Agent Val Qualys: Exploitability Validation at Machine Speed 2026

In vulnerability management, the hardest question is no longer about finding what is vulnerable. It is knowing what is actually exploitable in your specific environment, against your compensating controls, right now.

Most enterprises already excel at detection. They run scanners, ingest threat intel, and score findings. The breakdown happens between detection and decision, when teams must prove whether a vulnerability is actually exploitable in the live environment with existing controls.

That gap is widening. In 2025, more than 48,000 CVEs were published. Only a small fraction will ever become remotely exploitable, actively weaponized, and backed by working proof-of-concept code. Yet the other 99% still consume the bulk of remediation capacity.

Every CTEM tool has a connector and a theoretical score to rank findings. They are good at generating exposure. None can actually prove which exposures are real, in-your-environment, attackable risks. Severity scores still dominate queues even though theoretical severity has little predictive power for real-world exploitation in a specific environment.

Siloed scanners, SIEMs, and patch tools automate their own slice of the workflow, but “connected” does not mean risk-informed. Teams can patch faster, but they can still patch the wrong thing.

Welcome to the Day Minus One reality

In 2018, the average time between vulnerability publication and first exploitation in the wild was 63 days. By 2021, it was 32 days. By 2023, five days. Mandiant’s 2024 data showed an average of -1 day, meaning exploitation now routinely occurs before the patch even exists. This is a structural mismatch between human-speed defense and machine-speed offense. More analysts and faster ticket queues cannot reverse it. 

Levelling The Playing Field is The Need of The Hour

 At enterprise scale, humans cannot sustain continuous triage across constantly changing assets, cloud configurations, and identity sprawl. Static prioritization is always behind. Edge devices, VPNs, and exposed services sit on the boundary where a single reachable flaw can lead directly to compromise.

 Production environments are complex, layered with WAFs, identity controls, and segmentation. Version-based detection misses this real-world context, leading to false positives and blinding teams to actual threats. Teams also do not have the capacity to handle this manually through human-driven triage, spreadsheets, and ticket queues. They need to answer a chain of questions continuously:

• What should be validated first?
• How should it be tested safely in production?
• What does the outcome prove?
• What action should follow?
• Is the exploit path already blocked?
• Did the fix actually close the path?

The only viable response is to match the attacker’s operational tempo with a cyber risk system that operates at the same speed and with the same autonomy that attackers now use.

“Agentic AI finally lets defenders automate steps that previously required human judgment at every stage.”

Qualys Enterprise TruRisk Management (ETM) is the industry’s first unified, Agentic AI-augmented risk operations center (ROC). It brings together asset and identity inventory, risk signals from Qualys and third-party sources, business context, and automated remediation workflows. Within that ROC model, agentic AI acts as a digital workforce that continuously supports scoping, discovery, prioritization, validation, and mobilization.

Today, Qualys introduces Agent Val, an agentic AI-led workflow inside Qualys ETM. Agent Val continuously determines what to validate first, uses TruConfirm to safely prove whether a risk is truly exploitable, drives the next best remediation action, and revalidates the exact exploit path to confirm the exposure is actually closed. Not probabilistic. Confirmed.

Meet Agent Val: The AI Agent for Safe Exploit Validation Inside ETM

Agent Val sits inside a mature platform (Qualys ETM) with established foundations: a unified asset inventory spanning Qualys and non-Qualys tools, including Microsoft Defender, Wiz, and CrowdStrike; TruRisk scoring that prioritizes millions of exposures with business context and threat intelligence; and automated risk orchestration through ITSM integrations like ServiceNow and Jira.

Agent Val lives inside ETM and operates as part of the broader risk operations system. Its core value is turning exploit validation from a manual, ad hoc task into a continuous, closed-loop process: validate, mitigate, revalidate.

Agent Val continuously determines what to validate first, uses TruConfirm to safely prove whether a risk is truly exploitable, drives the next best remediation action, and revalidates the exact exploit path to confirm the exposure is actually closed. This integrated risk reduction brings patching, mitigation, isolation, and configuration fixes together with an AI-powered Patch Reliability Score driven from intelligence derived from 140+ million deployed patches. That architecture shows up directly in the workflow.

The Four Steps That Close the Loop

Step 1: Prioritize the Right < 1%

The hardest problem is not finding vulnerabilities. It is selecting the right handful that matters now. Agent Val acts as a risk-aware selection engine on top of ETM. It considers TruRisk scores across Qualys and third-party sources, TruLens threat context, asset exposure profiles, CISA KEV alignment, and exploit availability. From tens of thousands of CVEs and thousands of KEV entries, it narrows the focus to a small set of exposures that are both weaponized globally and relevant to your highest-value assets. The result is often fewer than 10 exposures, specific findings that are both weaponized globally and relevant to the customer’s highest-value assets. Validation is treated as a decisioning problem, not a bulk scan.

Step 2: Prove Exploitability Safely in Production

Once Agent Val selects a target, TruConfirm runs the proof.

TruConfirm uses the attacker’s actual entry path, but replaces the destructive payload with a safe verification action. Depending on the CVE and asset profile, it uses direct response validation, cryptographic verification, or out-of-band callback detection. The goal is binary clarity without production impact: no data exfiltration, no persistence, no writes to disk, no disruption—just proof.

Agent Val selects the right validation method per asset type: Cloud Agent telemetry for internal assets, external scanning for internet-facing assets, and configuration-aware validation for infrastructure. EternalBlue is only flagged exploitable if SMBv1 is actually enabled and exposed. Log4Shell is only confirmed if the JNDI execution path is active in that runtime environment.

EternalBlue is only flagged exploitable if SMBv1 is actually enabled and exposed. Log4Shell is only confirmed if the JNDI execution path is active in that runtime environment. That is the difference between vulnerable on paper and exploitable in practice. When exploitation is confirmed, the evidence includes step-by-step technical reconstruction, callback confirmation, and downloadable artifacts usable by security engineers, IT operations, and compliance teams from the same workflow.

Read More

Step 3: Reduce Risk Intelligently, Not Blindly

Agent Val does not stop at proof. It decides what should happen next. Once exploitability is confirmed, Agent Val selects an optimal remediation path: patch, compensating control, or mitigate now and patch later. It uses factors such as asset type, operating window, and the AI-powered Patch Reliability Score, which estimates the likelihood of a patch breaking something in your environment. Teams can move quickly when it is safe, and slow down when the risk to availability is higher.

For infrastructure assets and high-risk production systems, Agent Val can apply virtual patches, WAF rules, network containment, host isolation, or service disablement while staging the final patch for a safer change window. This creates a viable third path beyond “patch now and risk an outage” or “delay and accept exposure”: mitigate immediately, then patch when ready.

Step 4: Revalidate Closure – The Mic-Drop Moment

Proof without action is incomplete. A validated finding in a queue is still at risk. 

After remediation, Agent Val automatically reruns TruConfirm against the same asset using the same exploit chain. If the path is gone, the finding is marked “Exploit Ruled Out,” the score is updated, and the risk reduction is reflected immediately. Security teams no longer report that a fix was deployed. They report that the attacker path was re-tested and no longer works.

This closes one of the oldest gaps in vulnerability operations. In an era of automated infrastructure and configuration drift, this re-validation step shifts metrics from activity to outcome and adds a final integrity check in dynamic environments.

Together, these steps represent the industry’s first complete, automated CTEM pipeline — from knowing what’s dangerous to proving the danger is gone.

Why Generic AI and API Patching Fall Short

Connecting patching tools via API does not make a workflow risk-informed. APIs move data. They do not provide exploitability proof, business context, or prioritization logic.

Generic LLM-based AI has a similar limit. It can read CVEs, summarize advisories, and suggest fixes. But it cannot validate whether a vulnerability is actually exploitable on your asset, in your network, behind your WAF, EDR, and segmentation controls. Its output is inference, not evidence.

API-driven patching executes faster, but still acts on severity or policy. It does not know if the CVE is exploitable, already mitigated, or irrelevant to the asset’s role. This leads to over-patching, missed real risk, and no confirmation of closure.

The result is automation of assumptions.

Agent Val changes the model from advice or automation to a closed loop with proof.

What Proven Risk Reduction Looks Like 

Agent Val’s value is not more findings. It is proof, focus, and speed. Implementing this workflow delivers significant business impacts across the organization.

• 95% Reduction in Remediation Noise – Agent Val reduces the universe of findings teams need to act on. It narrows the focus from 62.5 million raw findings down to 150,000 confirmed exploitable exposures.
• 60-70% Lower Mean Time to Remediation (MTTR) – By skipping manual validation and providing teams with evidence and the fix path in a single workflow, Agent Val drastically reduces remediation time.
• 10x Faster Cross-Team Execution – Exploit evidence and proof of which control blocked the path reduces handoff friction between security, IT, and operations.
• Better Use of Engineering Time – Agent Val changes the patch queue from broad theoretical severity to provable, actionable exposure.
• Enhanced Audit Confidence – Agent Val provides CISOs with hard data for board reviews, audit discussions, and post-mitigation attestations.

The New Metric for Cyber Risk Operations

The era of counting vulnerabilities, trusting theoretical risk prioritization, and manual remediation is over. The era of validated and mitigated cyber risk has begun.

Agent Val represents the operational maturity that cybersecurity has been building toward: an AI-native, domain-specific workflow that doesn’t assist humans in managing risk; it carries operational ownership of the validate-mitigate-revalidate loop at machine speed. It is not another prompt-driven assistant layered on top of security data.

Attackers operate at machine speed. Configuration drift is continuous. The window between detection and exploitation is shrinking. The only way to close that gap is with a system that works continuously, reasons over the full environmental context, proves what’s exploitable, drives the fix, and verifies it worked.

See Agent Val in Action

Request a live demo and watch TruConfirm validate and close a real exploit path in your environment.

Be among the first to experience TruConfirm in Qualys ETM.