Qualys upgrades ETM platform with AI identity & threat tools

Qualys has announced an expansion of its Enterprise TruRisk Management platform to include enhanced identity security, industry-specific threat prioritisation, and exploit validation with integrated artificial intelligence (AI) capabilities.

The latest developments to the Qualys ETM platform have been designed to support security teams facing increasingly complex threats driven by the rapid adoption of AI, and a growing volume of non-human digital identities within enterprise environments.

Complex threat landscape

According to Qualys, the proliferation of AI has resulted in not only a higher volume but also greater complexity of cyber attacks. Alongside this trend, organisations are experiencing a surge in non-human and autonomous identities - entities such as service accounts and automated processes, which need to be carefully managed and secured to prevent breaches.

The company says that many security teams are now stretched thin as they attempt to address these challenges, highlighting the need for proactive, intelligence-driven risk management strategies that can be tailored to an organisation's specific risk profile.

"Enterprises today need advanced solutions to address the growing risks from AI-driven threats and sophisticated adversaries," said Tyler Shields, Principal Analyst at Omdia. "Qualys' latest enhancements will help security teams operate with greater precision and efficiency for measurable risk reduction. Its Enterprise TruRisk Management (ETM) solution expands visibility to non-human and agentic AI identities and provides predictive, industry and environment-specific risk insights."

Expanded platform capabilities

The enhancements to the ETM platform focus on unifying risk management efforts with what the company terms a Risk Operation Centre (ROC) framework. The improvements are divided into several modules:

• ETM Identity: Targeting human and non-human identity-related risks, integrating context and remediation across identity and access management systems
• TruLens: Delivering real-time, contextual threat and vulnerability intelligence based on live threat data and industry context
• TruConfirm: Confirming the exploitability of exposures through safe, controlled tests to help teams prioritise remediation efforts on vulnerabilities most likely to be exploited

The platform aims to enable provable risk reduction by identifying, validating, and facilitating the remediation of actual threats before they can be leveraged in a cyber attack.

ETM Identity

Qualys says the ETM Identity module is designed to unify visibility and remediation for both human user accounts and non-human identities (such as machine identities) across on-premises and cloud-based identity and access management systems. By doing this, risks are consolidated into a single Identity TruRisk score, allowing security teams to focus on the most exploitable attack paths and automate remediation of identified vulnerabilities.

The system specifically targets lateral movement attack paths and aims to secure high-risk service and machine identities, elements frequently implicated in data breaches.

"Identity risk has become one of the most exploited and least visible threats organisations face today," said Corey Amsler, Director of Risk Management at GE Vernova. "Security teams need unified insight, aligning identity risk with asset risk, in order to act decisively. No effective exposure management strategy is complete without it."

TruLens

The TruLens module provides ongoing analysis of emerging threats, combining live intelligence and an organisation's business context to dynamically re-rank exposures. By highlighting exposures that are more likely to have a meaningful operational impact, particularly those associated with known exploited vulnerabilities, TruLens aims to focus security resources where they can be most effective.

This module also seeks to unify fragmented information from different threat and vulnerability data sources and deliver actionable insights tailored to the specific industry and environment of each organisation. TruLens will be accessible via a mobile application.

TruConfirm

With its TruConfirm capability, Qualys extends exploit validation by simulating real-world attack scenarios to determine exploitability. The company states that this approach provides security teams with clear, actionable proof of which vulnerabilities in their environment are exploitable, supporting more effective prioritisation of remediation actions.

Once exploitability is confirmed, the ETM platform automates the patching or mitigation process through IT service management workflows, and updates the risk scoring to reflect changes in an organisation's cyber risk posture.

AI and security leadership

"Agentic AI is transforming cybersecurity and forcing organisations to rethink how they manage risk. To stay ahead, they must proactively reduce risk, anticipate where attackers are most likely to strike, and clearly demonstrate the impact of their security investments," said Sumedh Thakar, President and CEO of Qualys. "Qualys Enterprise TruRisk Management (ETM) rises to this challenge with expanded risk verification - now including user identities and exploit validation - providing the clarity and precision security leaders need. We're empowering organisations to measure, communicate, and eliminate cyber risk in ways that drive real, verifiable risk reduction at the executive and board level."

Qualys reports that the ETM platform and associated modules are currently available, while specific components such as ETM Identity, TruLens, and TruConfirm are available for preview by selected customers.