Qualys Unveils Enterprise TruRisk Platform for Business De-risking


The Qualys Enterprise TruRisk Platform offers a centralised solution for organisations to measure, communicate, and proactively eliminate cyber risk, focusing on the impact of cyber risk on overall business risk.

Qualys, a cloud-based IT, security and compliance solutions leader, unveiled its forward-looking vision of the Qualys Enterprise TruRisk Platform. This move marks a seismic shift for the future of Qualys as a leader in managing and reducing cyber risk for CISOs and security practitioners. The Qualys Enterprise TruRisk Platform centres around helping customers holistically measure, effectively communicate, and proactively eliminate cyber risk, with a hyper-focus on the impact of cyber risk on business risk. 

With ever-expanding attack surfaces and a growing threat landscape, cyber risk has become an elevated topic of importance and prominence for virtually every organisation, especially for the C-suite. Today, nearly 50% of CISOs report directly to the CEO, with over 90% regularly briefing their Board of Directors about their organisation’s exposure to cyber risk. 

“Despite a market push to release more cyber risk ‘measurement’ solutions, security leaders and stakeholders have no reliable means of aggregating, correlating, and translating cyber signals from a growing cybersecurity stack into meaningful cyber risk mitigation and remediation strategies,” said Sumedh Thakar, Qualys CEO. “The Qualys Enterprise TruRisk Platform addresses this issue head-on by delivering a centralised way for organisations to measure and eliminate their cyber risk and arms users with the actionable insights they need to communicate their actual cyber risk posture to internal security and business risk stakeholders. It also provides external executive stakeholders, from the board to cyber risk insurers, with the necessary data to make the right decisions.”

The ground-breaking platform is the maturation of a concept that Qualys began working on 18 months ago through a commitment to deliver powerful security solutions for attack surface management, vulnerability management, and remediation, in addition to providing a higher level of orchestration between these solutions that allow security leaders to better identify, prioritize, and action cyber risk remediation to maximise positive impact on their businesses. 

The Qualys Enterprise TruRisk Platform is the only cybersecurity and risk management solution that enables users to:   

  • Measure Cyber Risk — Aggregates cyber risk across Qualys and non-Qualys external security and IT tools within an organisation’s ecosystem. Users will be able to aggregate third-party solution risk factors for the first time. On top of data from the Qualys Threat Library and over 25 threat intelligence feeds, the Qualys Enterprise TruRisk Platform will ingest data from other IT and security vendor solutions to allow organisations to assess their risk with their current security stack accurately.
  • Communicate Cyber Risk — Translates disparate cyber risk data into common actionable insights and business impact metrics for key security and business risk stakeholders. Risk will be measured regarding potential financial impact on the business, and the level of detail in reports will be customisable to the respective leadership audience.
  • Eliminate Cyber Risk — Eliminates cyber risk across the extended enterprise with precise remediation and mitigation actions. The platform goes beyond patching to introduce dynamic methods for risk reduction where patching is neither possible nor preferred. These options include but are not limited to, virtual patching, permission adjustments, temporary asset disablement, and port blocking to allow for risk reduction without compromising operational efficiencies.