Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security

Qualys Cloud Agent.

A single agent for real-time, global visibility and response.

Over 100 million Cloud Agents actively deployed across the globe

IBM Security

Qualys Cloud Agent revealed that a tiny fraction of our desktops accounted for around 50 percent of our critical vulnerabilities—enabling us to obtain a dramatic improvement in our overall security posture for relatively little effort.

Eddie Dynes Information Security and Compliance Manager at London Gatwick Airport
Children's Mercy Kansas City

Qualys Cloud Agents really impressed us and were one of the main factors that led us to VMDR. The agents are extremely lightweight, use a tiny amount of CPU resources, and don't require system reboots. Today, we’ve pushed the agents out to 13,000 endpoints and servers, which deliver fine-grained vulnerability and configuration management insights every four hours helping us pinpoint zero-days and other critical threats faster.

Akshay Borla Security Engineer - Vulnerability Management at Children's Mercy Kansas City

Beyond traditional network scanning and response

Qualys Cloud Agents work where it’s not possible or practical to do network scanning. They’re our preferred method for assets like dynamic IP client machines, remote/roaming users, static and ephemeral cloud instances, and systems sensitive to external scanning. Qualys Cloud Agents continuously collect data from across your entire infrastructure and consolidate it in the Enterprise TruRisk Platform for you to view. Our Cloud Agents also allow you to respond to issues quickly. Whether it’s killing processes, quarantining files or endpoints, patching vulnerabilities, removing exploits, fixing misconfigurations, or uninstalling software, our singular agent can do it all.

Enhanced visibility

You can’t secure what you can’t see or don’t know. Deploying Qualys Cloud Agents provide organizations with real-time visibility of their global IT assets – regardless of location – illuminating the dark places within their networks, and providing actionable intelligence and response capabilities.

Flexible configuration

Unlock unparalleled flexibility with our Cloud Agent’s Configuration Profile Creation, featuring 30+ configurable parameters for precise customization. From CPU usage to scan frequencies, tailor every aspect to your needs. Ensure optimal data collection with recommended settings and explore advanced features for efficiency. Seamlessly integrate EDR, FIM, and PM modules with step-by-step guidance. The agent adapts to new manifests, making it agile and efficient. Elevate your security with the adaptable ally of our Cloud Agent.

Enterprise scalability

With tens of millions of agents deployed worldwide, Qualys Cloud Agents are built for scale. A true, single-agent architecture keeps the Qualys Cloud Agent smaller and more powerful than other multi-agent solutions. Rolling out additional IT, security, and compliance capabilities across global hybrid-IT environments can be achieved seamlessly without the burden of adding and managing additional single-purpose agents. Qualys Cloud Agents work with Asset Management, Vulnerability Management, Patch Management, EDR, Policy Compliance, File Integrity Monitoring, and other Qualys apps.

Beyond vulnerability management!

Qualys Cloud Agents do more than just identify critical and zero-day vulnerabilities; they gather local asset management information like application inventories, scan for vulnerabilities in low bandwidth situations, ensure policy compliance with a remote workforce, respond with decisive actions via EDR, and keep systems up to date with Patch Management – regardless of location. Qualys Cloud Agents also provide fully authenticated on-asset scanning, with enforcement, where it’s not possible or practical to perform network scans.

Installs everywhere

Quickly deploy our lightweight Cloud Agents to achieve real-time, fully authenticated IT security and compliance of your physical assets – like laptops, desktops, servers, tablets, smartphones, and OT devices. Qualys Cloud Agents also protect cloud, on-premises virtual environments, and even bare metal environments. Bake Cloud Agents into your Cloud workloads, VDI, public/private clouds, Kubernetes, and Docker to ensure each deployed instance inherits the security, compliance, and IT management capabilities. Flexible installation options make it easy to include the agent in the master server, Docker/Kubernetes, and Virtual Disk Images (VDIs). Cloud Agents run on all major desktop and mobile device operating systems. There is no need for complex credentials and firewall management. The Cloud Agent only communicates outbound to the Qualys platform. Qualys Agent has the industry’s widest coverage, including native agents for systems. Please refer to the Platform availability matrix for supported platforms.

Extend coverage with Qualys Gateway Service (QGS)

Hard-to-achieve visibility

Qualys Gateway Service lets your organization utilize Qualys Cloud Agents in secured environments. It securely extends the power of Enterprise TruRisk Platform into highly locked-down data centers, industrial networks, OT environments, and anywhere direct Internet access is restricted. It does this through virtual appliances managed from the Enterprise TruRisk Platform.


Together, Qualys Cloud Agent and Qualys Gateway Service provide an easily optimized, bandwidth-efficient platform. Qualys QGS eliminates the cost and complexity of deploying, managing, maintaining, and securing third-party proxies and web gateways for cloud agent installations at scale. It also creates a local cache for downloaded content from Qualys Cloud Agents such as manifests, updates, etc., and stores patches when used with Qualys Patch Management.

See for yourself. Try Qualys Today.

Start your trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.

Qualys Cloud Agents are lightweight and work across Qualys’ natively built IT, security, and compliance apps

Qualys Cloud Agents
Qualys Cloud Agent: Dashboard view | Qualys

Qualys Global AssetView

Knowing what’s on your global hybrid-IT environment is fundamental to security. Qualys Cloud Agents are the workhorse behind our Global AssetView (GAV) solution. They continuously monitor assets for real-time, detailed information that’s constantly transmitted to the Enterprise TruRisk Platform for analysis.

  • Installed Cloud Agents provide the ability to determine the security and compliance posture of each asset

  • Continuously monitor assets for the expired licensees, out-of-date operating systems, application versions, expired or soon-to-be-expired certificates, and more

  • Cloud Agents keep your inventory always up to date even when assets are offline

  • Know the location of your devices and when they access or leave the network

  • Asset Inventory Cloud Agents are Free!

Qualys Cloud Agent: Dashboard view | Qualys
Qualys VMDR Prioritization: Asset Tags view | Qualys

Qualys Vulnerability and Patch Management

The Qualys Cloud Agent brings additional real-time monitoring and response capabilities to the vulnerability management lifecycle.

  • Get 100% coverage of your installed infrastructure

  • Eliminate scanning windows

  • Continuously monitor assets for the latest operating system, application, and certificate vulnerabilities

  • Track critical patches that are missing on each device and deploy patches in real-time

  • Requires no credential management or complex firewall profiles

  • Improved Total Cost of Ownership (TCO) due to easier agent deployments and reduced maintenance

  • Improved flexibility and reduced overhead as the Qualys Cloud agent can perform both vulnerability and patch management functions

Qualys VMDR Prioritization: Asset Tags view | Qualys
Qualys Policy Compliance: Dashboard view | Qualys

Qualys Policy Compliance & File Integrity Monitoring

Cloud agents improve overall policy compliance efforts by providing the ability to perform configuration checks on endpoint systems, which is extremely difficult to do using traditional network scanning solutions.Qualys Cloud Agents are lightweight

  • Continuously evaluate in real-time all relevant asset security misconfigurations against standards and benchmarks such as PCI DSS, CIS, ISO, HIPAA, and more

  • Continuously log and track unauthorized changes to files across global IT systems

  • Automatically maintain up-to-date data without credential management or complex firewall remote access

Qualys Policy Compliance: Dashboard view | Qualys
Qualys EDR: Kill Process window | Qualys

Qualys Endpoint Detection and Response

Qualys Cloud Agents continuously collect and stream multi-vector endpoint data to the Enterprise TruRisk Platform, where the data is correlated, enriched, and prioritized. This provides security professionals with the intelligent context they need to respond to threats quickly and effectively.

  • Cloud Agents provide immediate access to endpoints for quick response

  • Kill processes, quarantine files, uninstall compromised applications, remove exploits, and fix misconfigurations – the Cloud Agent can do it all!

Qualys EDR: Kill Process window | Qualys
Qualys Cloudview: Cloud Dashboard view | Qualys

Qualys Cloud and Container Security

The Cloud Agent architecture greatly simplifies asset discovery, tracking, and compliance monitoring in containers and highly dynamic cloud environments like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure.

  • Embed Qualys Cloud Agents into the master images of your cloud servers

  • Cloud Agents automatically register, self-update, and track new instances created from the master images

  • Cloud Agents eliminate the need for separate discovery mechanisms

  • Continuous scanning with Cloud Agents removes the need to constantly spawn scanners for new instances

  • Cloud Agents keep your information always up to date even when virtual workloads are offline

  • Qualys Cloud Agents provide up-to-date cloud service provider (AWS, GCP, Azure) metadata

Qualys Cloudview: Cloud Dashboard view | Qualys
Qualys Cloudview: Cloud Dashboard view | Qualys

Cloud Agent Passive Sensor (CAPS)

Passive discovery with the Qualys Agent introduces a novel approach to passive discovery that is more efficient, easier to implement, does not require information on network design, and delivers results faster than other solutions on the market.

  • Continuously monitor the network and identify unmanaged and untrusted devices in real time.

  • Manage and control network access with precision (Zero-Trust Security Architecture) by proactively identifying devices connected to the network that are not authenticated or missing security agents, etc.

  • Add unmanaged devices to your vulnerability management program, scan for vulnerabilities and compliance issues, calculate your TruRisk score, and prioritize remediation actions based on business risk.

  • Turbocharge CMDB accuracy and coverage by automatically adding discovered assets to the configuration management database (CMDB).

  • Empower your IT team with the comprehensive visibility they need to effectively manage the asset inventory lifecycle and remediate cyber risk.

Qualys Cloudview: Cloud Dashboard view | Qualys
Qualys Cloudview: Cloud Dashboard view | Qualys

Runtime Software Composition Analysis (Runtime SCA)

Runtime Software Composition Analysis (SCA) offers continuous and real-time visibility of deeply embedded open-source packages and commercial software components such as Log4j and OpenSSL present in the production of first-party and third-party applications.

  • Provides visibility into your software supply chain on Day Zero to proactively address potential risks and fortify applications against emerging threats by expanding scanning capabilities across various programming languages, including Java, Go, .Net, Python, Node JS, Rust, Ruby, PHP, and more.

  • More than 15,000 new signatures covering more than 12,000 Common Vulnerabilities and Exposures (CVEs) are provided for the most widespread and significant, including Denial of Service (DoS), Regular Expression Denial of Service (ReDoS), Privilege Escalation, Directory/Path traversal, SQL Injection, and even the deserialization of trusted data.

  • Seamless integration with your existing workflows for vulnerability management, enabling efficient and automated reporting.

  • Customize scans to meet unique environment needs, including the ability to target specific paths to crawl or expand the scope to increase coverage and configure separate scan intervals, CPU usage, and more.

Qualys Cloudview: Cloud Dashboard view | Qualys
Qualys Cloudview: Cloud Dashboard view | Qualys

Cloud Agent for Custom Assessment and Remediation (CAR)

Qualys Custom Assessment and Remediation empowers security practitioners to create and execute custom scripts and create custom detections quickly. Scripts are centrally managed and executed anywhere a Qualys Cloud Agent exists. The service creates a library of reusable scripts and security controls using the preferred scripting language for the task.

  • Proactively detect & rapidly respond to known and Zero-Day vulnerabilities and reduce MTTR by 50%.

  • Secure and monitor custom applications identify and remove sensitive data (PCI Audits).

  • Streamline SecOps & InfoSec response with integrations with the platform and centralized control over scripts.

  • Support for a variety of scripting languages such as PowerShell, Python, and more.

Qualys Cloudview: Cloud Dashboard view | Qualys

Share data with third-party tools

All the data collected by the Qualys Cloud Agent installed in an IT environment resides within the Enterprise TruRisk Platform. Qualys’ extensive and easy-to-use XML API makes integrating your data with third-party tools easy. Some of the third-party products that have Qualys integrations are the following:

  • Security Information and Event Management (SIEM) products
  • Big data analytics platforms
  • Configuration management databases (CMDBs)
  • Help desk systems

See for yourself. Try Qualys Today.

Start your trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.