Enhancing Qualys TruRisk™ Scoring with Malware Threat Intelligence
We are continually evolving our threat intelligence capabilities to ensure customers have the most accurate, complete, and actionable insights available when quantifying risk. As part of this commitment, we are introducing an enhancement to malware threat intelligence within the Qualys TruRisk™ Platform.
Expanding Threat Intelligence Coverage
After a recent review of our threat feeds, we identified an opportunity to broaden our visibility into active threats by incorporating malicious exploit data. This enhancement strengthens risk score calculations and the associated malware context in Qualys Vulnerability Scores (QVS) for Common Vulnerabilities and Exposures (CVEs), ultimately contributing to the Qualys Detection Scores (QDS) for Qualys IDs (QIDs). It also applies to risk items brought into ETM and expressed as Qualys Vulnerability Scoring System (QVSS) values. By integrating this additional dataset, we are expanding the exploit intelligence factored into TruRisk™ scoring.
What This Means for You
With this update, you may notice changes in how vulnerabilities are prioritized in your environment.
- Some QVS, QDS, and QVSS scores may shift from low, medium, or high severity to critical.
- Vulnerability details will now include additional malware entries labeled as “Exploit” in the Associated Malware section.

Strong Prioritization, Better Outcomes
The addition of malware-exploit threat intelligence enhances our platform’s ability to identify vulnerabilities actively leveraged in real-world attacks.
By incorporating this deeper threat context, security and remediation teams can more effectively prioritize the most urgent and material risks, focus efforts where they matter most, and make more informed, risk-based decisions.
No Action Required
No additional action is required. This enhancement will be applied automatically across the Qualys Platform, providing an optimized view of your threat exposures.