Optimizing Risk Discovery and Remediation with Qualys Gateway Service (QGS)
Unpatched vulnerabilities remain one of the largest drivers of cyber risk, accounting for nearly 60% of cyber compromises. Modern security programs are there...
Qualys Blog
11 articles
The Rise of Managed Risk Operations: How the New Qualys mROC Portal Helps Partners Scale the Risk Operations Center
Key Takeaways For years, vulnerability management meant scanning, prioritizing by CVSS score, and handing a spreadsheet to IT. Attack surfaces now span cloud...
Meet Agent Val: Closing the Validation Gap in Exposure Management at Machine Speed with Agentic AI
Executive Summary The primary challenge in vulnerability management is proving what is actually exploitable. Many vulnerabilities are not exploited, but stil...
The Broken Physics of Remediation
The race most security programs are built around — patch faster than the attacker can exploit — was designed for a threat landscape that no longer exists. Th...
From Vision to Real-time Threat Intelligence: TruLens for ETM
Peer benchmarks, exposure timing, and threat actor insight, orchestrated by agentic AI to turn TruRisk into decisions you can defend.
Bringing Continuous Assessment to Harbor: Scan on Push, Stay Secure Over Time
Key Takeaways DevSecOps harmony exists when development and security teams operate on a shared definition of risk using consistent data, identifiers, and pri...
MCP Servers Are the New Shadow IT for AI
Key Takeaways MCP servers are becoming the default wiring between AI agents and enterprise applications — but most organizations have zero visibility into wh...
5 Steps to Turn Compliance Checks into Audit Outcomes
Key Takeaways Why Audit Readiness Still Feels Reactive? Security and Compliance teams generate continuous findings, evidence, and control data across multipl...
CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root
The Qualys Threat Research Unit has identified a Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24....
Countering Current Geopolitical Cyber Threats With Qualys
Summary In response to the latest public sector threat intelligence on Iranian-linked threat activity, Qualys has released new intelligence capabilities with...
The New Era of Application Security: Reasoning-Based Agents, Runtime Reality, and Risk Intelligence
Key Takeaways Introduction Application security is entering a new phase. It is now an AI problem, an API problem, and a runtime risk problem.