Cloud Platform
Solutions
Subscriptions
Cloud platform apps
Customers
Partners
Community
Support
Company
Login
Search

See Resources

CAREER ZONE

Career Zone booth CZ3

Come talk to us about your future career at Qualys!


Wed, July 26: 10:00 a.m. – 7:00 p.m.
Thurs, July 27: 10:00 a.m. – 5:00 p.m.

Qualys Booth Schedule

Stop by our booth to enjoy refreshments and hear best practices and
case study presentations from industry leaders.

WEDNESDAY 7/26
  • 10:00 AM

    Show Floor Opens

  • 10:20 AM

    Achieving 2-Second Visibility with Qualys Cloud Agent

    This talk focuses on how to use the Qualys Cloud Agent to enable instant, global visibility of IT assets including cloud server instances and occasionally connected remote users – with up-to-date asset configuration data for security and compliance. Attendees will learn how Cloud Agents can extend your Qualys network scanning deployment, how they deliver instant visibility into security, compliance, and remediation efforts, and how leading companies are using Cloud Agents in their environments.


    Speaker:

    Jimmy Graham, Director of Product Management, Qualys

  • 11:05 AM

    Leveraging Qualys Vulnerability Management and Threat Protection for BU-Aligned Data Tagging and Reporting

    Fiserv

    Are you struggling to get your company's threat and vulnerability data in front of the right teams for active response and remediation? Come and hear how Fiserv is using Qualys' Vulnerability Management with Threat Protection to provide meaningful and manageable dashboards and reports for Business Units of all sizes across the Fiserv enterprise.


    Speaker:

    Louise Quarles, Sr. Security Engineer, Fiserv

  • 11:50 AM

    Centrally Manage Certificates Obtained from any Certificate Authority

    Learn about new capabilities in the Qualys Cloud Platform that help customers to prevent downtime and outages, audit and compliance failures, and mitigate risks associated with expired and/or vulnerable SSL/TLS certificates on business critical systems. .


    Speaker:

    Asif Karel, Director of Product Management, Qualys

  • 12:35 PM

    Building Security Tool Synergy

    Genesys

    Learn why and how organizations are applying the concept of "synergy" — combining or integrating several organizational groups for greater value-add — to their security tools as a strategy to build greater value for both infosec and the broader business. This talk highlights how Genesys used the Qualys Cloud Platform to combine and integrate Vulnerability Management and Asset Inventory tools for better IT asset management, and how security tool synergy can drive better integration and collaboration across infosec and IT teams.


    Speaker:

    BJ Creasy, Security Architect, Genesys

  • 1:20 PM

    Using Qualys FIM to Track File Changes Across Global IT Assets

    This talk will introduce how to use the new Qualys File Integrity Monitoring to identify and track change across internal IT environments. Learn how these innovations can help customers with change monitoring and compliance efforts, and can reduce the time needed to pinpoint where policy violations may have taken place, so teams can more quickly remediate them.


    Speaker:

    Tim White, Director of Product Management, Qualys

  • 2:05 PM

    Continuous Security and Visibility of Your Complete Public Cloud Infrastructure

    Learn how to extend continuous cloud security monitoring beyond instances, and gain total visibility of all your cloud services.


    Speaker:

    Hari Srinivasan, Director of Product Management, Qualys

  • 2:50 PM

    Expand Current Vulnerability Management Programs by Eliminating Security Misconfigurations

    Learn how to build configuration assessment into your overall Security & Vulnerability Management Program. This presentation will showcase how Qualys Security Configuration Assessment (SCA) helps expand your current Vulnerability management program by automating the configuration assessment and reporting of varied IT assets in a continuous manner. We'll showcase out-of-the-box tools for Center for Internet Security (CIS) policies that feature a simple Web-based UI to customize the policies per your organization, collect data in agent-based and agent-less manner and leverage Qualys' leading coverage across CIS benchmarks for technologies such as operating systems, databases, applications and network devices.


    Speaker:

    Tim White, Director of Product Management, Qualys

  • 3:25 PM

    Using Qualys WAS for a Secure Software Development Lifecycle

    Cisco Systems, Inc.

    As part of a mature and secure web application development lifecycle, continuous security scans are imperative to support the requirements of NIST SP 800-53v4 to support web application development for government customers. This continuous process must consist of automated scans coupled with manual testing. The focus of this presentation is to examine the requirements of NIST SP 800-53v4 as it relates to Web Application security and outline how Qualys WAS can help mitigate the web application security vulnerabilities throughout the web application development lifecycle.


    Speaker:

    Robert Martin, Information Security Engineer, Cisco Systems, Inc.

  • 4:10 PM

    Integrating Qualys WAS and the Creativity of the Crowd

    Bugcrowd

    Qualys recently announced a groundbreaking integration with Bugcrowd, allowing customers to share data between the two platforms and harness the creativity of the worldwide research community. We'll demonstrate the integration and discuss how customers are using it to improve their security programs.


    Speaker:

    Jonathan Cran, Vice President of Products, Bugcrowd
    Frank Catucci, Director of Product Management, Qualys

  • 5:00 PM

    Securing Containers with Qualys

    Learn about how Qualys' new container security solution enables customers to address security for containers in their DevOps pipeline and deployments across cloud and on-premises environments. In this session, learn how to use Qualys to inventory and track container assets, identify vulnerabilities in images and containers, and incorporate security checks into the CI/CD pipeline, to remediate risks early within the development cycles.


    Speaker:

    Hari Srinivasan, Director of Product Management, Qualys

  • 6:00 PM

    Achieving Visibility into Post Breach Detection with Qualys IOC

    This session details the expansion of the Qualys Cloud Platform to include Indicator of Compromise (IOC) detection, one of two new products that deliver visibility into post-breach detection, as well using the Qualys Platform to remediate and harden systems, and avoid breaches. Malware infections are unavoidable – learn how Qualys Indicator of Compromise detection can help organizations detect and respond to infections faster to reduce the time that a potential breach or compromise can occur.


    Speaker:

    Jimmy Graham, Director of Product Management, Qualys

THURSDAY 7/27
  • 10:00 AM

    Show Floor Opens

  • 10:20 AM

    Vulnerability Management and Compliance for Elastic Public Cloud Instances

    Qualys solutions provide security and compliance for your cloud workloads across AWS, Azure and Google clouds. Come gain insights into how Qualys customers gain total visibility of their cloud server instances, identify vulnerabilities, and check compliance to help them keep up with shared security responsibility models.


    Speaker:

    Hari Srinivasan, Director of Product Management, Qualys

  • 11:05 AM

    Leveraging Qualys Vulnerability Management and Threat Protection for BU-Aligned Data Tagging and Reporting

    Fiserv

    Are you struggling to get your company's threat and vulnerability data in front of the right teams for active response and remediation? Come and hear how Fiserv is using Qualys' Vulnerability Management with Threat Protection to provide meaningful and manageable dashboards and reports for Business Units of all sizes across the Fiserv enterprise.


    Speaker:

    Louise Quarles, Sr. Security Engineer, Fiserv

  • 11:50 AM

    Container Security in the World of DevSecOps

    Containers are probably the most talked-about infrastructure technology of the past few years. With their rapid growth, containers are transforming the DevOps process with increased agility and delivery speed. Security teams need to be at the forefront of this change, and security processes need to shift left and into the developer's build cycle.


    Speaker:

    Hari Srinivasan, Director of Product Management, Qualys

  • 12:35 PM

    Using Qualys FIM to Track File Changes Across Global IT Assets

    This talk will introduce how to use the new Qualys File Integrity Monitoring to identify and track change across internal IT environments. Learn how these innovations can help customers with change monitoring and compliance efforts, and can reduce the time needed to pinpoint where policy violations may have taken place, so teams can more quickly remediate them.


    Speaker:

    Tim White, Director of Product Management, Qualys

  • 1:20 PM

    Building Security Tool Synergy

    Genesys

    Learn why and how organizations are applying the concept of "synergy" — combining or integrating several organizational groups for greater value-add — to their security tools as a strategy to build greater value for both infosec and the broader business. This talk highlights how Genesys used the Qualys Cloud Platform to combine and integrate Vulnerability Management and Asset Inventory tools for better IT asset management, and how security tool synergy can drive better integration and collaboration across infosec and IT teams.


    Speaker:

    BJ Creasy, Security Architect, Genesys

  • 2:05 PM

    Expand Current Vulnerability Management Programs by Eliminating Security Misconfigurations

    Learn how to build configuration assessment into your overall Security and Vulnerability Management Program. This presentation will showcase how Qualys Security Configuration Assessment (SCA) helps expand your current Vulnerability management program by automating the configuration assessment and reporting of varied IT assets in a continuous manner. We'll showcase out-of-the-box tools for Center for Internet Security (CIS) policies that feature a simple Web-based UI to customize the policies per your organization, collect data in agent-based and agent-less manner and leverage Qualys' leading coverage across CIS benchmarks for technologies such as operating systems, databases, applications and network devices.


    Speaker:

    Tim White, Director of Product Management, Qualys

  • 2:50 PM

    Using Qualys WAS for a Secure Software Development Lifecycle

    Cisco Systems, Inc.

    As part of a mature and secure web application development lifecycle, continuous security scans are imperative to support the requirements of NIST SP 800-53v4 to support web application development for government customers. This continuous process must consist of automated scans coupled with manual testing. The focus of this presentation is to examine the requirements of NIST SP 800-53v4 as it relates to Web Application security and outline how Qualys WAS can help mitigate the web application security vulnerabilities throughout the web application development lifecycle.


    Speaker:

    Robert Martin, Information Security Engineer, Cisco Systems, Inc.

  • 3:25 PM

    Application Security Scanning of REST APIs, and Modern Web Technologies

    Attendees will learn how Qualys WAS can effectively help appsec teams tackle the challenge of scanning of REST APIs, web services and modern web technologies that are traditionally very difficult and time consuming to test manually.


    Speaker:

    Frank Catucci, Director of Product Management, Qualys

  • 4:10 PM

    Achieving Visibility into Post Breach Detection with Qualys IOC

    This session details the expansion of the Qualys Cloud Platform to include Indicator of Compromise (IOC) detection, one of two new products that deliver visibility into post-breach detection, as well using the Qualys Platform to remediate and harden systems, and avoid breaches. Malware infections are unavoidable – learn how Qualys Indicator of Compromise detection can help organizations detect and respond to infections faster to reduce the time that a potential breach or compromise can occur.


    Speaker:

    Jimmy Graham, Director of Product Management, Qualys

Qualys Track Sessions
  • Weds, 7/26
    11:30 AM

    Container Security in the World of DevSecOps

    Containers are probably the most talked-about infrastructure technology of the past few years. With their rapid growth, containers are transforming the DevOps process with increased agility and delivery speed. Security teams need to be at the forefront of this change, and security processes need to shift left and into the developer's build cycle. Using best practices and customer examples, this session discusses how to incorporate security into the DevOps cycle to harden and remove vulnerabilities before a container environment is operational.


    Room:

    Business Hall Theater A


    Speaker:

    Hari Srinivasan, Director of Product Management, Qualys

  • Sat, 7/29
    2:40 PM

    Visual Network and File Forensics

    This presentation aims to demo the effectiveness of visual tooling for malware and file-format forensics. It will cover structural analysis and visualization of malware and network artifacts. Various techniques like entropy/n-gram visualization, using compression-ratio and theoretical minsize to identify file type and packed content will be shown. Along with this, a framework that helps automate these tasks will be presented. Attendees with an interest in network monitoring, signature writing, malware analysis and forensics will find this presentation to be useful. See details on DEF CON 25 website.


    Room:

    Packet Hacking Village at Caesar's Palace


    Speaker:

    Ankur Tyagi, Senior Malware Research Engineer, Qualys

ENJOY
REFRESHMENTS

IN THE BOOTH

WIN
PRIZES

AFTER EACH PRESENTATION

GET THE
QUALYS BAG

AFTER EACH PRESENTATION

Hari Srinivasan

Hari Srinivasan
Director of Product Management, Qualys

Hari Srinivasan is director of product management for Qualys' public cloud infrastructure platform integrations. He has expertise in numerous enterprise software disciplines including cloud automation and systems management, data center transformation, Hybrid Cloud, PaaS - DBaaS, compliance and configuration management. He previously worked at Oracle and Andale.

Jimmy Graham

Jimmy Graham
Director of Product Management, Qualys

Jimmy Graham is the Director of Product Management for Qualys AssetView and Threat Protection. He has been deeply involved in information security and vulnerability management for over 10 years, and has managed teams covering security operations, incident response, application security, vulnerability management, penetration testing, governance, and compliance.

Tim White

Tim White
Director of Product Management, Qualys

Tim is the director of product management for Qualys' policy compliance portfolio and has more than 20 years of experience in various IT security areas including IT governance risk and compliance, datacenter security, firewalls, server protection and more. Prior to joining Qualys, Tim was a technical product manager and systems engineer with Symantec, and has held roles with the City of Austin and Axent.

Frank Catucci

Frank Catucci
Director of Product Management, Qualys

Frank Catucci is the Director of Web Application Security, Product Manager and a Subject Matter Expert for Qualys. He has over 15 years experience in the Information Technology and Security field that spans enterprise, financial services, university/higher education, government, healthcare, legal, start-up businesses, public and private industries. Aside from his daily Web Application Security duties, Frank also conducts security research, penetration testing, and often speaks at information security conferences and events.

Asif Karel

Asif Karel
Director of Product Management, Qualys

Asif Karel is the director of product management for Qualys CertView. He has over 20 years of experience in Information Security including online fraud detection, PKI, strong authentication and single sign-on. Prior to joining Qualys, he was a subject matter expert in digital certificates and certificate solutions at VeriSign and Symantec, a solutions architect in the CASB space at CipherCloud and a solutions manager at Venafi.

Ankur Tyagi
Senior Malware Research Engineer, Qualys

Ankur Tyagi (Twitter: @7h3rAm) is working as a Sr. Malware Research Engineer at Qualys Inc., where he analyzes malicious code and applies statistical modelling to identify suspicious patterns and evolving trends. His research interests include developing algorithms and analysis tools that help with classifying large sets of unlabelled content collected via network and host-based monitoring tools. He is the author of Flowinspect - a network inspection tool and Rudra - a visual malware forensics framework.

Louise Quarles

Louise Quarles
Sr. Security Engineer, Fiserv

Louise is manager for the Enterprise Vulnerability Management team at Fiserv. Prior to Fiserv, she held IT Security positions at BellSouth, EDS and Hewlett-Packard. In her various security roles she has seen sweeping changes in the IT Security landscape. Louise graduated from the University of Georgia with a degree in Computer Science and currently lives in Atlanta.

Robert Martin

Robert Martin
Information Security Engineer, Cisco Systems, Inc.

Robert Martin is a Certified Information Systems Security Professional with over twelve years of experience working in the information security field. He is a Security Engineer for Cisco Systems, Inc. in RTP, NC. Robert specializes in areas such as risk management, regulatory compliance, security solutions architecture, security audits, vulnerability assessments, and penetration testing.

Jonathan Cran

Jonathan Cran
Vice President of Products, Bugcrowd

With over 10 years of experience in security, Jonathan began his career in security assessment working as a penetration tester for Rapid7. From there, he joined the Metasploit development team and helped release commercial versions of the tool. For security startup Pwnie Express, Cran served as architecture lead and CTO. Jonathan continues his pursuits to better the state of security assessment as Bugcrowd's VP of Product.

BJ Creasy
Security Architect, Genesys

BJ Creasy has over 10 years of security experience in and out of the Cloud. He is currently a Security Architect at Genesys, and his work experience includes Vulnerability Management and security operations for credit bureaus, Fortune 500 pharmaceuticals and billion dollar tech companies. He holds CISSP and CCSP from (ISC)2 as well as several GAIC certificates, and is an active member of ISSA. He is a strong believer in coding Kung Fu to automate the easy stuff and leveraging APIs to do the cool stuff. He has been a Qualys user for more than 10 years and is an evangelist for creative thinking and problem solving.