Join us at Microsoft Ignite.

Visit us at booth #1737 to see how the Enterprise TruRisk Platform can secure your Microsoft Azure assets – wherever they reside.

Booth schedule

Sep 24
Sep 25
Sep 26
Sep 27

Monday

No sessions of this type are available on this day.
12:30 PM	Booth Opens
12:45 PM	Building Bridges and not Walls – A Shift to Get into DevSecOps Hari Srinivasan, Director of Product Management, Qualys Learn how security teams can leverage automation to provide support at the speed and scale of DevOps. This talk outlines use cases and best practices from three customers who effectively managed to gain visibility and automate security practices in their DevOps pipelines.
1:30 PM	Get Full Visibility of Both Certificates and Underlying SSL/TLS Configurations and Vulnerabilities Laura Seletos, Subject Matter Expert, Qualys Risk management in the age of DevOps and public clouds requires organizations to automate real-time visibility and tracking of their SSL certificate deployments. Learn how Qualys CertView helps customers extend DevSecOps to prevent downtime and disruption, audit and compliance failures, and mitigate risks associated with expired or weak certificates and vulnerable TLS configurations.
2:15 PM	Qualys Container Security – Visibility and Security for Containers from Build to Deployments Hari Srinivasan, Director of Product Management, Qualys Containers are the most sought after development tool for microservices. Their simplicity and portability allow DevOps to create true agile builds within development cycles. However, this new kind of environment brings a new set of security threats at every phase of this cycle - from unvalidated software entering the environment, to secrets being leaked, to runtime drifting and breaking immutable behaviors. This session outlines common security risks and practical use cases across every phase in order to help security teams better understand how to efficiently manage security at the speed and scale of DevOps.
3:00 PM	Incorporate Visibility of Inaccessible or Sensitive Assets into Your Overall Vulnerability and Compliance Program Hariom Singh, Director of Policy Compliance, Qualys Organizations using programmable logic controllers (PLC) and other secretive or disconnected assets can be challenged to incorporate them into the scope of their overall cybersecurity and risk program. Such assets do not allow traditional remote or agent-based scanning and thus remain outside the scope of security assessments. Learn how Qualys Offline Device Assessment, an extension of the Qualys sensor family, enables these organizations to enhance overall risk analysis by extending their single-pane-view of security and compliance to these inaccessible or sensitive assets.
3:45 PM	Building Bridges and not Walls – A Shift to Get into DevSecOps Hari Srinivasan, Director of Product Management, Qualys Learn how security teams can leverage automation to provide support at the speed and scale of DevOps. This talk outlines use cases and best practices from three customers who effectively managed to gain visibility and automate security practices in their DevOps pipelines.
4:30 PM	From Zero to 60: How to Implement Global Vulnerability Management from Scratch Young Kwon, Subject Matter Expert, Qualys Now that you have decided to implement a global Vulnerability Management Program, where do you start? From scanning a network to prioritizing the the threats, along with the assets associated critical vulnerabilities, this talk helps you get started with your new vulnerability risk management program.
5:15 PM	Endpoint Breach Prevention by Reducing Attack Surfaces Brett Price, Regional Vice President, Qualys The most scalable way to prevent breaches of endpoints, servers, and cloud workloads is to reduce the attack surface of the asset itself. Operational vulnerability management, remediation prioritization, transparent patching, secure configuration assessment, real-time activity monitoring, and active threat hunting delivered by a unified security platform can significantly reduce the likelihood of breaches by focusing on reducing the attack surface of enterprise IT environments. In this session, learn how to identify, remediate, detect, and respond to common and targeted attacks that can evade traditional and next-gen prevention technologies.
5:30 – 7:30 PM	Welcome Reception in the Expo
6:00 PM	A 360-degree Approach to Securing Public Clouds Hari Srinivasan, Director of Product Management, Qualys Cloud is a core fabric of digital transformation, as users have a shared security responsibility with the cloud providers. This session will introduce the threats and solutions needed to secure cloud workloads and cloud infrastructure. Learn to gain visibility of your public clouds, secure workloads from both internal and perimeter vulnerabilities, and set up continuous security montioring of cloud resources to avoid issues such as data leaks and cryptomining attacks through your cloud infrastructure.
6:45 PM	Malware Detection – Web Application Scanning's Superhero Sidekick John Delaroderie, Security Solutions Architect, Qualys Qualys Malware Detection (MD) is a free tool offered with Web Application Scanning that most customers overlook when setting up their vulnerability management program. But should you? A web application can be a conduit for malware infection even if there are no web application vulnerabilities. Learn how Qualys Malware detection can help protect your customers - and your reputation - by applying the latest detection methods in heuristics, reputation checks, antivirus signatures, and behavioral analysis.
7:30 PM	Booth Closes

Visit us!

Win high-tech prizes
after each presentation

Get the famous Qualys Tote
after each presentation

Qualys talks

A 360-degree Cloud-Native Approach to Secure Your Cloud Stack

Hari Srinivasan, Director of Product Management, Qualys
Wednesday, September 26, 11:20 – 11:40 AM
Expo Theater #3
Session code: THR2337

Sarah Kennedy

Security Vulnerability Engineer, HCA Healthcare

Sarah Kennedy is currently working at HCA, Inc. specializing in security vulnerability assessment. She received her Master’s in Information Security from Lipscomb University and her undergraduate in Telecommunications Systems Management from Murray State University.

Robert Sloan

Security Vulnerability Engineer, HCA Healthcare

Robert Sloan has been with HCA, Inc. for the past 15 years, currently on the Vulnerability Management team. He and his team are responsible for the security assessments of diverse systems over a complex healthcare network across the US and UK.

Abe de los Reyes

Security Engineer, Cyber-Threat Management Team, Citrix

Abe De los Reyes has been with Citrix Systems, Inc. for almost 3 years and just recently moved from Security Operations to the Vulnerability Management team. Prior to joining Citrix, he worked for an MSSP in Ft. Lauderdale where he managed next-gen firewalls for 5 years. He together with Kena is responsible for the security assessments of Citrix diverse systems across US, EMEA and APAC regions.

Kena Deal

Security Engineer, Cyber-Threat Management Team, Citrix

Kena Deal has been with Citrix Systems, Inc. for 5 years and currently works on the Threat and Vulnerability Management Team with Abe De los Reyes. She has over 13 years of experience in Security with over 10 years in vulnerability management and maintains the following certifications: CISSP, CISA, GCIH.

Brian Canaday

IT Security Analyst / Engineer, CSAA Insurance Group

Brian Canaday is a senior engineer for the vulnerability and configuration management program at CSAA Insurance Group, a AAA Insurer. With over 21 years of system administration, information security and governance risk & compliance, Brian brings a unique balance of technical and regulatory experience. Having worked in the private sector and in the government sector he is well rounded in the different environments of security.

Josh Oquendo

Vulnerability Manager, Finastra

Josh Oquendo is an Information Security professional with over ten years’ experience in IT Networking and Network Security. At Finastra, he is part of the Vulnerability Management team and is responsible for reporting and remediation of application and network vulnerabilities.

Overview

Capabilities

Platform Apps

Asset Management

Vulnerability & Configuration Management

Risk Remediation

Threat Detection & Response

Compliance

Cloud Security

Use Cases

Segments

Resources

Research

Partners

Company

Join us at Microsoft Ignite.

Visit us at booth #1737 to see how the Enterprise TruRisk Platform can secure your Microsoft Azure assets – wherever they reside.

Booth schedule

Filter by

Monday

Tuesday

Wednesday

Thursday

Visit us!

Qualys talks

A 360-degree Cloud-Native Approach to Secure Your Cloud Stack

Sarah Kennedy

Security Vulnerability Engineer, HCA Healthcare

Robert Sloan

Security Vulnerability Engineer, HCA Healthcare

Abe de los Reyes

Security Engineer, Cyber-Threat Management Team, Citrix

Kena Deal

Security Engineer, Cyber-Threat Management Team, Citrix

Brian Canaday

IT Security Analyst / Engineer, CSAA Insurance Group

Josh Oquendo

Vulnerability Manager, Finastra

No sessions of this type are available on this day.
10:00 AM	Booth Opens
10:20 AM	Malware Detection – Web Application Scanning's Superhero Sidekick John Delaroderie, Security Solutions Architect, Qualys Qualys Malware Detection (MD) is a free tool offered with Web Application Scanning that most customers overlook when setting up their vulnerability management program. But should you? A web application can be a conduit for malware infection even if there are no web application vulnerabilities. Learn how Qualys Malware detection can help protect your customers - and your reputation - by applying the latest detection methods in heuristics, reputation checks, antivirus signatures, and behavioral analysis.
11:10 AM	Introducing the Healthcare Cloud Security Stack for Azure Deborah Larkins, Lead Technologist, XentIT Hari Srinivasan, Director of Product Management, Qualys
12:00 PM	Endpoint Breach Prevention by Reducing Attack Surfaces Brett Price, Regional Vice President, Qualys The most scalable way to prevent breaches of endpoints, servers, and cloud workloads is to reduce the attack surface of the asset itself. Operational vulnerability management, remediation prioritization, transparent patching, secure configuration assessment, real-time activity monitoring, and active threat hunting delivered by a unified security platform can significantly reduce the likelihood of breaches by focusing on reducing the attack surface of enterprise IT environments. In this session, learn how to identify, remediate, detect, and respond to common and targeted attacks that can evade traditional and next-gen prevention technologies.
12:50 PM	Building Bridges and not Walls – A Shift to Get into DevSecOps Hari Srinivasan, Director of Product Management, Qualys Learn how security teams can leverage automation to provide support at the speed and scale of DevOps. This talk outlines use cases and best practices from three customers who effectively managed to gain visibility and automate security practices in their DevOps pipelines.
1:40 PM	Incorporate Visibility of Inaccessible or Sensitive Assets into Your Overall Vulnerability and Compliance Program Hariom Singh, Director of Policy Compliance, Qualys Organizations using programmable logic controllers (PLC) and other secretive or disconnected assets can be challenged to incorporate them into the scope of their overall cybersecurity and risk program. Such assets do not allow traditional remote or agent-based scanning and thus remain outside the scope of security assessments. Learn how Qualys Offline Device Assessment, an extension of the Qualys sensor family, enables these organizations to enhance overall risk analysis by extending their single-pane-view of security and compliance to these inaccessible or sensitive assets.
2:30 PM	Qualys Container Security – Visibility and Security for Containers from Build to Deployments Hari Srinivasan, Director of Product Management, Qualys Containers are the most sought after development tool for microservices. Their simplicity and portability allow DevOps to create true agile builds within development cycles. However, this new kind of environment brings a new set of security threats at every phase of this cycle - from unvalidated software entering the environment, to secrets being leaked, to runtime drifting and breaking immutable behaviors. This session outlines common security risks and practical use cases across every phase in order to help security teams better understand how to efficiently manage security at the speed and scale of DevOps.
3:20 PM	From Zero to 60: How to Implement Global Vulnerability Management from Scratch Young Kwon, Subject Matter Expert, Qualys Now that you have decided to implement a global Vulnerability Management Program, where do you start? From scanning a network to prioritizing the the threats, along with the assets associated critical vulnerabilities, this talk helps you get started with your new vulnerability risk management program.
4:10 PM	Get Full Visibility of Both Certificates and Underlying SSL/TLS Configurations and Vulnerabilities Laura Seletos, Subject Matter Expert, Qualys Risk management in the age of DevOps and public clouds requires organizations to automate real-time visibility and tracking of their SSL certificate deployments. Learn how Qualys CertView helps customers extend DevSecOps to prevent downtime and disruption, audit and compliance failures, and mitigate risks associated with expired or weak certificates and vulnerable TLS configurations.
5:00 PM	A 360-degree Approach to Securing Public Clouds Hari Srinivasan, Director of Product Management, Qualys Cloud is a core fabric of digital transformation, as users have a shared security responsibility with the cloud providers. This session will introduce the threats and solutions needed to secure cloud workloads and cloud infrastructure. Learn to gain visibility of your public clouds, secure workloads from both internal and perimeter vulnerabilities, and set up continuous security montioring of cloud resources to avoid issues such as data leaks and cryptomining attacks through your cloud infrastructure.
5:00 – 6:00 PM	Social Hour in the Expo
6:00 PM	Booth Closes

Overview

Capabilities

Platform Apps

Asset Management

Vulnerability & Configuration Management

Risk Remediation

Threat Detection & Response

Compliance

Cloud Security

Use Cases

Segments

Customers

Resources

Research

Support

Partners

Company

Free Trials

Join us at Microsoft Ignite.

Visit us at booth #1737 to see how the Enterprise TruRisk Platform can secure your Microsoft Azure assets – wherever they reside.

Booth schedule

Filter by

Monday

Tuesday

Wednesday

Thursday

Visit us!

Qualys talks

A 360-degree Cloud-Native Approach to Secure Your Cloud Stack

Sarah Kennedy

Security Vulnerability Engineer, HCA Healthcare

Robert Sloan

Security Vulnerability Engineer, HCA Healthcare

Abe de los Reyes

Security Engineer, Cyber-Threat Management Team, Citrix

Kena Deal

Security Engineer, Cyber-Threat Management Team, Citrix

Brian Canaday

IT Security Analyst / Engineer, CSAA Insurance Group

Josh Oquendo

Vulnerability Manager, Finastra