Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Compliance
Cloud Security

Black Hat USA 2023

Get More Security in a Single Platform

Visit us at booth 1320 to learn how to Get More Security with our latest Qualys solutions. Hear from our experts, see demos, and meet 1:1 with a Qualys expert. Can’t join in person? Visit us at our virtual booth.

Qualys sessions at Black Hat USA

IN-PERSON SESSION:

Business Hall Theater A

Navigating threat landscape for first party, third party and Open Source Software

August 9, 2023 - 10:20 AM

Mehul Revankar, VP, Product Management and Engineering for VMDR, Qualys

In the realm of cybersecurity, understanding attacker behavior and anticipating their next actions are vital to outmaneuvering and preventing cybercrime. Over the years, attackers have refined their attack patterns, gaining a clear understanding of what strategies are effective to compromise systems. To effectively counter these threats, defenders must gain insight into the targets of these attackers embedded within components and holistically address vulnerabilities in both first-party, third-party, and open-source software (OSS).

This presentation delves into the latest landscape of vulnerability threats, highlighting the common vulnerabilities exploited by attackers to compromise systems, and the tactics they employ for lateral movement.

We invite you to join us and gain comprehensive knowledge to enhance your cybersecurity defenses and foster proactive measures against continually evolving threats.

Booth sessions

10:20 AM Discover, Assess the Risk of Open Source Software (OSS) Vulnerabilities with VMDR
Himanshu Kathpal, Senior Director, Product Management, Platform & Sensors, Qualys

Open-source components are crucial in software development, providing community-vetted code that speeds up progress but requires extreme caution regarding security vulnerabilities and licensing compliance. Join this session as we showcase how Software Composition Analysis (SCA) scan with the same Qualys Cloud Agent empowers businesses to gain comprehensive visibility into the software components used within their applications, enabling them to identify and mitigate vulnerabilities proactively. This new capability can be enabled with a single click and empowers you to proactively identify and mitigate security issues, preparing you for situations like the Log4j outbreak. Stay one step ahead of attackers with Qualys SCA and strengthen your software security today.

11:00 AM External Attack Surface Management (EASM)
Kunal Modasiya, VP, Product Management, Attack Surface Management & AppSec, Qualys

Kunal Modasiya' bio

11:40 AM VMDR TruRisk
Mehul Revankar, VP, Product Management & Engineering, Qualys

Mehul Revankar’s bio

As the threat of vulnerabilities and zero-day exploits soars, organizations must have rapid, efficient ways to respond. Legacy approaches struggle to keep up and often fall short. This session delves into how Qualys VMDR and TruRisk revolutionize the way enterprises visualize, measure and automate the remediation of risk and threats. Explore cutting-edge cyber risk management techniques and how these solutions empower IT and security teams to collaborate seamlessly, such as integrating with ITSM tools like ServiceNow. Learn how your organization can improve security posture, compliance, and risk reduction with actionable insights and powerful remediation strategies.

12:20 PM Bring Your Own Detection for Your First-Party Applications
Eran Livne, Senior Director, Endpoint Remediation, Qualys

Eran Livne's bio

1:00 PM From 0–60 Risk Reduction Leveraging Smart Automation
Eran Livne, Senior Director, Endpoint Remediation, Qualys

Eran Livne's bio

1:40 PM MITRE-Based Defense
Travis Smith, Vice President, Threat Research Unit, Qualys

Travis Smith's bio

2:20 PM Detect Unknown Assets Passively with the Same Qualys Agent
Himanshu Kathpal, Senior Director, Product Management, Platform & Sensors, Qualys

The curse of unknown assets is that they are known to attackers but remain unnoticed by organizations. Around 69% of organizations have faced attacks targeting these "unknown, unmanaged, or poorly managed" assets. Join Qualys as we unveil the groundbreaking Qualys Cloud Agent Passive Sensor (CAPS), which provides continuous and seamless detection of every asset on your network. With CAPS, you can bid farewell to any blind spots in both your IT and OT environments as it ensures uninterrupted monitoring of all assets. Natively integrated on the Enterprise TruRisk Platform, customers will get a consolidated view of known and unknown assets spanning all environments to measure risk and proactively reduce exposure.

3:00 PM TotalCloud - FlexScan
Parag Bajaria, VP, Cloud and Container Security Solutions, Qualys

Parag Bajaria’s bio

3:40 PM Know the TruRisk of Your SBOMs
Pablo Quiroga, Director, Product Management, IT Asset Management, Qualys

Pablo Quiroga’s bio

4:20 PM Discover, Monitor, and Reduce the Entire Modern Web App and API Attack Surface
Kunal Modasiya, VP of Product Management & Growth, Qualys

Pablo Quiroga’s bio

5:00 PM EDR That Patches
Utpal Desai, Senior Director, Product Management, Cloud Agent Platform, Qualys

Today’s reality: Cyber attackers often infiltrate and exploit an organization in hours or even minutes, while the average time for defenders to detect and respond to threats remains stubbornly high, often days or weeks. Traditional endpoint protection and EDR solutions operate without the context of asset criticality, vulnerabilities, misconfigurations, and missing patches, creating huge inefficiencies for security teams. Simply detecting and responding to malware incidents as they happen is no longer enough; to reduce risk in today’s dynamic threat landscape, you must tear down the walls that create technology silos and give your defenders the advantage they need. Learn how Qualys is helping organizations to unite endpoint protection with vulnerability and patch management, driving powerful outcomes for organizations.

Visit us at our booth and win prizes

Stop by booth 1320 to meet with our product managers, technical account managers, and other experts.

Attend one of our in-person booth presentations and enter the chance to win one of our great prizes! Must be present to win.

Meet with a Qualys Expert

Pablo Quiroga

Pablo Quiroga

Director, Product Management, IT Asset Management, Qualys

Pablo Quiroga is a Director of Product Management at Qualys, where he is in charge of the product definition, roadmap and strategy for the IT asset visibility & management initiatives. With over 10 years of experience in Enterprise Software and the IT industry, Pablo has helped numerous customers gain significantly better visibility to support data-powered decision that often led to multi-million-dollar savings and risk avoidance.

Shailesh Athalye

Shailesh Athalye

Senior Vice President, Product Management, Qualys Inc.

As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.

Sara Griffiths

Sara Griffiths

CISO, Euronet Worldwide

Sara Griffith is the Chief Information Security Officer (CISO) for Euronet Worldwide, Inc. (Nasdaq: EEFT), a public financial services company that is an industry leader in processing secure electronic transactions and payments for financial institutions, service providers, and individual customers all over the globe. Euronet has 9,000 employees in 66 offices worldwide including 41 countries across Europe, Asia Pacific, North America, the Middle East, South America, and Africa. Sara has been fortunate to work onsite in 29 of those countries during her 16 years at Euronet. Sara has been the CISO the past eight years; she has helped lead the global security team to centralize and standardize security policies, requirements, processes, reporting, tools, and training across the organization’s three core business segments, including 22 IT teams supporting 130 entities. Sara resides in Denver with her husband and three children.

Mehul Revankar

Mehul Revankar

Vice President, Product Management and Engineering, Qualys

Mehul Revankar is a cybersecurity professional with more than 15 years of experience in Vulnerability Management, Policy Compliance and Security Operations. He leads Product Management and Vulnerability Research at Qualys for VMDR. Before joining Qualys, Mehul led the development of vulnerability and patch management products at SaltStack, and prior to that he led multiple research teams at Tenable. Mehul has a bachelor’s degree in electronics from the University of Mumbai and a master’s degree in computer engineering from George Mason University.

John Delaroderie

John Delaroderie

Director, Product Management, Web App Security, Qualys

John Delaroderie is Director of Product Management for Web Application Security. He joined Qualys in 2018 and has spent the past decade working for various government agencies and private organizations in cybersecurity, incident response, digital forensics, and systems integrations. John holds a bachelor’s degree in political science from the U.S. Naval Academy and a master’s degree in computer science from the Naval Postgraduate School.

Hiep Dang

Hiep Dang

Vice President, Product Management, Qualys

Hiep Dang is Vice President of Product Management, EDR at Qualys. He is passionate about building innovative cybersecurity solutions to protect users and corporations from the evolving threat landscape. Almost 20 years ago, Hiep turned a casual curiosity in computer forensics and computer viruses into a full-time cybersecurity career. His journey has given him a spectrum of experiences from burgeoning startups to Fortune 500 companies and the opportunity to solve a range of problems from deeply technical to abstract business. He’s found his sweet spot in product management at the intersection of product strategy and technical execution. Before joining Qualys, Hiep launched several enterprise and consumer products for Cylance (acquired by BlackBerry), McAfee (acquired by Intel), and Aluria (acquired by EarthLink). Hiep has also served as the Director of Anti-Malware Research for McAfee, where he oversaw a globally distributed 24x7 organization responsible for researching and responding to complex malware threats.

Kunal Modasiya

Kunal Modasiya

Vice President, Product Management, Attack Surface Management & AppSec, Qualys

Kunal is currently VP of Product Management for the CyberSecurity Asset Attack Surface Management (CAASM), Web App and API Security product line at Qualys HQ in Foster City, CA. He is Qualys boomerang. He worked at Qualys for 3 years and incubated the XDR product line from inception. Kunal has spent 15+ years working at startups, and big and mid-size companies in cybersecurity, networking, and application security in both product and engineering roles at Juniper Networks, Extreme Networks, Sun Microsystems and Infinera. Prior to re-joining Qualys, Kunal was heading products at Israeli startup in API security and bot management AppSec space.

Kong Yew Chan

Kong Yew Chan

Director, Product Management, Container Security, Qualys

Kong Yew Chan is director of Product Management at Qualys, leading the container security solution. Prior to Qualys, Kong worked on multiple Kubernetes platforms at VMware and Pivotal. He has over 10 years of experience working on security solutions at Hewlett Packard and TrendMicro. Kong holds a bachelor’s degree in computer engineering from the Nanyang Technological University, Singapore, and an MBA from Babson College.