QScanner: Linux command-line utility for scanning container images, conducting SCA


QScanner is a Linux command-line utility tailored for scanning container images and performing Software Composition Analysis (SCA). It is compatible with diverse container orchestration systems, container runtimes, and operating systems.

QScanner features

Instant console results: Scan for vulnerabilities and receive real-time results directly on the console.

Integration: Seamlessly integrate QScanner with your CI/CD pipelines and leverage the benefits of security policy-based evaluations.

Runtime support: QScanner is compatible with multiple container runtimes enabling flexibility in deployment options. Currently, QScanner supports Docker, containerd, and cri-o runtimes.

Software Composition Analysis: In addition to vulnerability scanning, QScanner supports scanning software packages. The SCA feature is enabled by default across diverse codebases. It covers many programming languages, including Ruby, Rust, PHP, Java, Go, Python, .NET, and Node.js.

QScanner is available for free on the Qualys website.

Must read:



Source link