Meet our Engineers

Direct interaction with the engineers building the Qualys Cloud Platform

Target and arrow

Learn Best Practices

Strategy and best practices deep dives with your peers

Monitor and click

See Solution Demos

Best-of-breed solution demos from Qualys

Student cap and book

Get Free Training

Two days of free training on 24 - 25 April. You must register separately.


Tally CPE Credits

CPE credits for the training and conference


Qualys Security Conference brings together industry experts, customers and engineers building Qualys' solutions to explore new technologies and best practices that help global organizations discover and secure IT assets on a continuous basis regardless of where they reside, inside the enterprise, in the cloud or mobile endpoints.

8.15 – 8:45 AM Registration
8:45 – 9:00 AM Welcome and Opening Remarks
Debashish Jyotiprakash, Security Solution Architect, Qualys (APAC)
9:00 – 9:30 AM Opening Keynote
Sumedh Thakar, Chief Product Officer, Qualys
9:30 – 10:30 AM Qualys Cloud Platform – 2017 Update and Roadmap
Sumedh Thakar, Chief Product Officer, Qualys
10:30 – 11:00 AM Break and Networking
11:00 – 11:45 AM Customer Case Study
Vishal Salvi, CISO, Infosys
11:45 – 12:30 PM Continuous Vulnerability Management with Cloud Agent – OnPrem, Public Clouds and Endpoints
Tim White, Director of Product Management, Qualys
Chris Carlson, Vice President, Product Management, Cloud Agent Platform, Qualys
12:30 – 2:00 PM Lunch
2:00 – 2:45 PM Regulations – The Escalating Treadmill
Shivangi Nadkarni, CEO, Arrka Consulting
2:45 – 3:15 PM Meeting Regulatory Mandates with Policy Compliance and Security Assessment Questionnaire
Tim White, Director of Product Management, Qualys
Pushpak Pradhan, Product Manager, Security Assessment Questionnaire, Qualys
3:15 – 3:30 PM Automated Compliance Assessment for RBI Cyber Security Guidelines
Shailesh Athalye, Senior Manager, Compliance R&A, Qualys
3:30 – 4:00 PM Break and Networking
4:00 – 4:30 PM Dynamic Reporting and Prioritization with AssetView and ThreatPROTECT
Jimmy Graham, Director, Product Management, AssetView and ThreatPROTECT, Qualys
4:30 – 5:00 PM End-to-End Web Application Security with Automated Scanning and Web Application Firewall
Vikas Phonsa, Director, Product Management, Web Application Firewall, Qualys
5:00 – 5:30 PM Private Cloud Platform Update and Roadmap
Sumedh Thakar, Chief Product Officer, Qualys
6:00 PM onwards Cocktails


(Must Register Separately)

Training registration is closed because all classes are full.

24 April - Vulnerability Management

9:00 AM - 5:00 PM

  • The Qualys Cloud Platform
  • Overview of the Vulnerability Management Lifecycle
  • Vulnerabilities and the KnowledgeBase
  • Asset Mapping and Discovery
  • Asset Groups
  • Asset Tagging
  • Introduction to AssetView and Dynamic Dashboards
  • Scanning Overview
  • Scanning configuration
  • Authenticated Scanning
  • Reporting Overview and Templates
  • User Roles
  • Remediation Policies
  • Certification Exam Preview

25 April - Web Application Scanning

9:00 AM - 3:00 PM

  • The Basics of Web Application Security
  • The WAS lifecycle
  • Setting up an Application
  • Scanning and Scanning types
  • Reporting
  • Troubleshooting
  • Tagging and Users

Event Info


Attendance at the Qualys Security Conference is complimentary. This includes access to the conference and lunch on 26 April; travel and hotel accommodations are not included.


We are pleased to host QSC at the The Leela Hotel, Mumbai. The hotel can be contacted directly at +91 22 6691 1234 or

The Leela Mumbai

The Leela Hotel
Sahar, Andheri (E)
Mumbai 400 059
T: +91 22 6691 1234


Technology Partners

AlgoSec CyberArk ServiceNow

MSSP/VAR Partners

ACPL Systems Paladion PwC Verizon Wipro
Sumedh Thakar

Sumedh Thakar
Chief Product Officer, Qualys

As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform to meet the Payment Card Industry (PCI) Data Security Standard (DSS) requirements.

Qualys Cloud Platform – 2017 Update and Roadmap

Sumedh Thakar
Chief Product Officer, Qualys

Sumedh will review the key 2017 product updates as well as outline the 2017 Qualys roadmap. He’ll demonstrate how platform enhancements and technology innovation in the cloud are enabling Qualys customers to reduce the number of solutions used for IT security and compliance.

Tim White

Tim White
Director, Product Management, Policy Compliance, Qualys

Tim is the director of product management for Qualys’ policy compliance portfolio and has more than 20 years of experience in various IT security areas including IT governance risk and compliance, datacenter security, firewalls, server protection and more. Prior to joining Qualys, Tim was a technical product manager and systems engineer with Symantec, and has held roles with the City of Austin and Axent.

Chris Carlson

Chris Carlson
Vice President, Product Management, Cloud Agent Platform, Qualys

Chris Carlson is a Vice President of Product Management at Qualys, where he is in charge of the product definition, roadmap and strategy for the Cloud Agent Platform. During his 20+ year career in the infosec industry, Carlson has attained expertise in multiple areas, ranging from firewalls, VPNs and intrusion prevention systems to real-time event-processing, security analytics and next-generation endpoint platforms. Prior to joining Qualys, he held security architecture roles at UBS and at Booz Allen Hamilton, and product management positions at venture-funded startups and at leading vendors, including Hexis Cyber Solutions, Agent Logic, Informatica and Trustwave.

Frank Catucci

Frank Catucci
Director, Web Application Security, Product Management, Qualys

Frank Catucci is currently the Director of Web Application Security, Product Manager and a Subject Matter Expert for Qualys. He has over 15 years experience in the Information Technology and Security field that spans enterprise, financial services, university/higher education, government, healthcare, legal, start-up businesses, public and private industries. Aside from his daily Web Application Security duties, Frank also conducts security research, penetration testing, and often speaks at information security conferences and events.

Jimmy Graham

Jimmy Graham
Director, Product Management, AssetView and ThreatPROTECT, Qualys

Jimmy Graham is the Director of Product Management for Qualys AssetView and ThreatPROTECT. He has been deeply involved in information security and vulnerability management for over 10 years, and has managed teams covering security operations, incident response, application security, vulnerability management, penetration testing, governance, and compliance.

Hadi Jaafarawi

Hadi Jaafarawi
Managing Director, Middle East, Qualys

With more than 19 years of Security and Business Development experience in the IT sector in the Gulf Region, Hadi Jaafarawi manages Qualys Field Operations in the Middle East region across both direct and indirect sales. His main focus is understanding and addressing customer requirements to assist them in achieving their overall business goals and IT security objectives. Prior to joining Qualys, Hadi has held a variety of leadership positions with I(TS)2. In addition, he was a certified trainer for I(SC)2, EC-Council and ArcSight and delivered numerous security courses across the Middle East region.

Debashish Jyotiprakash

Debashish Jyotiprakash
Security Solution Architect, Qualys (APAC)

Deb is a subject matter expert and field solution architect at Qualys, where he is in charge of customer success strategy across Asia Pacific, the Middle East, China, Japan and SAARC. During his 13+ year career in the industry, Deb has attained expertise in multiple areas including SIEM, log management, database security, threat & vulnerability management, web application security, NAC and DLP. Prior to being an SME, he was an engineering instructor at Qualys in the global education services team.

Vikas Phonsa

Vikas Phonsa
Director, Product Management, Web Application Firewall, Qualys

Vikas Phonsa is Director of Product Management for the Web Application Firewall at Qualys. He has over 14 years of experience in Software Engineering, Security and Product Management across multiple business domains including e-commerce, insurance, automobile industry, healthcare, enterprise security, and content delivery. Prior to joining Qualys, Vikas held product management positions at Symantec and Verizon where he helped launch and manage cloud-based message archiving and security services.

Vishal Salvi

Vishal Salvi
CISO, Infosys

Vishal Salvi is a Senior Vice President and Chief Information Security Officer for Infosys group. He is responsible for the overall information and cybersecurity strategy and its implementation across Infosys Group.

He has over 23 years of industry experience in cybersecurity and information technology in different Industries. Prior to joining Infosys, he performed various leadership roles in cybersecurity and information technology in PwC, HDFC Bank, Standard Chartered Bank, Global Trust Bank, Development Credit Bank and Crompton Greaves.

Vishal has extensive management and domain experience in driving the cybersecurity program in all key aspects, e.g. policy, standards, procedures, awareness, identity & access management, IT-GRC, network security, incident response, security monitoring, malware protection, cyber fraud management, security configuration, compliance, online banking and ecommerce, cryptography, data protection, third-party management, business continuity planning, cybersecurity and fusion centres, etc.

He is a well-known leader in the cybersecurity industry within India as well as globally and has been part of the cybersecurity domain for the past 16+ years. He is a regular speaker at major local and global cybersecurity conferences for sharing best practices and raising cybersecurity awareness across the industry. He is part of various advisory councils and boards to provide leadership and direction on various cybersecurity frameworks and standards to drive adoption of cybersecurity across industries. He has participated in various case studies related to cybersecurity practices over the past decade.

Vishal holds a degree in computer science engineering and an MBA in finance. His certifications include CISM and DSCI Certified Privacy Professional. He has received numerous awards from prestigious institutions such as DSCI, CSO Forum, ISACA etc.

Ashutosh Jain

Ashutosh Jain
CISO, Axis Bank

Jain provides strategic direction and delivers cybersecurity, information risk and security governance at Axis Bank, including eight international branches. In a career spanning nineteen years, Jain had played key roles in blue chip organizations such as Barclays Bank, Nomura India, AXA Business Services, Bank of America and PricewaterhouseCoopers.

Jain has consistently been specializing in technology risk and information risk for about two decades for regional and global levels at various multinational banks and financial institutions. His areas of expertise and core competencies include business process controls, applications risks, technology infrastructure risks, business continuity & disaster recovery risks, technology audits, identity & access management controls, technology forensics and investigations.

Prior to joining Axis Bank, Jain served as the Head of India and Emerging Markets, Technology Risk and Information Risk at Barclays where he established the technology risk management function, information risk management function and internal controls function for the retail and commercial bank in India. He later managed information risk across 14 emerging market countries including Barclays Africa and looked after the technology risk function for the India region for corporate bank, investment bank and wealth business in India.

Jain is a CISA and PDGM in Information Systems & Finance. He is a regular speaker at ISACA conferences.

Shailesh Athalye

Shailesh Athalye
Senior Manager, Compliance R&A, Qualys

Shailesh Athalye (CISA, CRISC, CEH, ISO 27001 LA) is a senior manager for compliance R&A. With over 12 years of experience in IT GRC, he has been a driving force for engineering Risk & Compliance products at leading security product companies, helping customers go beyond compliance and drive their IT GRC objectives.

Pushpak Pradhan

Pushpak Pradhan
Product Manager, Security Assessment Questionnaire, Qualys

Pushpak Pradhan is in charge of Security Assessment Questionnaire. His expertise is in developing product strategies, business plans, product requirements and roadmaps based on customer use cases, competitive market analysis and industry trends. Pushpak has more than 17 years of experience in pre-sales and product management in the IT industry. Prior to joining Qualys, he has held product management roles with Ensim, BMC Software and Cisco Systems owning enterprise software products.

Shivangi Nadkarni

Shivangi Nadkarni
CEO, Arrka Consulting

Shivangi Nadkarni has over 22 years of experience in the domains of information risk & privacy, e-commerce & networks. She has handled multiple roles over the years at Sify and Wipro which include heading the global application security & identity management practice at Wipro, setting up India’s first licensed Certifying Authority for digital signatures in collaboration with Verisign at Sify, launching and managing the first enterprise IP network services in India at Sify, etc. She set up Arrka Consulting – her own venture – a few years ago. Arrka provides consulting, advisory and learning services in the information risk & privacy domain.

She has authored the first text book on data privacy in India for DSCI (a Nasscom body) for their DCPP (DSCI Certified Privacy Professional) program.

Shivangi has done her post graduate degree in management from the Indian Institute of Management (IIM), Calcutta and her graduate degree in electrical & electronics engineering from the Birla Institute of Technology & Science (BITS), Pilani.

She is also a CISSP (Certified Information Systems Security Professional), a CISA (Certified Information Systems Auditor), a CIPP/IT (Certified Information Privacy Professional / IT) – where she joins a group of less than 100 such individuals in India – and a DCPP (DSCI Certified Privacy Professional).

In her spare time, Shivangi volunteers for a citizen initiative – AskHow India – that enables ordinary citizens to understand critical issues facing the country. She also maintains a blog – Solkadhi – that records traditional recipes from the Konkan area.

Shivangi’s detailed profile can be viewed at: