Qualys Launches TruLens for ETM: Real‑Time Threat Intelligence, Peer Benchmarking, and Attacker Attribution
What Happened – Qualys announced the general‑availability of TruLens, a new module inside its Enterprise TruRisk Management (ETM) platform. TruLens delivers real‑time adversary‑focused threat intelligence, peer‑group benchmarking (geography, industry, size) and exposure‑timing metrics that show how quickly an organization patches versus its exact peers and versus active exploit timelines.
Why It Matters for TPRM –
- Provides continuous, attacker‑centric visibility that can be incorporated into third‑party risk assessments.
- Enables objective peer‑benchmarking, helping buyers evaluate a vendor’s remediation speed and ransomware exposure relative to comparable organizations.
- Turns raw vulnerability data into business‑aligned risk scores, supporting more accurate risk‑based decision making.
Who Is Affected – Enterprises that rely on Qualys vulnerability‑management services, security‑operations teams, and any organization that outsources security tooling to SaaS providers.
Recommended Actions – Review your current use of Qualys ETM (or comparable platforms); map TruLens metrics to your third‑party risk framework; validate that vendors expose comparable peer‑benchmark data; incorporate exposure‑timing insights into contract‑level security clauses.
Technical Notes – TruLens leverages the Qualys Threat Research Unit’s 120+ analysts, integrates coverage of the CISA KEV catalog, and applies agentic AI to predict exploit timing (average 40 days before a CVE appears on KEV). It surfaces threat‑actor attribution, exposure‑timing, and MTTR peer percentiles. Source: Qualys Blog – From Vision to Real‑time Threat Intelligence: TruLens for ETM