Powering the Future of Cyber Risk Management: Welcoming Our First mROC Alliance Members

Organizations today face a growing challenge: fragmented security tools, a flood of risk findings, and limited visibility across environments. But perhaps the biggest challenge of them all is the disconnect between cybersecurity efforts and the business value at risk. Without the ability to aggregate and prioritize security findings, teams struggle to focus on the exposures that pose the greatest threat to revenue, trust, and productivity.
Qualys Enterprise TruRisk Management (ETM)—built on the Risk Operations Center (ROC) framework—was designed to solve these problems. By consolidating risk data from cloud, on-premises, and hybrid environments into a single platform, ETM gives security teams a clear, prioritized view of their risk posture. This drives continuous compliance while reducing business exposure and operational inefficiencies.
Yet, unlocking the full potential of a ROC often requires specialized skills and integration expertise. That’s why, in February 2025, we introduced the mROC Partner Alliance—a new initiative to scale these capabilities through leading MSSPs and GSIs.
The Alliance enables managed ROC (mROC) services that translate cyber risk into business terms, apply industry-aligned risk models, and ensure remediation is aligned with both risk tolerance and strategic goals. These partners help organizations accelerate adoption, bridge skills gaps, and gain expert guidance—making managed ROC a critical strategy for scaling effective, measurable cyber risk management.
Today, we’re proud to welcome the inaugural members of the mROC Partner Alliance—a key milestone in our mission to make cyber risk management more accessible, actionable, and impactful around the world.
- North America: BlueVoyant, GuidePoint Security, ImagineX
- EMEA: NetHive, Teksalah, The Tech Collective, Ekco
Services Delivered by Managed Risk Operations Center (mROC) Partners
The mROC launch partners have undergone enablement and training to deliver a full spectrum of managed risk services, to deliver Qualys-powered ROC, enabling enterprises to unify and analyze risk signals across cloud, on-premises, and third-party tools.
They deliver a comprehensive suite of services that transform cyber risk management from a siloed, reactive process into a unified, proactive discipline:
- Cyber Risk Quantification & Advisory Services:
Strategically quantify cyber risk, tailor security policy recommendations, and align compliance efforts, empowering CISOs to position cybersecurity as a core business strategy.
- Onboarding and Integration:
Centralize risk telemetry into a unified platform, providing real-time visibility, continuous vulnerability management, and automated prioritization and remediation.
- Continuous Risk Monitoring & Managed Services:
Enable 24/7 visibility into risk posture, automate workflows, and deliver actionable insights for executive reporting, helping organizations continuously track and benchmark risks.
- Risk Remediation & Managed Services:
Design and automate proactive remediation programs by integrating ETM with existing systems, providing expert support for swift responses to critical vulnerabilities.
How mROC Partners are Driving Impact
Several of our mROC partners are already seeing meaningful impact as they integrate the program into their service delivery. Through close collaboration with Qualys, these partners are embedding TruRisk-based insights into their service offerings—helping clients unify risk signals, accelerate remediation, and mature their overall security posture. This powerful combination of Qualys’ platform capabilities and mROC partners’ own advisory and operational expertise is helping organizations drive scalable, outcome-focused cyber risk reduction.
Discover what our mROC partners are saying—straight from the source:
“Our collaboration with Qualys through the mROC alliance enables our clients to unify risk data, streamline prioritization, and ensure they receive proactive guidance, continuous monitoring, and rapid threat response. This integrated approach is what modern organizations need to manage risk at scale.”
— Mark Thornberry, SVP Vendor Management, Guidepoint Security“Teksalah & Qualys partnership is built on a shared vision — to embed a holistic risk-based, proactive approach at the core of enterprise cybersecurity. Through our powerful platforms, intelligent tools, and proven services—covering from real-time risk monitoring to effective remediation—we are enabling organizations to manage risk with precision and drive secure innovation. Together, we are transforming our clients cybersecurity from a control function into a catalyst for their business growth and resilience.”
— Murali Konasani, CEO, Teksalah“The strength of mROC lies in our ability to provide clients with leading technology and expert advisory services, leading to stronger cyber defense and better business outcomes. For joint customers, BlueVoyant will integrate and onboard them onto a fully customizable threat platform, and deliver ongoing risk monitoring, as well as swift remediation. This holistic service model enables organizations to stay ahead of threats while maximizing the value of their security investments.”
— Austin Berglas, Global Head of Professional Services, BlueVoyant“As an mROC alliance partner, CTS delivers end-to-end risk management for our clients which traceable technical controls and improvements. Client gets a full security improvement and risk monitoring program with documented status and priorities at all levels in the organization. We now can offer to combine security risk, compliance and strategy development at CISO office with concrete technical control risk measurement and prioritization inside one platform – finally being able to connect conversations between IT operation, Risk management and the security function.”
— Lars Syberg, Partner, TTC Cyber Tech Services
Why Engage an mROC Partner
Engaging with an mROC partner gives enterprises the tools and expertise to transition from fragmented security operations to a unified, business-aligned, and proactive risk management strategy. This partnership turns complex challenges into clear, actionable priorities.
More essentially, this partnership offers enterprises access to the trusted experts, who are authorized to deliver a ROC that enables you to:
- View Risks in Real-time with Continuous Threat Exposure Management (CTEM)
ROC unifies security data from all environments into one platform, giving you real-time visibility to quickly identify and address critical risks before they escalate.
- Communicate Cyber Risk in Quantifiable Financial Terms (CRQ)
By translating cyber risks into financial terms with real-time intelligence and business context, ROC helps you prioritize investments and communicate risk clearly to executives.
- Stay Audit and Compliance Ready, Continuously
Automate continuous monitoring, policy enforcement, and remediation to keep your teams audit-ready and ensure compliance with regulatory standards effortlessly.
- Unify Business Units with a Centralized Risk Management Strategy
ROC breaks down silos by uniting security, IT, finance, and compliance teams, enabling faster, coordinated action on the most important risks.
The value of partnering with mROC transcends traditional risk management. As organizations become more aware of the broader business implications of cybersecurity, mROC offers a strategic, integrated framework that fosters both operational efficiency and lasting resilience.
The future of security is proactive, integrated, and aligned with business goals—mROC is how organizations get there.
Looking to engage a qualified mROC partner to build your Risk Operations Center? Click Here!
Join us for our upcoming webinar on June 4, 2025, and learn how to unlock the full potential of a ROC by engaging an mROC partner!
Additional Resources
- Check out How to Build a Risk Operations Center (ROC) with Qualys Enterprise TruRisk Management (ETM) [on-demand webinar]
- Check out Operationalizing the Risk Operations Centre [on-demand webinar]
- Learn more about mROC here!