Qualys Enhances ETM with Agentic AI for Identity Security and Threats

Qualys ETM AI cybersecurity Identity security Threat intelligence Risk management Cyber resilience TruLens ETM Identity TruConfirm
Lalit Choda
Lalit Choda

Founder & CEO @ Non-Human Identity Mgmt Group

 
October 29, 2025 3 min read

TL;DR

Qualys has enhanced its Enterprise TruRisk Management (ETM) platform with agentic AI, introducing ETM Identity for unified identity and asset risk scoring, TruLens for real-time threat intelligence, and TruConfirm for automated exploit validation. These updates aim to empower organizations to proactively identify, prioritize, and remediate cyber risks before breaches occur, significantly improving overall cyber resilience.

Qualys Expands ETM with AI-Powered Features

Qualys has introduced enhancements to its Enterprise TruRisk Management (ETM) platform, incorporating agentic AI to bolster proactive risk management. The updates, revealed at Qualys' Risk Operations Conference (ROCon) in Houston, focus on identity security, predictive threat analysis, and exploit validation. These enhancements aim to enable organizations to anticipate and mitigate cyber risks before breaches occur. Read more about the announcement.

ETM Identity

ETM Identity is designed to reduce identity-related risks by providing visibility, context, and remediation across IAM systems. It integrates with on-premises Active Directory, Microsoft Entra ID, cloud identity providers (IdPs), and Identity as a Service (IDaaS) platforms. ETM Identity correlates identity and asset risk into a single Identity TruRisk™ score, facilitating the prioritization of exploitable attack paths and automating remediation. This includes securing high-risk service and machine identities to prevent lateral movement.

Dashboard voor ACME Corporation met de identiteitsrisicoscore, een trendgrafiek van de TruRisk-score, het totaal aan beveiligde middelen en het aantal AD-kwetsbaarheden en -misconfiguraties.
Image courtesy of Techzine Global

Corey Amsler, director of risk management at GE Vernova, noted the importance of aligning identity risk with asset risk for effective action. Qualys ETM Identity aims to unify these insights within the Risk Operations Center. Agent Grant, Qualys' AI coworker, can identify toxic privilege chains and AD to cloud attack paths, converting Identity TruRisk™ priorities into actionable steps. This includes automated remediations such as opening tickets, enforcing MFA, de-privileging accounts, or quarantining assets.

TruLens

TruLens delivers real-time, tailored threat intelligence to enhance the speed and precision of cyber risk detection, prioritization, and remediation. By applying live threat analysis and business impact context, TruLens dynamically re-ranks exposures, such as CISA KEV vulnerabilities, enabling teams to focus on critical fixes. It unifies fragmented threat and vulnerability data, enriching it with asset and business context to highlight risks affecting critical operations. Industry-specific intelligence is accessible via a Qualys mobile application, available in the Apple App Store and Google Play Store.

TruLens-Landing-1-1-scaled
Image courtesy of Qualys

TruConfirm

TruConfirm validates the exploitability of exposures before attackers can leverage them. By executing real-world attack scenarios safely, TruConfirm identifies security control failures, providing actionable proof of risk. This attacker's perspective allows for faster prioritization and accelerates mitigation by closing the loop from detection to response. Qualys ETM orchestrates patching or mitigations through ITSM workflows, verifies remediation, and updates the TruRisk™ score. Combined with TruLens, TruConfirm ensures remediation efforts focus on exposures that reduce incident likelihood.

image-19-1-scaled
Image courtesy of Qualys

Shailesh Athalye, highlighted AI-powered Patch Reliability Scoring, which provides ITOps with a reliability score for each remediation. This enables adaptive, automated patching and intelligent mitigations.

Availability

Qualys ETM is generally available. ETM Identity, TruLens, and TruConfirm are available in preview.

Lalit Choda
Lalit Choda

Founder & CEO @ Non-Human Identity Mgmt Group

 

NHI Evangelist : with 25+ years of experience, Lalit Choda is a pioneering figure in Non-Human Identity (NHI) Risk Management and the Founder & CEO of NHI Mgmt Group. His expertise in identity security, risk mitigation, and strategic consulting has helped global financial institutions to build resilient and scalable systems.

Related Articles

verifiable proofs

Rethinking Customer Data: AI and Privacy-Preserving Solutions

Move beyond storing customer data. Discover how verifiable proofs and personhood credentials like zkTLS are revolutionizing online identity, boosting security, and enhancing privacy. Learn more!

By Lalit Choda October 29, 2025 10 min read
Read full article
BIO-key funding

BIO-key's Fundraising Urgency and Fingerprint Cards' Growth Surge

Discover how BIO-key raised $4.23M and partnered with IT2Trust for Nordic expansion. Plus, Fingerprint Cards' impressive 35% revenue growth. Read now!

By Lalit Choda October 29, 2025 2 min read
Read full article
ConductorOne funding

ConductorOne Secures $79M for AI-Native Identity Security Platform

ConductorOne secures $79M Series B led by Greycroft to advance AI-native identity security. Discover how they're unifying IGA, IAM, and PAM. Learn more!

By Lalit Choda October 29, 2025 2 min read
Read full article
AI impersonation

Navigating Identity Crisis: Rethinking Security Perimeters

AI is revolutionizing impersonation tactics. Discover how to defend against AI-driven attacks and secure your digital identity. Learn about new security mandates.

By Lalit Choda October 29, 2025 4 min read
Read full article