HomeIntelligenceBrief
BREACH BRIEF⚪ Informational Advisory

Qualys Launches Managed Risk Operations Center (mROC) Portal to Enable Partners Scale Risk Management

Qualys unveiled the Managed Risk Operations Center (mROC) portal, a unified, AI‑driven console that gives MSSPs and other partners portfolio‑wide visibility, prioritization, and automated remediation. The service aims to replace fragmented scan‑and‑report workflows with a business‑aligned risk‑decision model, directly impacting third‑party risk management practices.

LiveThreat™ Intelligence · 📅 March 24, 2026· 📰 blog.qualys.com
Severity
Informational
AD
Type
Advisory
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
3 recommended
📰
Source
blog.qualys.com

Qualys Launches Managed Risk Operations Center (mROC) Portal to Enable Partners Scale Risk Management

What Happened – Qualys announced the Managed Risk Operations Center (mROC) portal, a multi‑tenant console that gives MSSPs and other partners a unified, AI‑driven view of high‑risk customer environments, active threats, and critical exposures. The portal adds one‑click SSO, TruRisk™ prioritization, and closed‑loop remediation to help partners deliver scalable, outcome‑driven risk services.

Why It Matters for TPRM

  • Provides a standardized, portfolio‑wide risk‑decision framework that reduces reliance on fragmented spreadsheets and manual triage.
  • Enables partners to quantify risk in business terms, improving SLA compliance and board‑level reporting for downstream vendors.
  • AI‑enhanced prioritization and automated remediation accelerate threat mitigation, lowering the window of exposure for all downstream customers.

Who Is Affected – Managed security service providers (MSPs), cloud‑hosted SaaS vendors, and any third‑party risk managers that rely on Qualys for vulnerability scanning and risk quantification.

Recommended Actions

  • Review your contract with Qualys to confirm access to the mROC portal and any associated service‑level expectations.
  • Map the mROC’s TruRisk™ scoring to your internal risk‑acceptance criteria and update third‑party risk assessment templates.
  • Validate that the portal’s one‑click SSO and AI‑driven workflows align with your organization’s security policies and data‑handling requirements.

Technical Notes – The portal is built on Qualys Enterprise TruRisk™ Management (ETM) and integrates threat intelligence, AI‑driven scoring, and exploitability validation (TruConfirm). No new CVEs are disclosed; the value proposition is operational rather than technical. Source: https://blog.qualys.com/product-tech/2026/03/24/the-rise-of-managed-risk-operations-how-the-new-qualys-mroc-portal-helps-partners-scale-the-risk-operations-center

📰 Original Source
https://blog.qualys.com/product-tech/2026/03/24/the-rise-of-managed-risk-operations-how-the-new-qualys-mroc-portal-helps-partners-scale-the-risk-operations-center

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · SOC 2 Readiness

Could you prove your access controls held up here?

Credential and access failures map directly to SOC 2 access-control criteria. The Verisq AI Trust Operations platform shows where your evidence is thin before an auditor — or an attacker — finds out.

Explore the Verisq AI Trust Operations platform →