Qualys Launches Managed Risk Operations Center (mROC) Portal to Enable Partners Scale Risk Management
What Happened – Qualys announced the Managed Risk Operations Center (mROC) portal, a multi‑tenant console that gives MSSPs and other partners a unified, AI‑driven view of high‑risk customer environments, active threats, and critical exposures. The portal adds one‑click SSO, TruRisk™ prioritization, and closed‑loop remediation to help partners deliver scalable, outcome‑driven risk services.
Why It Matters for TPRM –
- Provides a standardized, portfolio‑wide risk‑decision framework that reduces reliance on fragmented spreadsheets and manual triage.
- Enables partners to quantify risk in business terms, improving SLA compliance and board‑level reporting for downstream vendors.
- AI‑enhanced prioritization and automated remediation accelerate threat mitigation, lowering the window of exposure for all downstream customers.
Who Is Affected – Managed security service providers (MSPs), cloud‑hosted SaaS vendors, and any third‑party risk managers that rely on Qualys for vulnerability scanning and risk quantification.
Recommended Actions –
- Review your contract with Qualys to confirm access to the mROC portal and any associated service‑level expectations.
- Map the mROC’s TruRisk™ scoring to your internal risk‑acceptance criteria and update third‑party risk assessment templates.
- Validate that the portal’s one‑click SSO and AI‑driven workflows align with your organization’s security policies and data‑handling requirements.
Technical Notes – The portal is built on Qualys Enterprise TruRisk™ Management (ETM) and integrates threat intelligence, AI‑driven scoring, and exploitability validation (TruConfirm). No new CVEs are disclosed; the value proposition is operational rather than technical. Source: https://blog.qualys.com/product-tech/2026/03/24/the-rise-of-managed-risk-operations-how-the-new-qualys-mroc-portal-helps-partners-scale-the-risk-operations-center