hamburger menu

Agenda

7:30 – 8:30 AM Registration and Breakfast
8:30 – 8:45 AM Welcome and Opening Remarks
Amer Deeba, Chief Commercial Officer, Qualys
8:45 – 9:30 AM 2017: The Year of Vendor Consolidation, and the Role Qualys Will Play
Philippe Courtot, Chairman and CEO, Qualys

Qualys Cloud Platform – 2016 Update and Roadmap

9:30 – 10:30 AM Qualys Cloud Platform – 2016 Update and Roadmap
Sumedh Thakar, Chief Product Officer, Qualys
10:30 – 11:15 AM Refreshments and Networking
11:15 – 12:30 PM Showcase of New Innovations
Sumedh Thakar, Chief Product Officer, Qualys
Chris Carlson, Vice President, Product Management, Qualys Cloud Agent, Qualys
Tim White, Director of Product Management, Qualys

12:30 – 1:45 PM Lunch
1:45 – 2:15 PM My Life as a Chief Security Officer
Gerhard Eschelbeck, Vice President, Security and Privacy Engineering, Google

Qualys Cloud Suite – 2016 Update and Roadmap

2:15 – 3:00 PM Vulnerability Management (VM), AssetView (AV), ThreatPROTECT (TP) and Continuous Monitoring (CM)
Tim White, Director of Product Management, Qualys
Jimmy Graham, Director of Product Management, AssetView and ThreatPROTECT, Qualys
3:00 – 3:45 PM Web Application Scanning (WAS) and Web Application Firewall (WAF)
Jason Kent, Vice President of Product Management, Web Application Security, Qualys
3:45 – 4:30 PM Refreshments and Networking
4:30 – 5:15 PM Policy Compliance (PC) and Security Assessment Questionnaire (SAQ)
Tim White, Director of Product Management, Qualys
Hariom Singh, Director of Product Management, Qualys

5:15 – 6:00 PM DeDOSing IT Security
Joseph Blankenship, Senior Analyst, Forrester
6:00 – 6:30 PM Break Before Dinner
6:30 – 7:00 PM Transportation to Dinner
7:00 – 10:30 PM Cocktails, Dinner, Entertainment

8:00 – 8:45 AM

Breakfast and Networking

8:45 – 9:30 AM

Only the STRONG Survive

Mike Rothman, President, Securosis

Solution Sessions

9:35 – 10:05 AM

The Qualified SIEM: Going Beyond Data Suffocation

Jake Reynolds, Technical Alliances Engineer, LogRhythm

10:10 – 10:40 AM

2016 Vulnerability Threats & Trends

Tim Cantilena, Vulnerability Intelligence Engineer, Verisign

10:40 – 11:15 AM

Refreshments and Networking

Case Studies

11:15 – 11:55 AM

Vulnerability Management at Scale

Liz McQuarrie, Principal Scientist, Director of Security Operations, Adobe

11:15 – 11:55 AM

Automating Vulnerability Management with Qualys Cloud Agents

Nathan Cooper, Senior CyberSecurity Analyst, Geisinger Health Systems

12:00 – 1:20 PM

Lunch

1:20 – 2:00 PM

AssetView Use Cases

Jimmy Graham, Director of Product Management, AssetView and ThreatPROTECT, Qualys

Tim White, Director of Product Management, Qualys

1:20 – 2:00 PM

API Best Practices

Jeff Leggett, Director, Cloud Services, API and Integration, Qualys

2:05 – 2:45 PM

ThreatPROTECT Use Cases

Jimmy Graham, Director of Product Management, AssetView and ThreatPROTECT, Qualys

Tim White, Director of Product Management, Qualys

2:05 – 2:45 PM

Scanning Cloud Environments and Container Technologies

Hari Srinivasan, Director of Product Management, Qualys

2:50 – 3:30 PM

Cyber Conflict: Prevention, Stability and Control

Fred Kaplan, Slate columnist, author, and Pulitzer Prize winner

Followed by a signing of his new book, Dark Territory: The Secret History of Cyber War

3:30 – 3:45 PM

Closing Remarks

Amer Deeba, Chief Commercial Officer, Qualys

Policy Compliance Agenda

This class is no longer taking registrations because it is full.

AM Session – Policy Compliance
9:00 – 10:00 AM Account and Application Setup
  • The Qualys Cloud Platform
  • User Setup
  • Subscription Setup
  • Asset Tagging and Asset Groups
  • HANDS-ON LAB: Account Setup
10:00 – 12:00 AM Compliance Setup
  • Compliance Overview
  • SCAP Support
  • Controls Library
  • Compliance Scanning
  • Compliance Profiles and Configuration
  • FIM, WMI Query, Share Enumeration, Password Auditing
  • HANDS-ON LAB: Compliance Scanning
12:00 – 1:00 PM Lunch
1:00 – 2:00 PM Controls and Policies
  • User Defined Controls
  • Building Policies from Scratch and Importing
  • Cardinality in Controls
  • Regular Expressions
  • HANDS-ON LAB: Policy Creation and User Defined Controls
2:00 – 3:30 PM Policy Compliance Reporting
  • Policy Report and Report Templates
  • Dashboard
  • Request Exceptions using Interactive Reports
  • HANDS-ON LAB: Compliance Reporting
PM Session – Security Assessment Questionnaire
3:30 – 4:30 PM SAQ Overview
  • Campaigns and Questionnaires
  • Templates and Library
  • User Roles
  • Demo
4:30 – 5:00 PM
  • Q&A

Basic Vulnerability Management Agenda

This class is no longer taking registrations because it is full.

AM Session – Basic Vulnerability Management
9:00 – 10:00 AM
  • Agenda
  • The Qualys Cloud Platform
  • Overview of the Vulnerability Management Lifecycle
  • HANDS-ON LAB: Getting Started
10:00 – 11:00 AM
  • Vulnerabilities and the KnowledgeBase
  • Building and applying Search Lists
  • HANDS-ON LAB: Creating and Importing Search Lists
11:00 – 12:00 PM
  • Asset Mapping
  • Host Assets in your Subscription
  • HANDS-ON LAB: Discover and Scan Assets
12:00 – 1:00 PM Lunch
PM Session – Assets, Scanning, and Reporting
1:00 – 2:30 PM
  • Asset Groups and Business Risk
  • Dynamic Asset Tagging
  • AssetView, Advanced Search, and Dynamic Dashboards
  • ThreatPROTECT Introduction
  • HANDS-ON LAB – Organizing and Viewing Assets
  • Scanning Overview
  • Scanning Configuration
  • Authenticated Scanning
  • Cloud Agent Introduction
  • HANDS-ON LAB: Vulnerability Scanning
2:30 – 4:30 PM
  • Reporting Overview and Templates
  • Scheduling Reports
  • Reporting Use Cases
  • HANDS-ON LAB: Reporting
  • User Roles
  • Building Remediation Policies
  • HANDS-ON LAB: User Creation and Remediation Policies
4:30 – 5:00 PM
  • Certification Exam

Web Application Scanning Agenda

This class is no longer taking registrations because it is full.

9:00 – 10:00 AM Web Application Scanning Overview
  • Overview of the WAS Lifecycle
  • Scanning Your Web Architecture
  • The Qualys Cloud Platform
10:00 – 11:00 AM The Qualys KnowledgeBase
  • The Qualys KnowledgeBase
  • Search Lists
  • HANDS ON LAB: Basic Setup
11:00 – 12:00 PM Basic Application Setup and Discovery
  • Defining an Application
  • Adding, Removing, and Managing Web Applications
  • Crawl Scope
  • Scanning workflow
  • Discovery Scan
  • HANDS-ON LAB: Defining an App and Launching a Discovery Scan
12:00 – 1:00 PM Lunch
1:00 – 2:00 PM Advanced Application Setup and Scanning
  • Scanning Configuration
  • Crawling your Application
  • Progressive Scanning
  • Configuring DNS Override
  • Form Based Authentication
  • Crawl Exclusions
  • HANDS-ON LAB: Vulnerability Scan
2:00 – 3:00 PM Reporting
  • Dashboard
  • Web Application, Scan, Scorecard, and Catalog Reporting
  • Useful QIDs
  • HANDS-ON LAB: Customized Reporting
3:00 – 4:30 PM Tags, Users, Burp and Malware Detection
  • Tag Creation
  • User Roles and Permissions
  • Burp Professional Integration Overview
  • HANDS-ON LAB: Asset Tags and User Privileges, Burp integration, and Malware Detection
4:30 – 5:00 PM Q&A

Advanced Vulnerability Management Agenda

This class is no longer taking registrations because it is full.

AM Session – Vulnerability Management
9:00 – 10:30 AM Continuous Monitoring
  • Rulesets
  • Monitoring Profiles
  • Alerts
  • HANDS-ON LAB: Setup Continuous Monitoring
10:30 – 11:30 AM Scanning and Cloud Agent Overview
  • Scanner Placement and Deployment
  • Scanner Parallelization and Performance
  • Light Inventory Scan
  • Authenticated Scanning
  • Attribution and delegation of scanning tasks
  • EC2 Scanning Overview
  • Cloud Agent Overview
  • HANDS-ON LAB: Scanning tips and best practices
11:30 – 12:30 PM Lunch
12:30 – 3:00 PM Asset Management
  • Asset Groups vs. Asset Tags
  • Automation with Asset Tags
  • Effective Asset Tag Design
  • AssetView, Advanced Search, and Dynamic Dashboards
  • ThreatPROTECT HANDS-ON LAB: Tagging, AssetView, and ThreatPROTECT
Reporting and Remediation
  • Host Based vs. Scan Based Findings
  • Setting goals for acceptable risk
  • Monitoring and enforcing patch deadlines (i.e., SLAs)
  • Measuring Business Risk in a Trend Report
  • Identifying and responding to process bottlenecks
  • HANDS-ON LAB: Qualys Report Metrics
3:00 – 4:30 PM API for Vulnerability Management
  • Supported Environments
  • Python and Curl
  • API v1 and v2 for Vulnerability Management
  • HANDS-ON LAB: API v1 and v2
4:30 – 5:00 PM
  • Q&A
Liz McQuarrie

Liz McQuarrie
Principal Scientist, Director of Security Operations, Adobe

Liz is the Director of Security Operations for Adobe's Cloud Ops group, responsible for the security and compliance of the Adobe's Creative Cloud and Shared Cloud services. She is also principal scientist for Adobe. The results of her work have dramatically improved the security landscape for hundreds of millions of Adobe Reader customers.

Vulnerability Management at Scale

Liz McQuarrie
Principal Scientist, Director of Security Operations, Adobe

Liz McQuarrie, Adobe’s director of security operations, will discuss how the company implemented security & compliance with Qualys as part Adobe’s movement to the cloud. She will cover the vulnerability management challenges within Adobe’s cloud migration and the role Qualys’ automation played before, during and after this journey, including what went well and what she would have done differently.

Fred Kaplan

Fred Kaplan
Slate columnist and author of Dark Territory: The Secret History of Cyber War

Fred Kaplan is Slate’s “War Stories” columnist and the author of five books, most recently Dark Territory: The Secret History of Cyber War. He is a former Pulitzer Prize-winning reporter for the Boston Globe, and earned a Ph.D. from M.I.T.

Cyber Conflict: Prevention, Stability and Control

Fred Kaplan
Slate columnist and author of Dark Territory: The Secret History of Cyber War

Computer vulnerabilities are nothing new. They’ve been understood, and exploited, since the dawn of the Internet. The resulting offense-defense cyber-arms race is an inevitable product of the technology, The quest for perfect security is futile—there’s no silver bullet or magic algorithm—but there are some sensible approaches for making the ride a little less bumpy.

Joseph Blankenship

Joseph Blankenship
Senior Analyst, Forrester

Joseph is a senior analyst at Forrester, where he supports Security & Risk Professionals, helping clients develop security strategies and make informed decisions to protect against risk. He covers security infrastructure and operations, including security information and event management (SIEM), security analytics, and network security. His research focuses on security monitoring, threat detection, operations, and management.

DeDOSing IT Security

Joseph Blankenship
Senior Analyst, Forrester

Security teams are deluged with data from myriad devices and device types. Making sense of it all and making use of it in time to prevent an attack or stop a breach is a Herculean task. Without the right strategies, tools and tactics, we are DoSing our security teams with an increasingly unserviceable volume and variety of data. We need smarter technology and processes to help us make better security decisions that leverage these data volumes strategically and effectively, and communicate their impact efficiently. Forrester Senior Analyst Joseph Blankenship will present best practices to examine this problem and discuss:

Mike Rothman

Mike Rothman
President, Securosis

Mike’s bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike is one of the most sought after commentators in the security business and brings a deep background in information security. After 20 years in and around security, he’s one of the guys who “knows where the bodies are buried” in the space.

Only the STRONG Survive

Mike Rothman
President, Securosis

It's not easy being a security executive nowadays. Adversaries continue to innovate and find new ways to compromise devices and exfiltrate your critical data. Management still doesn't understand what you do, but they are certainly watching. You face a talent gap that will be addressed in maybe 50 years or so. Things sure seem dire, but if you flip your perspective on security, you realize that there has never been a better time to be in the security business. If you become a STRONG security executive.


Mike Rothman, Securosis analyst, author of the Pragmatic CSO, and 3-time QSC keynoter will discuss the evolution of the security program and delve into the skills required to not just survive, but thrive as a security executive. Mike will cover how to define security success, build a talent factory to optimize the performance of your team, and how to manage your response to any situation. Most importantly, Mike will challenge you to align your personal priorities with your job and interests to make sure you are engaged, growing, and dare we say it, happy practicing security.

My Life as a Chief Security Officer

Gerhard Eschelbeck
VP, Security and Privacy Engineering, Google

What’s it like heading up security for one of the world’s biggest tech companies and hacker targets? Google VP of Security Engineering Gerhard Eschelbeck will give a rare inside look at his daily job and how he protects the data of millions of people and companies. He'll also share insights from the big and little challenges Google faces with security and what keeps him up at night.

Gerhard Eschelbeck

Gerhard Eschelbeck
VP, Security and Privacy Engineering, Google

Gerhard Eschelbeck is Vice President Security and Privacy Engineering at Google, where he leads the teams that ensure data and systems security, as well as user privacy. Eschelbeck has a passion for championing new technologies and is a trusted advisor to a number of early stage start-up companies. He published the “Laws of Vulnerabilities” and is one of the inventors of the Common Vulnerability Scoring System (CVSS). He holds numerous patents in the field of managed network security. Prior to joining Google, Eschelbeck was CTO and Senior Vice President at Sophos and Qualys, and served in senior product and technology roles at companies including Network Associates and McAfee. Eschelbeck has a Ph.D. in computer science from University Linz, Austria.

Automating Vulnerability Management with Qualys Cloud Agents

Nathan Cooper
Senior CyberSecurity Analyst, Geisinger

Maintaining IT Security and compliance posture in the health care industry means protecting patient health records and data from Hackers. This starts with security basics: vulnerability scanning, compliance, and asset management. The Qualys Cloud Agent helped Geisinger achieve the basics on their devices without impacting patient care. The Qualys API along with the Qualys Cloud Agent allowed Geisinger to automate and streamline our processes and procedures, which made for more efficient patching cycle.

Nathan Cooper

Nathan Cooper
Senior CyberSecurity Analyst, Geisinger Health Systems

Nathan Cooper is a senior security analyst at Geisinger Health Systems, where he has been responsible for the company’s vulnerability management and penetration testing efforts since 2015. Prior to Geisinger, Cooper worked with various government agencies including the FBI and DOD, doing everything from encryption to server management. He started his IT career in 1999 with the US Army.

Leveraging Qualys and EiQ’s SOCVue to Identify and Remediate Threats and Vulnerabilities

Vijay Basani
Co-founder, President & CEO, EiQ Networks

Find out how EiQ's SOCVue® Vulnerability Management service helps reduce your attack surface, while saving time and minimizing your operational costs. EiQ leverages leading vulnerability scanning technology from Qualys to identify and provide remediation guidance for the latest threats and vulnerabilities. We’ll cover:

Vijay Basani

Vijay Basani
Co-founder, President & CEO, EiQ Networks

Vijay is a serial entrepreneur with a track record of building successful businesses delivering enterprise-class solutions. Before starting EiQ Networks, he founded AppIQ, an application storage resource management provider acquired by Hewlett Packard in October 2005, and WebManage Technologies, a policy-driven content delivery solution provider acquired by Network Appliance in August 2000. Vijay’s experience includes senior executive positions in the financial industry at Spencer Trask Securities and Josephthal Lyon & Ross. Vijay is the co-owner of five patents for the architecture and design of the WebManage Content Delivery system, Adaptive Policy Engine, and SLA Management. He earned a Bachelor of Engineering degree in electronics and instrumentation as well as an MBA and post-MBA degrees from Baruch College in New York. He is currently enrolled in the Owner/President Management program at Harvard Business School.

Accelerate The Detection, Reduce Time to Respond and Remediation of Web Vulnerabilities Using Splunk Enterprise Security

Girish Bhat
Director, Security Product Marketing, Splunk

The popularity and adoption of web applications by today’s Enterprise continues to increase the use of Web applications as a popular attack surface. As more web applications continue to be adopted by Enterprises, CISOs are looking to investigate ways to mitigate the threats posed.

Girish Bhat

Girish Bhat
Director, Security Product Marketing, Splunk

Girish Bhat is director of security product marketing at Splunk responsible for key Splunk security solutions, the Splunk CISO customer advisory board and customer use cases.


Previously, Girish held various roles managing authentication, compliance, VPN, advanced threats, DLP, IDS/IPS, mobile, SaaS, IaaS, virtualization and network monitoring solutions.


Girish's initial career involved designing and implementing hardware and software products.

2016 Vulnerability Threats & Trends

Tim Cantilena
Vulnerability Intelligence Engineer, Verisign

Savvy security practitioners understand that the key to effective online risk management is software vulnerability management, as trends in this facet can drastically affect the rest of the ecosystem, from firewalls to malware defense to combating espionage. To prioritize vulnerabilities and defend against their exploitation, organizations need to understand not only the context, scope and magnitude of individual vulnerabilities, but also the range of broader trends that can signal significant shifts in the vulnerability management landscape.


In this talk Verisign iDefense discusses notable trends in vulnerabilities and exploits from the previous year, and how iDefense vulnerability intelligence helps Qualys customers protect themselves against the latest vulnerabilities and exploits.

Tim Cantilena

Tim Cantilena
Vulnerability Intelligence Engineer, Verisign

Tim is currently a vulnerability intelligence engineer with Verisign iDefense Security Intelligence Services, where he specializes in analyzing software vulnerabilities. The focus of his current work is providing actionable and timely vulnerability risk assessments focused on enterprise technologies in support of client asset management mitigation strategies. He has worked in the cyber security field for the past four years, and has experience as a quality assurance test engineer as well as software developer for penetration testing software.

AssetView Use Cases

Jimmy Graham
Director of Product Management, AssetView and ThreatProtect, Qualys

Tim White
Director of Product Management, Qualys

This talk will cover real-world use cases and show how to leverage Qualys AssetView to address both IT and Security needs. Attendees will learn how to perform advanced searches and build customized widgets within the platform. This session will also include new features inside of AssetView, such as trending widgets and search filtering.

ThreatPROTECT Use Cases

Jimmy Graham
Director of Product Management, AssetView and ThreatProtect, Qualys

Tim White
Director of Product Management, Qualys

This talk will show how Qualys ThreatPROTECT can be used to pinpoint critical vulnerabilities using real time threat data. Attendees will learn how to tap into the firehose of vulnerability and exploit disclosures and automatically prioritize remediation without the need for manual searching. This session will also cover best practices for visualizing threat data within a dashboard environment.

Jason Kent

Jason Kent
Vice President, Product Management, Web Application Security, Qualys

Jason Kent is Vice President, Web Application Security Product Management at Qualys. Prior to that, he held technical security positions at Veracode, BlueCoat, Aruba and Verizon. Through more than a decade of dedicated AppSec experience, he has established expertise in AppSec PenTesting, AppSec program architecture and AppSec tools. His efforts helping Fortune 500 companies to maintain continuous security and compliance spans application security, infrastructure security, wireless and physical security. Jason has spoken at conferences such as ISC2 Security Congress, Northeastern OWASP events, and for Qualys at RSA and Black Hat. A US Navy Submarine Force Veteran, Jason is also passionate about putting security people together with their stakeholders.

Web Application Scanning (WAS) and Web Application Firewall (WAF)

Jason Kent
Vice President, Product Management, Web Application Security, Qualys

This talk will introduce the Web Application Security offerings by first demonstrating the vast breadth of deployments of Web Application Scanning and give an understanding of how customers are using WAS today. Additionally Jason will cover the extensive work that is going into the WAF UI and Engine to incorporate feedback and create flexibility that will allow for your organization to get ahead of the attackers.

Jeffrey Leggett

Jeffrey Leggett
Director, Cloud Services, API and Integration, Qualys

Jeffrey Leggett is currently Director of Cloud Services, API and Integrations for Qualys. With over 25 years of IT and InfoSec experience, he acts as both Product Manager and Subject Matter Expert on Automation and Integrations for the company.

API Best Practices

Jeffrey Leggett
Director, Cloud Services, API and Integration, Qualys

This talk features a mid-level exploration of each Qualys module with customer-exposed API's, including their functionality, with special emphasis on new API's to the Qualys Cloud Platform (Cloud Agent, updates to host detection API and posture API, etc).


Jeffery will also talk about all current Qualys-built integrations - Splunk and Service Now - what's new in them and what new features are planned for 2017.

2017: The Year of Vendor Consolidation, and the Role Qualys Will Play

Philippe Courtot
Chairman & CEO, Qualys

Philippe will report on Qualys’ progress and will discuss the company’s vision and product strategy as it relates to the current industry trend of vendor consolidation.

Philippe Courtot

Philippe Courtot
Chairman and CEO, Qualys

As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures. Philippe received the SC Magazine Editor's Award in 2004 for bringing on demand technology to the network security industry. He was also named the 2011 CEO of the Year by SC Magazine Awards Europe. He was previously Chairman and CEO of Signio until its acquisition by VeriSign. He is also a member of the Board of Directors of StopBadware, a non-profit, anti-malware organization.

Vulnerability Management (VM), Continuous Monitoring (CM), Cloud Agent (CA), AssetView (AV), ThreatPROTECT (TP)

Tim White
Director of Product Management, Qualys

Jimmy Graham
Director of Product Management, AssetView and ThreatPROTECT, Qualys

This talk will highlight the latest improvements in Vulnerability Management, Cloud Agent, Continuous Monitoring as well as AssetView and ThreatPROTECT. We will discuss upcoming product features scheduled for 2017 such as Docker, IPv6, new dashboard and search features, and Cloud Agent. Attendees will also learn about key new features delivered since the last conference.

Tim White

Tim White
Director, Product Management, Policy Compliance, Qualys

Tim is the director of product management for Qualys’ policy compliance portfolio and has more than 20 years of experience in various IT security areas including IT governance risk and compliance, datacenter security, firewalls, server protection and more. Prior to joining Qualys, Tim was a technical product manager and systems engineer with Symantec, and has held roles with the City of Austin and Axent.

Jimmy Graham

Jimmy Graham
Director, Product Management, AssetView and ThreatPROTECT, Qualys

Jimmy Graham is the Director of Product Management for Qualys AssetView and ThreatPROTECT. He has been deeply involved in information security and vulnerability management for over 10 years, and has managed teams covering security operations, incident response, application security, vulnerability management, penetration testing, governance, and compliance.

Martin Walker

Martin Walker
SME, Vulnerability Management, Cloud Agent, Qualys

Mr. Walker is the Qualys SME for Vulnerability Management and Cloud Agent. He has 30 years of experience in IT, and 25 in InfoSec focused roles. For the last decade he has been providing professional services focused on incident response and forensics, and vulnerability management.

Policy Compliance (PC) and Security Assessment Questionnaire (SAQ)

Tim White
Director of Product Management, Qualys

Hariom Singh
Director of Product Management, Qualys

This talk will highlight the full breadth of Qualys' Policy Compliance solutions, plus discuss upcoming product features scheduled for 2017. Attendees will learn about significant Policy Compliance coverage expansions into app, database and network compliance, and see demos of new reporting features. This session will also showcase recent updates to Qualys' cloud-based Security Assessment Questionnaire.

Hariom Singh

Hariom Singh
Director of Product Management, Qualys

With over 12 years of experience in cyber security and IT GRC, Hariom Singhhas been a driving force for positive change, helping organizations across industries lower IT security risk and meet their IT GRC objectives. As Qualys' director of product management, he works with clients to help them secure their cyber infrastructure and exceed their IT-GRC goals. Prior to Qualys, he worked as the technical lead for Creative Breakthroughs, a technical consultancy, and as senior consultant for Symantec, building his vast experience designing and building effective security and compliance solutions for large enterprises in the healthcare, energy, financial and telecommunications industries.

Shailesh Athalye

Shailesh Athalye
Senior Manager, Engineering, Qualys

Shailesh Athalye (CISA, CRISC, CEH, ISO 27001 LA) is a senior engineering manager for Policy Compliance and Security Assessment Questionnaire. With over 12 years of experience in IT GRC, he has been a driving force for engineering Risk & Compliance products at leading security product companies, helping customers go beyond compliance and drive their IT GRC objectives.

The Qualified SIEM: Going Beyond Data Suffocation

Jake Reynolds
Technical Alliances Engineer, LogRhythm

Without context, data tells an incomplete story. Yet, with the eroding perimeter, user owned and embedded devices, and the adoption of cloud platforms, we are collecting more than ever. Combining Qualys’ accurate and timely vulnerability data with LogRhythm's Security Intelligence Platform leverages both solutions’ analytics to build precision context for all that data. With a deeper understanding of the impact of these events, organizations can better prioritize real-time alerts, focus on the most important threats first, and accelerate the time to detect and respond to them.

Jake Reynolds

Jake Reynolds
Senior Manager, Engineering, Qualys

Jake Reynolds is the Technical Alliances Engineer at LogRhythm, where he is responsible for supporting the development and management of the company’s technical alliances with third-party technology providers. He has more than 20 years of experience in the Information Technology industry, with a focus on Information Security. Prior to LogRhythm, he held multiple security architect and engineer roles, and most recently helped spearhead security analytics and threat research at Level 3 Communications. Jake is an autodidact, with a focus on security, technology, and aviation.

Scanning Cloud Environments and Container Technologies

Hari Srinivasan
Director, Product Management, Qualys

This talk will cover how to deploy Qualys seamlessly and deeply into public cloud environments with new features. It will also detail how to gain complete visibility of an organization’s entire cloud asset inventory and security posture to help them keep up with shared security responsibility models across public cloud infrastructure and container-based environments like Docker.

Jake Reynolds

Hari Srinivasan
Director, Product Management, Qualys

Hari Srinivasan is director of product management for Qualys’ public cloud infrastructure platform integrations. With over 11 years experience in Enterprise Software space, Hari has expertise in numerous enterprise software disciplines including cloud automation and systems management, data center transformation, Hybrid Cloud, PaaS - DBaaS, compliance and configuration management. He previously worked at Oracle and Andale.

Amer Deeba

Amer Deeba
Chief Commercial Officer, Qualys

Responsible for all aspects of marketing, strategic alliances and global accounts, Amer has a proven track record of driving company growth in fast-moving technology fields. Amer previously served as the Chief Marketing Officer for Qualys for thirteen years and led the corporate and product marketing functions. Before joining Qualys, Amer served as the General Manager for the Payment Services Division at VeriSign where he contributed to establishing VeriSign as a leader in online payments processing 40% of all credit card transactions across the Internet. Amer came to VeriSign through its acquisition of online payments pioneer Signio, where he was Director of Product Marketing.

Sumedh Thakar

Sumedh Thakar
Chief Product Officer, Qualys

As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform to meet the Payment Card Industry (PCI) Data Security Standard (DSS) requirements.

Showcase of New Innovations

Sumedh Thakar
Chief Product Officer, Qualys

Chris Carlson
Vice President, Product Management, Qualys Cloud Agent, Qualys

Tim White
Director of Product Management, Qualys

An overview of Qualys' recent and upcoming improvements in the cloud platform along with exciting new modules being added to the platform.

Qualys Cloud Platform – 2016 Update and Roadmap

Sumedh Thakar
Chief Product Officer, Qualys

Sumedh will review the key 2016 product updates as well as outline the 2017 Qualys roadmap. He’ll demonstrate how platform enhancements and technology innovation in the cloud are enabling Qualys customers to reduce the number of solutions used for IT security and compliance.

Chris Carlson

Chris Carlson
Vice President, Product Management, Cloud Agent Platform

Chris Carlson is a Vice President of Product Management at Qualys, where he is in charge of the product definition, roadmap and strategy for the Cloud Agent Platform. During his 20+ year career in the infosec industry, Carlson has attained expertise in multiple areas, ranging from firewalls, VPNs and intrusion prevention systems to real-time event-processing, security analytics and next-generation endpoint platforms. Prior to joining Qualys, he held security architecture roles at UBS and at Booz Allen Hamilton, and product management positions at venture-funded startups and at leading vendors, including Hexis Cyber Solutions, Agent Logic, Informatica and Trustwave.