Qualys Updates TotalAI Solution
With the current rush of AI adoption, organizations are moving at an unprecedented pace – often without implementing foundational security controls necessary to manage risk. A recent study revealed 72% of CISOs are concerned generative AI solutions could result in security breaches for their organizations. Enterprises need a better solution to bridge the gap between innovation and secure implementation.
As AI becomes a core component of business innovation, security can no longer be an afterthought,' said Tyler Shields, principal analyst at Enterprise Strategy Group. 'Qualys TotalAI ensures that only trusted, vetted models are deployed into production, enabling both agility and assurance across organizations' AI usage. This security helps organizations achieve their innovation goals while managing their risk.'
Qualys TotalAI is purpose-built for the unique realities of AI risk, going beyond basic infrastructure assessments to directly test models for jailbreak vulnerabilities, bias, sensitive information exposure, and critical risks mapped to the OWASP Top 10 for LLMs. Taking a risk-led approach, TotalAI not only finds AI-specific exposures — it helps teams resolve them faster, protect operational resilience, and maintain brand trust. TotalAI delivers: Automatic Prioritization of AI Security Risks : Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks.
: Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks. Faster, Safer AI Application Development: With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls.
With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls. Enhanced Defense Against Emerging AI Threats: TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards.
TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards. Protection from Cross-modal Exploits with Multimodal Threat Coverage: TotalAI's enhanced multimodal detection identifies prompts or perturbations hidden inside images, audio, and video files that are designed to manipulate LLM outputs, helping organizations safeguard against cross-modal exploits.
'AI is reshaping how businesses operate, but with that innovation comes new and complex risks,' said Sumedh Thakar, president and CEO of Qualys. 'TotalAI delivers the visibility, intelligence, and automation required to stay agile and secure, protecting AI workloads at every stage — from development through deployment. We are proud to lead the way with the industry's most comprehensive solution, helping businesses innovate with confidence, while staying ahead of emerging AI threats.' 0 0
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
TECHx
05-08-2025
- TECHx
Qualys Unveil Agentic AI for Real-Time Cyber Risk Management
Home » Tech Value Chain » Global Brands » Qualys Unveils Agentic AI for Real-Time Cyber Risk Management Qualys, Inc. (NASDAQ: QLYS), a provider of cloud-based IT, security, and compliance solutions, has announced new Agentic AI capabilities on the Qualys platform. The new AI fabric powers a marketplace of Cyber Risk AI Agents. These agents deliver real-time insights across all attack surfaces, prioritized by business impact. They also help reduce risk and operational costs through autonomous remediation at speed and scale. This enables a more efficient and intelligent Risk Operations Center (ROC). As cyber threats grow in volume and complexity, security teams face millions of exposures with little context. Manual processes lead to delays and unaddressed vulnerabilities. To solve this, Qualys introduced Agentic AI to eliminate repetitive tasks and enable risk-focused workflows. According to Tyler Shields, principal analyst at Enterprise Strategy Group (ESG), 'Integrating Agentic AI into the Qualys platform marks a major leap from reactive response to real-time risk reduction.' He added that this innovation supports faster remediation and greater accuracy. By embedding Agentic AI into Enterprise TruRisk Management (ETM), Qualys enhances risk-centric automation. ETM already aggregates exposures to align cyber risk with business value. With the new AI fabric, Qualys now offers pre-built AI agents for threat prioritization and remediation tailored to each organization. The Cyber Risk Assistant is also introduced. This prompt-driven tool helps teams navigate risks, translate exposures, and deliver context-aware insights through autonomous operations. The Qualys Marketplace now features: Continuous risk insights from fragmented exposures, using pre-built AI agents. from fragmented exposures, using pre-built AI agents. Adaptive remediation via AI agents like the Microsoft Patch Tuesday Lifecycle Agent. via AI agents like the Microsoft Patch Tuesday Lifecycle Agent. Custom AI agents through a no-code interface, enabling reusable, automated workflows. 'Qualys Agentic AI, embedded into Enterprise TruRisk Management, is transforming how organizations manage cyber risk,' said Sumedh Thakar, President and CEO of Qualys. He emphasized that CISOs can now augment their teams with intelligent AI agents for faster, strategic risk reduction. This launch represents a step forward in autonomous cybersecurity and smarter operations powered by AI.
Channel Post MEA
05-08-2025
- Channel Post MEA
Qualys Unveils Agentic AI-Powered Risk Operations Center
Qualys has unveiled several new Agentic AI capabilities on the Qualys platform. The new AI fabric introduces a marketplace of Cyber Risk AI Agents delivering real-time risk insights across all attack surfaces, prioritized by business impact. Additionally, it reduces risk and operational costs by autonomously remediating with speed, scale, and accuracy, all while powering a smarter, more efficient Risk Operations Center (ROC). Amid a surge in the volume and sophistication of cyber threats, amplified by the growing complexity of an ever-evolving attack surface, teams are grappling with millions of exposures while lacking the context to map them against business priorities. Without self-orchestrating AI agents to turn data into insights, and prioritize and remediate risks in real time, security teams face manual bottlenecks and lingering exposures. Qualys addresses this with Agentic AI—eliminating repetitive tasks and enabling autonomous, risk-focused workflows that empower teams and accelerate protection. 'Cybersecurity has never been able to keep pace with the volume of enterprise exposures due to human-scale prioritization and remediation,' said Tyler Shields, principal analyst at Enterprise Strategy Group (ESG). 'Integrating Agentic AI into the Qualys platform marks a major leap—from reactive response to real-time risk reduction. With autonomous remediation and intelligent prioritization, this type of innovation enables faster risk reduction, more efficient resource usage, and greater accuracy in recommended actions. This evolution shifts security teams from tactical responders to strategic agentic AI orchestrators, bringing us closer to a future of self-healing cybersecurity.' By embedding Agentic AI into Enterprise TruRisk Management (ETM), Qualys enhances its risk-centric automation capabilities—delivering faster, more intelligent decision-making. Already a leading cornerstone of the ROC, ETM aggregates exposures to measure, communicate, and eliminate cyber risk aligned to business value. Now, with the new AI fabric, Qualys delivers pre-built AI agents that automate threat prioritization and drive remediation strategies tailored to each organization's risk appetite and environment. It also introduces the Cyber Risk Assistant—a prompt-driven interface that helps teams navigate the risk journey, translate millions of exposures, and deliver context-aware risk insights with autonomous operations. The Qualys Marketplace of ready-to-use AI agents delivers: Continuous Risk Insights and Prioritization from Fragmented Exposures – Pre-built AI agents autonomously and adaptively drive every step of the cyber risk journey from continuously discovering your external attack surface with a hacker's-eye view, to proactively assessing risk against trending industry threats, and prioritizing those risks based on the context of your unique assets and environment. Thus, helping organizations reduce the cost and complexity of risk operations. Adaptive Remediation for the Highest Security Posture – With attackers exploiting vulnerabilities in under 18 days, cybersecurity and IT teams are focused on reducing mean time to remediation (MTTR). Adaptive Risk Remediation AI Agents like the Microsoft Patch Tuesday Lifecycle Agent continuously triangulate prioritized vulnerabilities, correlated remediation techniques, and asset context to drive faster, more transparent risk remediation. This reduces cost and time to close vulnerabilities. Build Your Own AI Agent – Security teams can create custom, no-code, pretrained AI agents tailored to their specific business needs. These agents can be trained to perform specialized tasks autonomously and reused as needed—enabling scalable, repeatable automation for risk management workflows unique to each organization. 'Qualys Agentic AI, embedded into Enterprise TruRisk Management is transforming how organizations manage cyber risk and powering a smarter, more agile Risk Operations Center,' said Sumedh Thakar, president and CEO of Qualys. 'It's ushering in a new era where CISOs can augment their security teams with intelligent AI agents that perform autonomous analysis and take decisive, high-impact actions to reduce risk faster, more strategically, and with greater efficiency.'
TECHx
23-07-2025
- TECHx
Qualys Report Reveals Gaps in Cyber Risk Management
Home » Top stories » Qualys Report Reveals Gaps in Cyber Risk Management Qualys has revealed key findings from its 2025 State of Cyber-risk Assessment report, highlighting major gaps in cybersecurity risk management despite rising investments. The research, conducted by Dark Reading and commissioned by Qualys, shows that most organizations still struggle with aligning cyber risk programs to business priorities. While 49% of surveyed organizations report having a formal cyber risk management program, only 18% use integrated risk scenarios that quantify business impact, including insurance risk transfer. The report notes that 30% align risk programs with business objectives, while 43% of programs are less than two years old. An additional 19% are still in the planning stage. Cybersecurity investments are growing, but 71% of organizations believe cyber risk levels are either increasing or unchanged: 51% report increasing cyber risk exposure 20% say risk remains steady Only 6% have seen a decrease Asset visibility remains a key challenge. Although 83% perform regular inventories, only 13% do so continuously. Furthermore, 47% rely on manual processes, and 41% cite incomplete inventories as a top barrier. Risk prioritization also lacks maturity. Only 68% use integrated risk scoring methods, while 19% still rely solely on CVSS scores. Just 18% update asset risk profiles monthly. While 90% report cyber-risk findings to the board, only 14% include financial quantification, and just 22% involve finance teams. Business stakeholders are included less than half the time. Mayuresh Ektare, Vice President of Product Management at Qualys, stated that current approaches fail to reduce cyber risk effectively. He emphasized adopting a Risk Operations Center (ROC) model that integrates vulnerability, asset, and threat data for a unified view. The report recommends organizations: Understand and prioritize risks based on business-critical assets Use diverse risk signals beyond vulnerability scans Transition from reactive incident response to proactive risk reduction Ektare added that integrating business-impacting risk scenarios will lead to more effective board-level communication and better-informed decision-making.
