Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs

Andrew Morrisett

Last updated on: April 12, 2024

Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations – SE Labs and AV-Test.

These prestigious validations underscore Qualys’ mission to deliver best-in-class malware protection as part of our comprehensive endpoint security capabilities.

The Necessity of Third-Party Testing

While Qualys has long been recognized as a trusted provider of innovative and effective cybersecurity solutions, we understand the importance of independent testing. It instills confidence through objective validation by respected third parties renowned for their rigorous methodologies.

In the endpoint security market, there is a “trust but verify” mentality. Third-party testing provides an unbiased assessment, helping organizations make informed decisions by separating marketing hype from reality. Certifications from SE Labs and AV-Test serve as beacons of credibility, guiding customers to solutions that deliver real results.

Qualys TruRisk Platform Advantage

Traditional stand-alone endpoint security products solely focus on trying to respond faster, without helping their customers to mitigate their overall security risk and avoid future attacks. Powered by the Qualys Enterprise TruRisk Platform, Qualys Endpoint Detection & Response is the only solution that unifies asset criticality, vulnerabilities, misconfigurations, patching, and threat context. Our approach goes beyond just looking at tactics, techniques, and indicators of compromise (TTPs/IOCs).

The Qualys Enterprise TruRisk Platform identifies the vulnerabilities and misconfigurations that enabled the attack in the first place, allowing remediation in real time to reduce risk, and preventing lateral movement and future compromise. Combining this context with a broad set of real-time endpoint, network, and web telemetry, security teams have the data they need to prioritize threats and act decisively.

Cutting-Edge Threat Detection Capabilities

Qualys Endpoint Detection & Response leverages a multi-layered approach combining signatureless techniques like machine learning models, behavioral rules, threat intelligence, and other advanced detection methods updated in real-time by our dedicated threat research team. This detection approach ensures protection against the latest malware strains and adversarial tactics. Our solution also utilizes our Qualys Cloud Threat Database, which correlates more than 25 different threat intelligence feeds into a single source for all Qualys products to leverage.

One significant source of intelligence comes from the Blue Hexagon ML-based malware detection platform that feeds into the Cloud Threat Database. Employing state-of-the-art deep learning algorithms, this framework swiftly identifies and flags malicious entities within milliseconds, boasting unparalleled efficacy. This rapid response ensures that the database is continuously enriched with up-to-the-minute threat insights, even when encountering previously unseen samples. Through iterative learning, the models discern patterns that distinguish between malicious and benign samples, facilitating their ability to generalize and detect threats not encountered during the training phase. This approach underscores the versatility and efficacy of ML-driven detection mechanisms in handling novel threats.

Independent Test Results:

SE Labs:

  • Malware detection rate (known samples): 100%
  • Malware detection rate (unknown samples): 100%
  • False positive rate: 0%

The sample selection comprised the 250 most recent, prevalent, and verified threats, plus checks for false positives using 1,000 standard Microsoft Windows files.


  • 100% detection of widespread and prevalent malware from the last 4 weeks (15,362 samples)
  • 100% protection against 0-day malware attacks, including web and email threats (278 samples)


This level of malware detection efficacy, combined with our prevention, response, and remediation capabilities, allows Qualys Endpoint Detection & Response to block even the most sophisticated threats. By consolidating comprehensive endpoint security on the same lightweight cloud agent used by millions of customers, Qualys provides a truly unified solution for protecting distributed environments at lower cost and complexity. Gain 360-degree security visibility and control over endpoints, on-premises, and cloud assets – centrally managed from one platform.

Share your Comments


Your email address will not be published. Required fields are marked *