Cloud-based security and compliance vendor Qualys has launched its Agent Val agentic orchestration layer within its Enterprise TruRisk Management (ETM) platform.
The AI agent is designed to bring safe, agent-led exploit validation and autonomous risk remediation to a business' Risk Operations Centre (ROC)
Agent Val analyses exposure signals across assets and determines what should be validated first based on attacker relevance, business context, and exposure. Then, it uses TruConfirm - Qualys' exposure validation service - to safely test exploitability in the live environment, providing evidence-based confirmation of whether an exploit path is open, blocked by controls, or unreachable.
Once risk is confirmed, ETM prioritises that exposure to the top of the remediation queue and extends response beyond patching deployment with mitigation controls and isolation, where patching is not feasible. This enables targeted mitigation to reduce exposure quickly, resulting in 70% faster time-to-remediate on confirmed exploitable findings, according to the company.
After mitigation, Agent Val runs validation again using TruConfirm to verify that the exploit path is closed, controls are working and risk has been reduced.
"As exploit timelines shrink and adversaries use AI to move faster, the industry can’t keep running on assumptions," said Sumedh Thakar, president and chief executive of Qualys.
"Agent Val in ETM moves the Risk Operations Centre from ‘we think’ to ‘we know’ to ‘it’s been taken care of’ with minimal manual effort, giving the power of AI back into the hands of defenders to drive measurable risk reduction at scale.”
_(38).jpg&h=142&w=230&c=1&s=1)
.jpg&w=100&c=1&s=0){kind=logo}
