Qualys Enterprise TruRisk Management redefines
cyber risk operations by unifying diverse security solutions for
prioritization and actionable remediation
SAN
DIEGO, Oct. 9, 2024 /PRNewswire/ -- Qualys,
Inc. (NASDAQ: QLYS), a leading provider of disruptive cloud-based
IT, security and compliance solutions, today announced the launch
of the industry's first Risk Operations Center (ROC) with
Enterprise TruRisk Management (ETM) at the Qualys Security
Conference. The solution enables CISOs and business leaders to
manage cybersecurity risks in real time, transforming fragmented,
siloed data into actionable insights that align cyber risk
operations with business priorities. The application consolidates
both Qualys and non-Qualys security risk data, including from
technology alliances like Forescout, Identity Threat Protection
with Okta AI, Microsoft, Oracle, and Wiz across cloud, on-premises
and hybrid environments.
Organizations are facing an ever-growing volume of risk findings
spread across multiple, disconnected top 10 dashboards. This
fragmented view results in conflicting analyses, duplicate work,
missed threats, and strategies that fail to fully protect the
organization. As a result, companies struggle to get a clear
understanding of their true, overall risk, hindering their ability
to make informed remediation decisions.
To overcome these challenges, businesses need an integrated
approach that combines heterogeneous risk factors from various
asset management tools and disparate cybersecurity solutions into a
single platform with remediation and mitigation capabilities to
reduce risk quickly. That is why Qualys is launching the
world's first ROC with Enterprise TruRisk Management designed to
unify asset inventory and risk factors, apply threat intelligence,
business context, risk prioritization, and orchestrate remediation,
compliance and reporting through a single interface.
"With IT environments growing more complex and potential risk
exposures more numerous, organizations need a holistic and
proactive cybersecurity management platform that brings all
cyber-risk exposures to one place, unifies scoring and simplifies
prioritization and reporting," said Michelle Abraham, research director at IDC.
"Qualys' approach with the Risk Operations Center delivers this
ideal in a cohesive way. With the ability to analyze all risk
factors at a glance – such as exploitability, unique organizational
context, threat intelligence, and financial impact – Qualys
Enterprise TruRisk Management empowers CISOs and business leaders
to create actionable, enterprise-wide strategies to reduce risk to
levels that align with the business's objectives."
Qualys Enterprise TruRisk Management enables enterprises to
operationalize their ROC –
- Ingesting Qualys and Non-Qualys Data for an Accurate Measure
of Business Risk: Enterprises are able to measure their TruRisk
score, by aggregating and unifying dispersed risk factors –
such as vulnerabilities, security postures, asset exposures, and
identities – generated by their security toolset across the
full stack of cloud, on-premises, or third-party applications. This
data is correlated with over 25 threat intel sources and business
context to precisely highlight key risk exposure indicators,
enabling proactive risk management for business entities, processes
or applications.
- Aligning Risk to Business Value to Communicate Financial
Impact of Cyber Risk: CISOs are expected to communicate the
return on investment (ROI) and outcomes of existing and future
cybersecurity investments in terms of reduction of business risk.
By aligning business value and potential losses from cyber risks,
ETM enables cyber risk quantification (CRQ) for CISOs and risk
teams to communicate the business impact of TruRisk for critical
applications, entities and processes, shifting the focus from
technical issues to understanding the financial impact of security
threats. ETM also allows teams to recognize the contribution of
risk factors produced by individual cybersecurity tools, toward
overall enterprise-wide TruRisk scores impacting the business, to
justify cybersecurity tool investment and better
prioritization.
- Automated Remediation Workflows to Reduce Cyber
Risk: Security and Risk Operations teams can leverage
personalized risk reduction plans with Qualys TruRisk
Eliminate to intelligently patch or mitigate the prioritized
exposure indicators, such as vulnerabilities, misconfigurations,
asset and software risks, by balancing risk reduction with business
continuity. ETM also supports rule-based integrations with ITSM
tools, such as ServiceNow and JIRA, to automatically assign
prioritized tickets of unified exposures to the right remediation
teams and orchestrate active remediation through integrated
zero-trust, firewalled solutions to rapidly reduce risk, which
helps reduce time to communicate and mean time to remediation.
"Organizations need an accurate diagnosis of their risk,
including both IT and security data, in a unified view," said
Scott Woodgate, general manager,
Microsoft Security. "Qualys Enterprise TruRisk now integrates with
Microsoft Defender for Endpoint vulnerability and device data to
make this possible."
"On its 25th anniversary, Qualys continues its never-ending
innovation journey by again disrupting the cybersecurity market
with the introduction of the Risk Operations Center (ROC)," said
Sumedh Thakar, president and CEO of
Qualys. "The ROC delivered by Qualys ETM transforms proactive
cybersecurity, empowering organizations to operationalize their
risk management process in a single platform, and revolutionizing
the way customers measure, communicate and eliminate risk,
irrespective of which cyber tools they employ."
Availability
Qualys Enterprise TruRisk Management is immediately available.
To start your ROC journey, sign up for a free trial, read the
blogs, "The Future of Cybersecurity Risk Management: Risk
Operations Center (ROC) delivered by Qualys Enterprise TruRisk
Management (ETM)" and "Qualys Launches Enterprise TruRisk
Management: The Industry's First Cloud-Based Risk Operations
Center" or attend the webinar.
Additional Resources
- Watch the video
- Read our blog posts, "The Future of Cybersecurity Risk
Management: Risk Operations Center (ROC) delivered by Qualys
Enterprise TruRisk Management (ETM)" and "Qualys Launches
Enterprise TruRisk Management: The Industry's First Cloud-Based
Risk Operations Center"
- Sign up for a free trial of Qualys Enterprise TruRisk
Management
- Download the whitepaper on Risk Operations Center
(ROC)
- Register for our webinar, "How to Build a Risk Operations
Center (ROC) with Qualys Enterprise TruRisk Management
(ETM)"
- Follow Qualys on LinkedIn and X
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a leading provider of disruptive
cloud-based security, compliance and IT solutions with more than
10,000 subscription customers worldwide, including a majority of
the Forbes Global 100 and Fortune 100. Qualys helps organizations
streamline and automate their security and compliance solutions
onto a single platform for greater agility, better business
outcomes, and substantial cost savings.
The Qualys Enterprise TruRisk Platform leverages a single agent
to continuously deliver critical security intelligence while
enabling enterprises to automate the full spectrum of vulnerability
detection, compliance, and protection for IT systems, workloads and
web applications across on premises, endpoints, servers, public and
private clouds, containers, and mobile devices. Founded in 1999 as
one of the first SaaS security companies, Qualys has strategic
partnerships and seamlessly integrates its vulnerability management
capabilities into security offerings from cloud service providers,
including Oracle Cloud Infrastructure, Amazon Web Services, the
Google Cloud Platform and Microsoft Azure, along with a number of
leading managed service providers and global consulting
organizations. For more information, please visit
http://www.qualys.com.
Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are
proprietary trademarks of Qualys, Inc. All other products or names
may be trademarks of their respective companies.
Media Contact:
Rachel Yap Winship
Qualys
Media@Qualys.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/qualys-debuts-industrys-first-risk-operations-center-roc-in-the-cloud-302271913.html
SOURCE Qualys, Inc.