Qualys executives in October 2024 rolled out a cloud-based risk operations center (ROC), a tool enterprises can use to aggregate such data as vulnerabilities, configurations, and identities in a single place to more easily measure their security posture and prioritize and minimize their risks.
Organizations are struggling with an increasingly distributed IT environment, multiple one-off tools that they’re trying to cobble together, and more sophisticated cyberthreats. The ROC is designed to alleviate such challenges and allow companies to better measure their risk posture against business demands.
Part of Qualys’ Enterprise TruRisk Management (ETM) platform, a ROC “aligns risk management strategies with expected business outcomes and enables organizations to prioritize and mitigate risks based on their business impact, offering a coordinated, proactive response,” Mayuresh Ektare, vice president of product management at Qualys, told MSSP Alert. “ROC centralizes the security posture and risk signals across the ever-expanding attack surface and enables a coordinated response for risk reduction.”
Now the San Diego, California-based vendor is putting its ROC in the hands of MSSPs with the release this month of the Managed ROC (mROC) Partner Alliance, which will let Qualys extend the reach of its ROC capabilities and give partners new revenue streams by offering services to enable organizations to identify, assess, and mitigate cyber risks.
Enterprises and ROC
Most companies could benefit from ROC, but “large enterprises in particular desire these capabilities given the complexity of their digital infrastructure, and diverse set of security posture management tools they deploy,” Ektare said. “Large organizations with complex infrastructures, an increasing digital footprint, and limited security resources are often looking for industry experts to help them implement a ROC.”
Such services are particularly important in highly regulated industries, he said.
Risk mitigation is gaining more attention from businesses that see the need to be more proactive in identifying and defending against cyberthreats rather than responding when an attack happens. MarketsandMarkets analysts expect the digital risk protection market will jump from $64.4 billion in 2023 to $157.8 billion by 2028, driven by the growing number and complexity of the threats and the multiplying number of data protection regulations.
Organizations typically are forced to cobble together data from multiple products to begin to understand their risk posture. Qualys’ ROC is a central place to collect Qualys and non-Qualys data – from the likes of Forescout, Microsoft, Okta, and Wiz – correlate it with more than two dozen threat intelligence and business points, align the risk to the business’ priorities, and mitigate them.
A Complement to SOCs
Ektare described ROCs as an evolution of security operations centers (SOCs), which changed incident response by ingesting security events and log data from myriad security tools. ROCs consolidate the risk signals from across the attack surface.
“While SOC is designed to address reactive – incident response – use cases, a ROC is implemented to address the proactive – cyber hygiene and risk reduction – risk management programs operate at scale,” he said. “This often is an evolution and modernization of the traditional vulnerability management processes that require a different set of expertise.”
Enterprises embraced Qualys’ ROC after it was launched several months ago, he wrote in a blog post, adding that setting and managing a ROC takes more than technology. It requires expertise, which is what MSSPs can bring via mROC.
Extending the Reach of ROC
“With mROC, MSSPs can elevate their approach from traditional vulnerability management services to strategic cyber risk orchestration,” Ektare wrote. “By analyzing risk signals and their impact on business, MSSPs can deliver centralized risk management with tailored insights, proactive mitigation of threats, and unified risk management across multi-cloud, hybrid, and on-premises environments—helping clients stay ahead of evolving cyber risks.”
Services that MSSPs can offer through mROC include cyber risk advice, onboarding and integration, continuous risk monitoring, and risk mitigation, according to Qualys.
“As cyber threats evolve, CISOs need trusted partners who can quantify risk in business terms and take decisive action,” he wrote. “With mROC, Qualys empowers MSSPs to shift from reactive security to proactive risk orchestration, delivering tailored risk insights, AI-driven quantification, and continuous compliance monitoring – positioning them as strategic risk advisors.”
