PR Newswire
Enhancements to Qualys ETM platform with integrated remediation help predict and prevent emerging threats to enable provable risk reduction for organizations
FOSTER CITY, Calif.
, Oct. 15, 2025 /PRNewswire/ — Qualys, Inc. (NASDAQ: QLYS), a leading provider of disruptive cloud-based IT, security and compliance solutions, today unveiled powerful new capabilities in Qualys Enterprise TruRisk Management (ETM) that strengthen proactive risk management, helping organizations to predict and guard against new and emerging attack vectors in the era of agentic AI. Announced at Qualys’ flagship Risk Operations Conference (ROCon) in Houston, the enhancements bolster identity security for both human and non-human identities, improve predictive threat analysis, and provide confirmation of an exposure’s exploitability safely, allowing security teams to anticipate and predict cyber risk before a breach happens.
The adoption of AI has increased the volume and complexity of attacks, while fueling a surge in non-human and autonomous identities that security teams must manage. As a result, many security teams are stretched thin, struggling to prioritize and respond effectively. Organizations need a proactive, intelligence-driven approach to breach prevention, tailored to their unique risk profile. Qualys ETM delivers this by aligning Identity Risk Posture Management, contextual threat intelligence for prioritization, and exposure exploitability validation with a unified Risk Operation Center (ROC) framework, enabling provable risk reduction at enterprise scale.
“Enterprises today need advanced solutions to address the growing risks from AI-driven threats and sophisticated adversaries,” said Tyler Shields, principal analyst at Omdia. “Qualys’ latest enhancements will help security teams operate with greater precision and efficiency for measurable risk reduction. Its Enterprise TruRisk Management (ETM) solution expands visibility to non-human and agentic AI identities and provides predictive, industry and environment-specific risk insights.”
These enhancements to Qualys ETM act as force multipliers within the ROC, unifying teams around a single risk language, TruRisk™ to prioritize and reduce the most critical risk factors with clarity and precision. ETM Identity uncovers identity-based risks through deep domain insights, TruLens prioritizes threats and adversaries based on real-time, industry-specific intelligence, and TruConfirm validates which vulnerabilities are truly exploitable within your environment, providing a quantifiable way to measure and verify real risk reduction. Beyond just identifying vulnerabilities, Qualys ETM helps close the loop from detection to response by pairing insights with guided, operationalized remediation.
ETM Identity
ETM Identity enables organizations to proactively reduce both human and non-human identity-related risks. It unifies visibility, context, and remediation across all identity and access management (IAM) systems, including on-premises Active Directory, Microsoft Entra ID, cloud identity providers (IdPs), and Identity as a Service (IDaaS) platforms, and correlates identity and asset risk into a single Identity TruRisk™ score. This allows security teams to focus on the most exploitable attack paths and automate remediation from detection through verified resolution, measurably shrinking the attack surface. By targeting lateral movement paths and securing high-risk service and machine identities, which are often the root cause of lateral movement in breaches, ETM Identity strengthens resilience and materially reduces identity-related breach potential.
“Identity risk has become one of the most exploited and least visible threats organizations face today,” said Corey Amsler, director of risk management at GE Vernova. “Security teams need unified insight, aligning identity risk with asset risk, in order to act decisively. No effective exposure management strategy is complete without it.”
TruLens
TruLens delivers real-time, tailored threat intelligence that enables organizations to detect, prioritize, and remediate cyber risks with greater speed and precision. By continuously applying live threat analysis and business impact context, TruLens dynamically re-ranks exposures, such as CISA KEV vulnerabilities, so teams focus on fixing what truly matters before threats escalate. It unifies fragmented threat and vulnerability data, enriches it with asset and business context, and surfaces the risks most likely to affect critical operations. With access through a mobile application and tailored, industry-leading intelligence, TruLens delivers actionable insights customized for your specific industry and environment, so leaders can make faster, more informed decisions across the organization.
TruConfirm
TruConfirm extends the value of the Qualys platform by proactively confirming the exploitability of an exposure before attackers get to it. By safely executing real-world attack scenarios, TruConfirm validates exploitability and identifies where security controls have failed, giving security teams clear, actionable proof of risk. This attacker’s perspective enables faster, more effective prioritization and accelerates mitigation by closing the loop from detection to response. Once a vulnerability is confirmed to be exploitable, Qualys ETM orchestrates patching or mitigations through ITSM workflows, verifies remediation, and automatically updates the TruRisk™ score. When combined with TruLens, TruConfirm ensures that remediation efforts are laser-focused on exposures that meaningfully reduce incident likelihood now.
“Agentic AI is transforming cybersecurity and forcing organizations to rethink how they manage risk. To stay ahead, they must proactively reduce risk, anticipate where attackers are most likely to strike, and clearly demonstrate the impact of their security investments,” said Sumedh Thakar, president and CEO of Qualys. “Qualys Enterprise TruRisk Management (ETM) rises to this challenge with expanded risk verification – now including user identities and exploit validation – providing the clarity and precision security leaders need. We’re empowering organizations to measure, communicate, and eliminate cyber risk in ways that drive real, verifiable risk reduction at the executive and board level.”
Availability
Qualys ETM is now generally available. ETM Identity, TruLens, and TruConfirm are now available in preview. Sign up at qualys.com/free-trial-new/enterprise-trurisk-management to be among the first to experience the future of these new capabilities, along with agentic AI.
Additional Resources
- Read our blog post, “Bringing the Power of Agentic AI for Identity Risk, Adaptive Threat Prioritization, and Exposure Exploitability Validation”
- Learn more about Qualys ETM at qualys.com/etm
- Sign up for a free trial of Qualys ETM at qualys.com/free-trial-new/enterprise-trurisk-management
- Register for the webinar on “Extending Your Risk Operations Center with Qualys ETM Identity”
- Follow Qualys on LinkedIn,Instagram and X
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Enterprise TruRisk Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Oracle Cloud Infrastructure, Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.
Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Media Contact:
Rachel Yap Winship
Qualys
[email protected]
View original content to download multimedia:https://www.prnewswire.com/news-releases/rocon-houston-2025-qualys-expands-enterprise-trurisk-management-etm-with-built-in-agentic-ai-fabric-to-include-identity-security-industry-specific-threat-prioritization-and-exploit-validation-302584266.html
SOURCE Qualys, Inc.
