New Capabilities Include Identity Security, Industry-Specific Threat Prioritization, and Exploit Validation
Mumbai, October 17, 2025 – Qualys, Inc. (NASDAQ: QLYS), a global leader in cloud-based IT, security, and compliance solutions, has announced significant enhancements to its Enterprise TruRisk Management (ETM) platform. The expanded capabilities leverage a built-in Agentic AI Fabric to strengthen proactive risk management by predicting and preventing emerging cyber threats.
Unveiled at the Qualys Risk Operations Conference (ROCon) in Houston, the update fortifies identity security for both human and non-human entities, enhances predictive threat analysis, and enables safe exploit validation—helping organizations assess and mitigate risks before a breach occurs.
Proactive Defense in the Era of Agentic AI
With AI accelerating the complexity and volume of attacks, enterprises now face an influx of autonomous and non-human identities to manage. Many security teams struggle to prioritize and respond effectively amid these evolving threats.
Qualys ETM meets this challenge by integrating Identity Risk Posture Management, contextual threat intelligence, and exposure exploitability validation within a unified Risk Operation Center (ROC) framework—enabling measurable and provable risk reduction at scale.
“Enterprises today need advanced solutions to address the growing risks from AI-driven threats and sophisticated adversaries,” said Tyler Shields, Principal Analyst at Omdia. “Qualys’ latest enhancements deliver greater precision and efficiency, expanding visibility to non-human and AI-driven identities and providing predictive, industry-specific risk insights.”
Unified Risk Language for Clarity and Control
The new ETM capabilities serve as force multipliers within the ROC, uniting teams under a single TruRisk™ framework. This unified approach ensures that organizations can identify, prioritize, and mitigate their most critical risks with transparency and precision.
-
ETM Identity: Uncovers and reduces identity-based risks.
-
TruLens: Prioritizes threats using live, industry-specific intelligence.
-
TruConfirm: Validates exploitability for real-world risk verification.
These features move security beyond detection—enabling guided remediation and closed-loop response to provably reduce cyber risk.
ETM Identity: Redefining Identity Security
ETM Identity offers unified visibility and remediation across IAM systems—from Active Directory and Microsoft Entra ID to cloud-based IdPs and IDaaS platforms. It correlates identity and asset risk into a single Identity TruRisk™ score, empowering teams to focus on exploitable attack paths and automate remediation.
By targeting lateral movement and securing high-risk service and machine identities, ETM Identity strengthens organizational resilience against identity-related breaches.
“Identity risk is one of the most exploited and least visible threats today,” said Corey Amsler, Director of Risk Management at GE Vernova. “Security teams need unified insight that aligns identity and asset risk to act decisively. No effective exposure management strategy is complete without it.”
TruLens: Real-Time, Industry-Specific Threat Intelligence
TruLens empowers organizations with tailored, real-time intelligence for faster detection, prioritization, and remediation of cyber risks. By applying live threat context and business impact analysis, it dynamically re-ranks vulnerabilities—including CISA KEV entries—so teams address what truly matters first.
Accessible via a mobile app, TruLens delivers industry-specific insights that unify threat, asset, and business data—helping leaders make smarter, data-driven decisions across departments.
TruConfirm: Validating Real-World Exploitability
TruConfirm extends Qualys ETM’s value by confirming whether exposures are actively exploitable. Through safe, controlled execution of real-world attack simulations, TruConfirm provides actionable proof of risk and pinpoints control failures before adversaries can exploit them.
Once exploitability is verified, ETM automates patching and mitigation workflows, updates the TruRisk™ score, and confirms remediation success. When paired with TruLens, TruConfirm ensures that remediation efforts deliver measurable, real-world risk reduction.
Leadership Insight
“Agentic AI is transforming cybersecurity and redefining risk management,” said Sumedh Thakar, President and CEO of Qualys. “With expanded verification across identities and exploit validation, Qualys ETM empowers organizations to measure, communicate, and eliminate cyber risk with clarity and precision—driving real, verifiable risk reduction at every level.”
Availability
Qualys ETM is now generally available.
ETM Identity, TruLens, and TruConfirm are currently in preview.
Organizations can sign up for early access at:
🔗 qualys.com/free-trial-new/enterprise-trurisk-management
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer in cloud-based security, compliance, and IT solutions, serving over 10,000 customers worldwide, including a majority of the Forbes Global 100 and Fortune 100.
The Qualys Enterprise TruRisk Platform delivers continuous, unified security intelligence across on-premises systems, endpoints, servers, clouds, and mobile devices through a single agent—enabling automation, agility, and measurable cost efficiency.
Founded in 1999, Qualys integrates seamlessly with leading cloud providers including AWS, Microsoft Azure, Google Cloud, and Oracle Cloud Infrastructure, as well as major MSPs and consulting firms.
For more information, visit www.qualys.com.
Additional Resources
-
Blog: Bringing the Power of Agentic AI for Identity Risk, Adaptive Threat Prioritization, and Exposure Exploitability Validation
-
Learn More: qualys.com/etm
-
Free Trial: qualys.com/free-trial-new/enterprise-trurisk-management
-
Webinar: Extending Your Risk Operations Center with Qualys ETM Identity
-
Follow Qualys: LinkedIn | Instagram | X (Twitter)
