About Client

The Client is a leading provider of next-generation endpoint protection, threat intelligence and related services. Their software enables customers to prevent damage from targeted attacks, detects and attributes advanced malware and adversary activity in real time. The detection and attribution of the malware is performed jointly by the client-side driver and via data-processing in the cloud. The application is not a traditional antivirus, instead it compliments antivirus and fills the gap in the ‘pattern based detection’ nature of the antivirus software.


  • As is the challenge of developing any security software that resides on the endpoint, the client is keen on finding out performance impact before their customers report such issues. Given the fact that multiple operating systems are supported by the ‘Application Under Test’ (AUT) and it’s a constantly evolving application, another concern is quick and effective coverage across various supported platforms.
  • Another key interest is to identify the impact of having security software of different kinds on the same host. As the AUT works on behaviour/intelligence based detection whereas traditional antivirus works based on pattern detection, client is interested in finding out whether AUT falsely flags any trusted/reputed antivirus or vice-versa.
  • For benchmarking purposes, client is also interested in using known exploits/tools to trigger detections and validating those using predefined rules.
  • Since endpoint application generated events are actually stored and processed via cloud hosted service, client also wants functionality and usability validation of end-user facing UI for cloud’s front-end
  • Another desire of Engineering team at the client-end is to integrate all automated endpoint and cloud related tests such that they form an end-to-end validation flow.
  • Client is also interested in rolling out improved APIs to their customers but this requires validation of various positive and negative scenarios