Now security teams can implement a container security program with a single solution that includes vulnerability management, and detection and response across the build-ship-run container pipeline. Qualys has announced Container Runtime Security, which provides runtime defense capabilities for containerized applications.

Qualys Runtime Container Security, once instrumented in the image, will work within each container irrespective of where the container is instantiated and does not need any additional administration containers.

This new solution addresses, in real time, container security use cases like critical file-access monitoring and blocking, network micro-segmentation, vulnerability and exploit mitigation, and virtual patching.

With Qualys Container Runtime Security, customers can perform policy-driven monitoring and blocking of container runtime behavior including file access, network communications and process behaviors.

They can also create granular custom behavioral policies, use policies from the built-in policy library or automatically generate policies based on learned container behaviors.

Qualys Container Runtime Security helps instrument container images in the CI/CD build pipeline with a “follow the image” instrumentation approach.

It allows for standardized, guaranteed container runtime security across all types of container environments like Docker, Kubernetes, AWS Elastic Kubernetes Service, AWS Elastic Container Service, Azure Kubernetes Service, and Google Kubernetes Engine, as well as including container-as-a-service environments like Azure Container Instances, AWS Fargate and Google CloudRun.

Qualys Container Security solution with runtime capabilities is now available.