats with high-accuracy vulnerability scanning and eliminate false positives to deliver:

Comprehensive coverage, from standard Linux OS distributions to container-centric OSes (like CoreOS and Alpine), applications (like NGINX, PostgreSQL, MySQL, Redis, and MongoDB), and programming languages (like Python, NodeJS, RubyGems, GoLang, and Java).
Detailed reports of vulnerable software with patchable version information.
Identify the composition of the image using layer details gathered by Qualys CS.

Vulnerability analysis in the DevOps pipeline

Integrate with CI/CD tools like Jenkins, Bamboo, TeamCity, and CircleCI to:

Provide actionable data to developers to remediate vulnerabilities.
Set policies based on criteria such as severity QID to prevent vulnerable images from entering repositories.
Review specific vulnerabilities and patch data from within the plugin.

Try Now

Qualys TotalCloud detects malware at least four hours faster than our previous approach. Earlier detection is crucial, because the sooner we can identify and act on threats such as zero-days, the lower the risk that an attack will succeed and spread through our network.

Watch Now

Nemi George

Vice President, Information Security Officer

Deploying Qualys CDR for AWS and Azure with just a few clicks, in a matter of minutes, across multiple AWS and Azure subscriptions, was a game changer for our security team. We have a complex environment with many controls, and TotalCloud team worked with us on integration with existing solutions including Secure Web Gateways and integrated SIEM. With their engineering team, together made sure all the security finds were tightly integrated with our SIEM platform. I have rarely seen this level of competency and engagement effort from a vendor.

Mark Wootton

Head of Trust & Vulnerability Management, Centrica

Qualys is enhancing its widely used platform to deliver visibility, context, speed, automation, and orchestration in a comprehensive solution to help organizations scale their security and compliance programs for modern software development. Qualys TotalCloud incorporates security into development workflows, enabling them to release secure, reliable code, while giving security teams the control and visibility they need to manage risk by reducing their attack exposure and rapidly responding to threats.

Melinda Marks

Practice Director, Cybersecurity at ESG

The Qualys approach [to runtime security] empowers security to follow the container image with built-in instrumentation, enabling visibility and behavior enforcement for running containers across all types of container infrastructure.

Frank Dickson

Program Vice President, IDC Cybersecurity Products

Detect drift

Detect vulnerabilities and configuration drift in the running containers and gain a complete understanding of anomalies via a granular classification of rogue vulnerabilities and software packages.

Identify risks

Analyze vulnerability scans on images and containers and identify risks.

Inventory assets

Discover container environments: images, registries, and associated containers.

Get a comprehensive inventory of container assets with continuous discovery and tracking

Gain deep visibility and security across on-premises container environments and managed containers across multiple cloud providers.

Try Now No-Cost, 30-Day Trial

Introducing TotalCloud 2.0 with TruRisk Insights

Qualys TotalCloud™ Cybersecurity Asset Management Dashboard

Powered by the Enterprise TruRiskTM Platform

The Enterprise TruRisk Platform provides you with a unified view of your entire cyber risk posture so you can efficiently aggregate and measure all Qualys & non-Qualys risk factors in a unified view, communicate cyber risk with context to your business, and go beyond patching to eliminate the risk that threatens the business in any area of your attack surface.

Learn More

Explore CS Product Tours

Discovering shadow containerized workloads

Finding unknown container workloads that are popping up and not in your risk management radar.

DID YOU KNOW?

According to Deloitte, about 20-30% of security incidents occur due to bind spots in network and application visibility

What does it contain?

Setting up a tracking dashboard
Discovering blind spots
Download General Sensor
Filing a JIRA ticket with SLA to ensure Qualys General Sensor is installed

Tour this use case

Patching vulnerable containerized workloads

Assessing the risk from your containerized workloads and patching the riskiest ones.

DID YOU KNOW?

The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches, according to Verizon’s 2024 Data Breach Investigations Report