QScanner: Linux command-line utility for scanning container images, conducting SCA

QScanner is a Linux command-line utility tailored for scanning container images and performing Software Composition Analysis (SCA). It is compatible with diverse container orchestration systems, container runtimes, and operating systems.

QScanner features

Instant console results: Scan for vulnerabilities and receive real-time results directly on the console.

Integration: Seamlessly integrate QScanner with your CI/CD pipelines and leverage the benefits of security policy-based evaluations.

Runtime support: QScanner is compatible with multiple container runtimes enabling flexibility in deployment options. Currently, QScanner supports Docker, containerd, and cri-o runtimes.

Software Composition Analysis: In addition to vulnerability scanning, QScanner supports scanning software packages. The SCA feature is enabled by default across diverse codebases. It covers many programming languages, including Ruby, Rust, PHP, Java, Go, Python, .NET, and Node.js.

QScanner is available for free on the Qualys website.

Must read:

• 33 open-source cybersecurity solutions you didn’t know you needed
• 20 free cybersecurity tools you might have missed
• 15 open-source cybersecurity tools you’ll wish you’d known earlier
• 20 essential open-source cybersecurity tools that save you time