Newsletters




Qualys Creates Risk Operations Center in the Cloud


Qualys, Inc., a provider of disruptive cloud-based IT, security, and compliance solutions, is launching a Risk Operations Center (ROC) with Enterprise TruRisk Management (ETM) to enable CISOs and business leaders to manage cybersecurity risks in real time, transforming fragmented, siloed data into actionable insights.

The application consolidates both Qualys and non-Qualys security risk data, including from technology alliances like Forescout, Identity Threat Protection with Okta AI, Microsoft, Oracle, and Wiz across cloud, on-premises, and hybrid environments.

"On its 25th anniversary, Qualys continues its never-ending innovation journey by again disrupting the cybersecurity market with the introduction of the Risk Operations Center (ROC)," said Sumedh Thakar, president and CEO of Qualys. “The ROC delivered by Qualys ETM transforms proactive cybersecurity, empowering organizations to operationalize their risk management process in a single platform, and revolutionizing the way customers measure, communicate and eliminate risk, irrespective of which cyber tools they employ."

Enterprise TruRisk Management is designed to unify asset inventory and risk factors, apply threat intelligence, business context, risk prioritization, and orchestrate remediation, compliance and reporting through a single interface.

Qualys Enterprise TruRisk Management enables enterprises to operationalize their ROC:

  • Ingesting Qualys and Non-Qualys Data for an Accurate Measure of Business Risk: Enterprises can measure their TruRisk score by aggregating and unifying dispersed risk factors—such as vulnerabilities, security postures, asset exposures, and identities—generated by their security toolset across the full stack of cloud, on-premises, or third-party applications. This data is correlated with over 25 threat intel sources and business context to precisely highlight key risk exposure indicators, enabling proactive risk management for business entities, processes or applications.
  • Aligning Risk to Business Value to Communicate Financial Impact of Cyber Risk: CISOs are expected to communicate the return on investment (ROI) and outcomes of existing and future cybersecurity investments in terms of reduction of business risk. By aligning business value and potential losses from cyber risks, ETM enables cyber risk quantification (CRQ) for CISOs and risk teams to communicate the business impact of TruRisk for critical applications, entities and processes, shifting the focus from technical issues to understanding the financial impact of security threats.
  • Automated Remediation Workflows to Reduce Cyber Risk: Security and Risk Operations teams can leverage personalized risk reduction plans with Qualys TruRisk Eliminate to intelligently patch or mitigate the prioritized exposure indicators, such as vulnerabilities, misconfigurations, asset and software risks, by balancing risk reduction with business continuity. ETM also supports rule-based integrations with ITSM tools, such as ServiceNow and JIRA, to automatically assign prioritized tickets of unified exposures to the right remediation teams and orchestrate active remediation through integrated zero-trust, firewalled solutions to rapidly reduce risk, which helps reduce time to communicate and mean time to remediation.

Qualys Enterprise TruRisk Management is immediately available.

For more information about this news, visit www.qualys.com.


Sponsors