Qualys Container Security vs. Runecast Comparison


Qualys Container Security Qualys	Runecast Runecast Solutions	+	+
Learn More Update Features	Learn More Update Features	Add To Compare	Add To Compare


		Related Products Chainguard Chainguard Containers are a guarded catalog of 1,700+ minimal, zero-CVE container images with a best-in-class CVE remediation SLA (7 days for critical severity, 14 days for high, medium and low) that helps customers build and deploy software better. Modern software development practices and deployment pipelines require secure, up-to-date containerized applications for cloud-native applications. Chainguard builds minimal images continuously from source in our hardened build infrastructure, with only the components required to build and run your applications. Aimed at engineering organizations and security teams alike, Chainguard Containers reduce costly engineering toil around vulnerability management, enhance the security posture of applications by eliminating attack surface, and unlock revenue by simplifying compliance with key frameworks and customer requirements. 49 Ratings Visit Website Astra Pentest Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also conducts all tests required to comply with ISO 27001, HIPAA, SOC2, and GDPR. Astra offers an interactive pentest dashboard that the user can use to visualize vulnerability analyses, assign vulnerabilities to team members, and collaborate with security experts. And if the users don’t want to get back to the dashboard every time they want to use the scanner or assign a vulnerability to a team member, they can simply use the integrations with CI/CD platforms, Slack, and Jira. 246 Ratings Visit Website Aikido Security Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks to: - False-positive reduction - AI Autotriage & AI Autofix - Deep integration into the dev workflow (from IDEs and task managers to CI/CD gating) - AI Pentests - Automated Compliance Aikido covers the entire Software Development Lifecycle (SDLC), including: static application security testing (SAST), dynamic application security testing (DAST), infrastructure-as-code (IaC), container scanning, secrets detection, open source license scanning (SCA), cloud posture management (CSPM), runtime protection, AI pentests, and more. 226 Ratings Visit Website Wiz Wiz is a new approach to cloud security that finds the most critical risks and infiltration vectors with complete coverage across the full stack of multi-cloud environments. Find all lateral movement risks such as private keys used to access both development and production environments. Scan for vulnerable and unpatched operating systems, installed software, and code libraries in your workloads prioritized by risk. Get a complete and up-to-date inventory of all services and software in your cloud environments including the version and package. Identify all keys located on your workloads cross referenced with the privileges they have in your cloud environment. See which resources are publicly exposed to the internet based on a full analysis of your cloud network, even those behind multiple hops. Assess the configuration of cloud infrastructure, Kubernetes, and VM operating systems against your baselines and industry best practices. 1,446 Ratings Visit Website Kasm Workspaces Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web browsing. Kasm is not just a service; it is a highly configurable platform with a robust developer API and devops-enabled workflows that can be customized for your use-case, at any scale. Workspaces can be deployed in the cloud (Public or Private), on-premise (Including Air-Gapped Networks or your Homelab), or in a hybrid configuration. 125 Ratings Visit Website ManageEngine Endpoint Central ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the entire endpoint lifecycle, all from a single console. With automated patching across Windows, Mac, Linux and 1,000+ third-party applications, it ensures vulnerabilities are mitigated before attackers can exploit them. Its next-gen antivirus (NGAV) feature, powered by AI-driven behavioural detection, provides 24/7 protection against ransomware, malware, and zero-day threats. Endpoint Central further strengthens enterprise defenses with a broad set of security capabilities, including vulnerability assessment and mitigation, peripheral device control, data loss prevention, application control, endpoint privilege management, encryption with FileVault and BitLocker, and browser security. 2,699 Ratings Visit Website ZeroPath ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix vulnerabilities. ZeroPath provides complete security coverage: 1. AI-powered SAST for business logic flaws & broken authentication 2. SCA with reachability analysis 3. Secrets detection and validation 4. Infrastructure as Code 5. Automated patch generation. any more... ZeroPath delivers 2x more real vulnerabilities with 75% fewer false positives. Our research team has been successful in finding vulns like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce. Trusted by 750+ companies and performing 200k+ code scans monthly. 2 Ratings Visit Website Criminal IP ASM Criminal IP ASM delivers a threat intelligence-powered approach to attack surface management by combining continuous asset discovery with deep threat analysis across IPs, domains, OSINT, and associated infrastructure. Built on Criminal IP’s advanced scanning and enrichment capabilities, it brings Threat Intelligence context such as vulnerability intelligence, C2 detections, malicious IP/domain correlations, and dark web exposure into every layer of asset discovery in an integrated approach that empowers security teams to proactively identify, prioritize, and mitigate threats before they are exploited. 18 Ratings Visit Website Pikmykid Pikmykid is the leading safety and dismissal platform that empowers schools to simplify dismissal, engage parents, and keep students safe without the need to purchase, install, or support additional hardware. Designed by former educators and parents, Pikmykid has helped more than 2,000 schools in all 50 states eliminate the busy work and vulnerabilities of dismissal so that teachers have more time to teach, admins aren’t bogged down in carpool calls, and principals can account for every student at the end of the day. And with extensive SIS integrations, Pikmykid easily fits into your schools’ existing ecosystems to make the tools you already have that much more powerful. 234 Ratings Visit Website SOCRadar Extended Threat Intelligence SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack Surface Management, Cyber Threat Intelligence, and Digital Risk Protection into a single, easy-to-use solution. This enables your organization to discover hidden vulnerabilities, detect data leaks, and shut down threats like phishing and brand impersonation before they can harm your business. By combining these critical security functions, SOCRadar replaces the need for separate, disconnected tools. Our holistic approach offers a streamlined, modular experience, providing a complete, real-time view of your threat landscape to help you stay ahead of attackers. 104 Ratings Visit Website
About Qualys CS features a vulnerability analysis plug-in for CI/CD tool Jenkins, and soon for other CI/CD tools including Bamboo, TeamCity, and CircleCI. You can download the plugins directly from within the container security module. With Qualys CS, security teams can participate in the DevOps process to gate vulnerable images entering the system, while developers get actionable data to remediate vulnerabilities. Configure policies for preventing vulnerable images from entering the repositories. Set policies based on criteria such as vulnerability severity, and specific QIDs. Review from within the plug-in a summary of the build with its vulnerabilities, information on patchable software and fixed versions, and image layers where it is present. Container infrastructure is immutable in nature, which means containers need to be identical to the images they are baked from.	About Runecast is an enterprise CNAPP platform that saves your Security and Operations teams time and resources by enabling a proactive approach to ITOM, CSPM, and compliance. It automates vulnerability assessment, configuration drift management and continuous compliance – for VMware, Cloud and Containers. By proactively using our agentless scanning in real-time admins discover potential risks and remediation solutions before any issues can develop into a major outage. It provides continuous audits against vendor best practices, common security standards, and frameworks such as BSI IT-Grundschutz, CIS, Cyber Essentials, DISA STIG, DORA, Essential 8, GDPR, HIPAA, ISO 27001, KVKK, NIST, PCI DSS, TISAX, VMware Security Hardening Guidelines, and the CISA KEVs catalog. Detect and assess risks and be fully compliant across your hybrid cloud in minutes. Runecast has been recognized with Frost & Sullivan's 2023 European New Product Innovation Award in the CNAPP industry.
Platforms Supported Windows Mac Linux Cloud On-Premises iPhone iPad Android Chromebook	Platforms Supported Windows Mac Linux Cloud On-Premises iPhone iPad Android Chromebook
Audience Companies searching for a Container Security platform	Audience Proactive Best Practice & Security Analysis for AWS, Azure, Kubernetes, VMware & Windows & Linux OS.
Support Phone Support 24/7 Live Support Online	Support Phone Support 24/7 Live Support Online
API Offers API	API Offers API
Screenshots and Videos View more images or videos	Screenshots and Videos View more images or videos
Pricing No information available. Free Version Free Trial	Pricing No information available. Free Version Free Trial
Reviews/Ratings Overall 0.0 / 5 ease 0.0 / 5 features 0.0 / 5 design 0.0 / 5 support 0.0 / 5 This software hasn't been reviewed yet. Be the first to provide a review: Review this Software	Reviews/Ratings Overall 0.0 / 5 ease 0.0 / 5 features 0.0 / 5 design 0.0 / 5 support 0.0 / 5 This software hasn't been reviewed yet. Be the first to provide a review: Review this Software
Training Documentation Webinars Live Online In Person	Training Documentation Webinars Live Online In Person
Company Information Qualys Founded: 1999 United States www.qualys.com/apps/container-security/	Company Information Runecast Solutions Founded: 2014 United Kingdom www.runecast.com
Alternatives NeuVector SUSE	Alternatives Kloudle
Kubescape Armo	Sunbird DCIM Sunbird Software Inc.
Root	SolarWinds Virtualization Manager SolarWinds
Aqua Aqua Security	Fidelis Halo Fidelis Security
Clair View All	Trend Micro Hybrid Cloud Security Trend Micro View All
Categories Container Security	Categories Cloud Compliance Cloud Security Cloud Security Posture Management (CSPM) Cloud Workload Protection Cloud-Native Application Protection Platforms (CNAPP) Container Security Data Center Management Data Center Security GDPR Compliance HIPAA Compliance ISO Compliance Network Monitoring PCI Compliance Security Risk Assessment Server Virtualization Virtualization Vulnerability Scanners
	Container Security Features Access Roles / Permissions Application Performance Tracking Centralized Policy Management Container Stack Scanning Image Vulnerability Detection Reporting Testing View Container Metadata Show More Features Cloud Security Features Antivirus Application Security Behavioral Analytics Encryption Endpoint Management Incident Management Intrusion Detection System Threat Intelligence Two-Factor Authentication Vulnerability Management Cloud Workload Protection Features Anomaly Detection Asset Discovery Cloud Gap Analysis Cloud Registry Data Loss Prevention (DLP) Data Security Governance Logging & Reporting Machine Learning Security Audit Workload Diversity Data Center Management Features Audit Trail Behavior-Based Acceleration Cross Reference System Device Auto Discovery Diagnostic Testing Import / Export Data JCL Management Multi-Platform Multi-User Power Management Sarbanes-Oxley Compliance GDPR Compliance Features Access Control Consent Management Data Mapping Incident Management PIA / DPIA Policy Management Risk Management Sensitive Data Identification HIPAA Compliance Features Access Control / Permissions Audit Management Compliance Reporting Data Security Documentation Management For Healthcare Incident Management Policy Training Remediation Management Risk Management Vendor Management Network Monitoring Features Bandwidth Monitoring Baseline Manager Diagnostic Tools Internet Usage Monitoring IP Address Monitoring Real Time Analytics Resource Management Server Monitoring SLA Monitoring Uptime Monitoring Web Traffic Reporting PCI Compliance Features Access Control Compliance Reporting Exceptions Management File Integrity Monitoring Intrusion Detection System Log Management Patch Management PCI Assessment Policy Management Server Virtualization Features Audit Management Health Monitoring Live Machine Migration Multi-OS Virtual Machines Patching / Backup Performance Log Performance Optimization Rapid Provisioning Security Management Type 1 / Type 2 Hypervisor Virtualization Features Archiving & Retention Capacity Monitoring Data Mobility Desktop Virtualization Disaster Recovery Namespace Management Performance Management Version Control Virtual Machine Monitoring Vulnerability Scanners Features Asset Discovery Black Box Scanning Compliance Monitoring Continuous Monitoring Defect Tracking Interactive Scanning Logging and Reporting Network Mapping Perimeter Scanning Risk Analysis Threat Intelligence Web Inspection
Integrations Akitra Andromeda Bamboo CircleCI Cyclops Docker HPE Ezmeral HivePro Uni5 Jenkins Jira Align Kubernetes OctoXLabs Refold Resmo Seconize DeRisk Center ServiceNow ThreatAdvisor ThreatAware VMware vSphere Veriti anecdotes Show More Integrations View All 30 Integrations	Integrations Akitra Andromeda Bamboo CircleCI Cyclops Docker HPE Ezmeral HivePro Uni5 Jenkins Jira Align Kubernetes OctoXLabs Refold Resmo Seconize DeRisk Center ServiceNow ThreatAdvisor ThreatAware VMware vSphere Veriti anecdotes Show More Integrations View All 4 Integrations
Claim Qualys Container Security and update features and information Claim Qualys Container Security and update features and information	Claim Runecast and update features and information Claim Runecast and update features and information