UPDATED 20:59 EST / AUGUST 04 2021

CLOUD

Qualys partners with Red Hat to secure OpenShift and CoreOS

Cybersecurity software provider Qualys Inc. is joining forces with Red Hat Inc. to beef up security for enterprise Linux and Kubernetes deployments.

In particular, Qualys will bring its Cloud Agent to Red Hat Enterprise Linux CoreOS on Red Hat OpenShift, it said today. The move should help to better secure both systems, the company said.

The Qualys Cloud Agent is a lightweight software agent that uses minimal computing resources as it runs alongside CoreOS and OpenShift. It runs in the background and works by first making a full configuration assessment of its host platform. That snapshot is sent to the Qualys Cloud Platform hosted, as the name suggests, in the cloud. The agent is said to be self-updating and self-healing, so users will only need to install it once.

OpenShift is Red Hat’s specialized Kubernetes distribution, which is used to orchestrate large fleets of containers that host the components of modern applications that can run on any cloud or infrastructure. As for CoreOS, this is a special version of the Red Hat Enterprise Linux operating system that works with OpenShift to enable companies to run container-based apps on-premises or in the cloud.

What’s happening with today’s integration is that the CoreOS Cloud Agent for OpenShift will now work in-step with Qualys’s Container Security Runtime. By doing this, it enables continuous discovery of packages and vulnerabilities throughout the full OpenShift stack, the companies said. More specifically, it works by placing a snipped of the Qualys code in each container image, which enables policy-driven monitoring, detection and blocking of any unwanted container behavior at runtime.

The companies said this does away with the need for privileged containers and host-based sidecar management to prevent vulnerability-based attacks, which involve a lot more work. The Qualys Agent will work within each container regardless of where it’s hosted.

Qualys Security Solutions Architect Spencer Brown explained in a blog post that vulnerability detection and threat management for apps or services delivered via containers has traditionally been difficult and impractical to achieve, due to the lack of a comprehensive detection and threat assessment capability at the container and host level

By implementing the Qualys Cloud Agent in CoreOS on OpenShift, users will be able to see their full inventory of installed software, open ports and Red Hat Security Advisories for each RHEL CoreOS node they have up and running.

“Inventory is the first step in securing any assets, and with Red Hat Enterprise Linux CoreOS it’s no different,” Brown said. “Without a consolidated inventory including information such as installed packages, open ports, users and hardware, it’s nearly impossible to secure what you don’t know.”

The service also tracks and manages host status, so it can warn of new security patches and anything that breaks compliance.

Qualys President and Chief Executive stressed that it’s important for teams that support modern applications to secure both the container images and the underlying OpenShift cluster. “By collaborating with Red Hat, we have built a unique approach to secure Red Hat Enterprise Linux CoreOS that provides complete control over containerized workloads,” he said.

Images: Qualys

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU