Qualys Container Security 1.3.2 Release Updates

This release delivers new features to streamline workflows and strengthen your container security posture.

Track CI/CD Pipeline Security:

Gain instant insights into CI/CD build failures with the “CI/CD Events” tab. Analyze policy details, associated rules, and resource information to pinpoint issues and prevent vulnerable deployments.
Benefit: Improved security posture across the CI/CD pipeline.

Effortless GitHub Container Registry (GHCR) Management:

The dedicated GHCR registry connector simplifies image scanning. Easily scan images for vulnerabilities, misconfigurations, malware, and leaked secrets directly within the GHCR environment.
Benefit: Improved workflow to scan images within GHCR

Uncover Hidden Threats:

Generate comprehensive reports on detected malware within container images using the new “CS_IMAGE_MALWARE” report template.
Benefit: Proactive identification of malware threats.

Dynamic Vulnerability Filtering:

Dynamic lists offer granular control over vulnerability filtering. These lists automatically update based on your criteria (e.g., severity levels), ensuring you focus on the most critical threats.
Benefit: Prioritize remediation efforts with better vulnerability filtering.

Enhanced Secret Detection Accuracy:

The secret detector’s Regex field now supports the backslash character. This feature allows you to define complex patterns for improved accuracy in identifying leaked secrets within containers.
Benefit: Reduce false positives and identify a wider range of potential security breaches.