Qualys Enhances ETM with Agentic AI for Identity Security and Threats
TL;DR
- Qualys has enhanced its Enterprise TruRisk Management (ETM) platform with agentic AI, introducing ETM Identity for unified identity and asset risk scoring, TruLens for real-time threat intelligence, and TruConfirm for automated exploit validation. These updates aim to empower organizations to proactively identify, prioritize, and remediate cyber risks before breaches occur, significantly improving overall cyber resilience.
Qualys Expands ETM with AI-Powered Features
Qualys has introduced enhancements to its Enterprise TruRisk Management (ETM) platform, incorporating agentic AI to bolster proactive risk management. The updates, revealed at Qualys' Risk Operations Conference (ROCon) in Houston, focus on identity security, predictive threat analysis, and exploit validation. These enhancements aim to enable organizations to anticipate and mitigate cyber risks before breaches occur. Read more about the announcement.
ETM Identity
ETM Identity is designed to reduce identity-related risks by providing visibility, context, and remediation across IAM systems. It integrates with on-premises Active Directory, Microsoft Entra ID, cloud identity providers (IdPs), and Identity as a Service (IDaaS) platforms. ETM Identity correlates identity and asset risk into a single Identity TruRisk™ score, facilitating the prioritization of exploitable attack paths and automating remediation. This includes securing high-risk service and machine identities to prevent lateral movement.
Corey Amsler, director of risk management at GE Vernova, noted the importance of aligning identity risk with asset risk for effective action. Qualys ETM Identity aims to unify these insights within the Risk Operations Center. Agent Grant, Qualys' AI coworker, can identify toxic privilege chains and AD to cloud attack paths, converting Identity TruRisk™ priorities into actionable steps. This includes automated remediations such as opening tickets, enforcing MFA, de-privileging accounts, or quarantining assets.
TruLens
TruLens delivers real-time, tailored threat intelligence to enhance the speed and precision of cyber risk detection, prioritization, and remediation. By applying live threat analysis and business impact context, TruLens dynamically re-ranks exposures, such as CISA KEV vulnerabilities, enabling teams to focus on critical fixes. It unifies fragmented threat and vulnerability data, enriching it with asset and business context to highlight risks affecting critical operations. Industry-specific intelligence is accessible via a Qualys mobile application, available in the Apple App Store and Google Play Store.
TruConfirm
TruConfirm validates the exploitability of exposures before attackers can leverage them. By executing real-world attack scenarios safely, TruConfirm identifies security control failures, providing actionable proof of risk. This attacker's perspective allows for faster prioritization and accelerates mitigation by closing the loop from detection to response. Qualys ETM orchestrates patching or mitigations through ITSM workflows, verifies remediation, and updates the TruRisk™ score. Combined with TruLens, TruConfirm ensures remediation efforts focus on exposures that reduce incident likelihood.
Shailesh Athalye, highlighted AI-powered Patch Reliability Scoring, which provides ITOps with a reliability score for each remediation. This enables adaptive, automated patching and intelligent mitigations.
Availability
Qualys ETM is generally available. ETM Identity, TruLens, and TruConfirm are available in preview.
