Qualys Expands Platform to Protect Against AI and LLM Model Risk from Development to Deployment
Qualys has announced significant updates to its TotalAI solution, enhancing security for organizations' MLOps pipeline from development to deployment. The expanded platform now offers comprehensive testing of large language models (LLMs) with on-premises scanning capabilities.
Key enhancements include:
- Internal LLM scanner for secure testing during development
- Detection of 40 different attack scenarios
- Protection against cross-modal exploits in images, audio, and video
- Automatic risk prioritization through TruRisk scoring engine
The update addresses critical security concerns, as 72% of CISOs worry about potential security breaches from generative AI solutions. TotalAI maps findings to MITRE ATLAS and focuses on detecting vulnerabilities like jailbreak techniques, prompt injections, and bias amplification. The solution is now available with a 30-day trial option.
Qualys ha annunciato importanti aggiornamenti alla sua soluzione TotalAI, migliorando la sicurezza per le pipeline MLOps delle organizzazioni, dalla fase di sviluppo fino al deployment. La piattaforma ampliata offre ora un test completo dei modelli linguistici di grandi dimensioni (LLM) con capacità di scansione on-premise.
Le principali novità includono:
- Scanner interno per LLM per test sicuri durante lo sviluppo
- Rilevamento di 40 diversi scenari di attacco
- Protezione contro exploit cross-modali su immagini, audio e video
- Prioritizzazione automatica dei rischi tramite il motore di scoring TruRisk
L’aggiornamento risponde a preoccupazioni critiche sulla sicurezza, dato che il 72% dei CISO teme violazioni derivanti da soluzioni di AI generativa. TotalAI collega i risultati a MITRE ATLAS e si concentra sull’individuazione di vulnerabilità come tecniche di jailbreak, iniezioni di prompt e amplificazione dei bias. La soluzione è ora disponibile con una prova gratuita di 30 giorni.
Qualys ha anunciado importantes actualizaciones en su solución TotalAI, mejorando la seguridad en la cadena MLOps de las organizaciones desde el desarrollo hasta el despliegue. La plataforma ampliada ahora ofrece pruebas completas de modelos de lenguaje grandes (LLMs) con capacidades de escaneo on-premise.
Las mejoras clave incluyen:
- Escáner interno de LLM para pruebas seguras durante el desarrollo
- Detección de 40 diferentes escenarios de ataque
- Protección contra exploits multimodales en imágenes, audio y video
- Priorización automática de riesgos mediante el motor de puntuación TruRisk
La actualización aborda preocupaciones críticas de seguridad, ya que el 72% de los CISO temen posibles brechas de seguridad derivadas de soluciones de IA generativa. TotalAI mapea los hallazgos con MITRE ATLAS y se enfoca en detectar vulnerabilidades como técnicas de jailbreak, inyecciones de prompt y amplificación de sesgos. La solución ya está disponible con una prueba gratuita de 30 días.
Qualys가 TotalAI 솔루션의 주요 업데이트를 발표하며, 개발부터 배포까지 조직의 MLOps 파이프라인 보안을 강화했습니다. 확장된 플랫폼은 이제 온프레미스 스캔 기능을 갖춘 대형 언어 모델(LLM)에 대한 포괄적인 테스트를 제공합니다.
주요 개선 사항은 다음과 같습니다:
- 개발 중 안전한 테스트를 위한 내부 LLM 스캐너
- 40가지 다양한 공격 시나리오 탐지
- 이미지, 오디오, 비디오의 교차 모달 공격 방어
- TruRisk 점수 엔진을 통한 자동 위험 우선순위 지정
이번 업데이트는 생성형 AI 솔루션으로 인한 보안 침해 우려가 72%의 CISO 사이에서 높다는 점을 반영해 중요한 보안 문제를 다룹니다. TotalAI는 발견 내용을 MITRE ATLAS와 연계하며, 탈옥 기법(jailbreak), 프롬프트 인젝션, 편향 증폭과 같은 취약점 탐지에 집중합니다. 이 솔루션은 현재 30일 무료 체험 옵션과 함께 제공됩니다.
Qualys a annoncé des mises à jour majeures de sa solution TotalAI, renforçant la sécurité des pipelines MLOps des organisations, du développement au déploiement. La plateforme élargie offre désormais des tests complets des grands modèles de langage (LLM) avec des capacités de scan sur site.
Les améliorations clés comprennent :
- Scanner LLM interne pour des tests sécurisés en phase de développement
- Détection de 40 scénarios d’attaque différents
- Protection contre les exploits multimodaux dans les images, l’audio et la vidéo
- Priorisation automatique des risques grâce au moteur de scoring TruRisk
Cette mise à jour répond à des préoccupations de sécurité majeures, puisque 72 % des RSSI craignent des failles potentielles liées aux solutions d’IA générative. TotalAI cartographie les résultats sur MITRE ATLAS et se concentre sur la détection de vulnérabilités telles que les techniques de jailbreak, les injections de prompt et l’amplification des biais. La solution est désormais disponible avec une période d’essai de 30 jours.
Qualys hat bedeutende Updates seiner TotalAI-Lösung angekündigt, die die Sicherheit der MLOps-Pipeline von Organisationen vom Entwicklungs- bis zum Einsatzstadium verbessert. Die erweiterte Plattform bietet nun umfassende Tests großer Sprachmodelle (LLMs) mit On-Premises-Scan-Fähigkeiten.
Wesentliche Verbesserungen umfassen:
- Interner LLM-Scanner für sichere Tests während der Entwicklung
- Erkennung von 40 verschiedenen Angriffsszenarien
- Schutz vor multimodalen Angriffen auf Bilder, Audio und Video
- Automatische Risikopriorisierung durch die TruRisk-Bewertungs-Engine
Das Update adressiert kritische Sicherheitsbedenken, da 72 % der CISOs sich Sorgen über potenzielle Sicherheitsverletzungen durch generative KI-Lösungen machen. TotalAI ordnet die Ergebnisse MITRE ATLAS zu und konzentriert sich auf die Erkennung von Schwachstellen wie Jailbreak-Techniken, Prompt-Injektionen und Bias-Verstärkung. Die Lösung ist jetzt mit einer 30-tägigen Testversion verfügbar.
- Launch of enhanced TotalAI solution expands company's AI security product portfolio
- New internal LLM scanner enables on-premises testing, potentially increasing enterprise adoption
- Expanded threat detection now covers 40 different attack scenarios
- Product addresses high market demand (72% of CISOs concerned about AI security)
- First-mover advantage in comprehensive AI/LLM security testing market
- Heavy investment in AI security capabilities may increase operational costs
- Entering highly competitive AI security market with established players
- Free 30-day trial offering might impact short-term revenue
New enhancements in TotalAI strengthen AI security capabilities with extended threat coverage, multi–modal protections, and internal LLM scanner
With the current rush of AI adoption, organizations are moving at an unprecedented pace – often without implementing foundational security controls necessary to manage risk. A recent study revealed
As AI becomes a core component of business innovation, security can no longer be an afterthought," said Tyler Shields, principal analyst at Enterprise Strategy Group. "Qualys TotalAI ensures that only trusted, vetted models are deployed into production, enabling both agility and assurance across organizations' AI usage. This security helps organizations achieve their innovation goals while managing their risk."
Qualys TotalAI is purpose-built for the unique realities of AI risk, going beyond basic infrastructure assessments to directly test models for jailbreak vulnerabilities, bias, sensitive information exposure, and critical risks mapped to the OWASP Top 10 for LLMs. Taking a risk-led approach, TotalAI not only finds AI-specific exposures — it helps teams resolve them faster, protect operational resilience, and maintain brand trust. TotalAI delivers:
- Automatic Prioritization of AI Security Risks: Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk™ scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks.
- Faster, Safer AI Application Development: With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls.
- Enhanced Defense Against Emerging AI Threats: TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards.
- Protection from Cross-modal Exploits with Multimodal Threat Coverage: TotalAI's enhanced multimodal detection identifies prompts or perturbations hidden inside images, audio, and video files that are designed to manipulate LLM outputs, helping organizations safeguard against cross-modal exploits.
"AI is reshaping how businesses operate, but with that innovation comes new and complex risks," said Sumedh Thakar, president and CEO of Qualys. "TotalAI delivers the visibility, intelligence, and automation required to stay agile and secure, protecting AI workloads at every stage — from development through deployment. We are proud to lead the way with the industry's most comprehensive solution, helping businesses innovate with confidence, while staying ahead of emerging AI threats."
Availability
Qualys TotalAI is now available. For a 30-day trial, visit qualys.com/forms/totalai or read our blog to learn more.
Additional Resources
- Read our blog post, "Guard Against GenAI and LLM Risks from Development to Deployment with Qualys TotalAI"
- Sign up for a free trial of Qualys TotalAI
- Follow Qualys on LinkedIn and X
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Enterprise TruRisk Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Oracle Cloud Infrastructure, Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.
Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Media Contact:
Rachel Yap Winship
Qualys
Media@Qualys.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/qualys-expands-platform-to-protect-against-ai-and-llm-model-risk-from-development-to-deployment-302440627.html
SOURCE Qualys, Inc.
FAQ
What new AI security features does Qualys (QLYS) TotalAI offer in 2025?
How does Qualys (QLYS) protect against LLM model risks in development?
What AI security threats does Qualys (QLYS) TotalAI detect?
How does Qualys TotalAI integrate with existing development workflows?
What AI security risks are CISOs most concerned about in 2025?
