8:00 AM |
Booth Opens |
8:10 AM |
Continuous Compliance for the Cloud
Parag Patil, Principal Analyst, Cloud Security Compliance, Qualys
With so many overlapping and vague compliance requirements, selecting appropriate technical and procedural controls across the compliance standards such as NIST, PCI-DSS, HIPAA, ISO continues to be a challenge for organizations of all sizes in every industry. On the other side, there's a race to make the AWS assets free from the configuration and overall security issues, through robust cybersecurity procedures. Learn how Qualys applications, CloudView and Compliance Security Assessment (CSA) can help you overcome common compliance challenges such as - harmonization of compliance requirements across various standards, creating your own compliance metrics, linking the AWS configuration controls with the compliance program and overall with the continuous compliance monitoring.
|
9:00 AM |
Building Bridges and Not Walls — A Shift to Get into DevSecOps
Hari Srinivasan, Director of Product Management, Qualys
Learn how security teams can leverage automation to provide support at the speed and scale of DevOps. This talk outlines use cases and best practices from three customers who effectively managed to gain visibility and automate security practices in their DevOps pipelines.
Hari Srinivasan's bio
|
9:50 AM |
Reducing AWS Risk Footprint with Lower Vulnerability Counts Through AMI Use
Grant Johnson, Director, Risk & Compliance, Ancestry
Running AWS cloud workloads at scale can seem to produce storm of vulnerabilities, and send IT and security teams scrambling to lessen its force. Grant Johnson from Ancestry.com will discuss how his organization reduced its risk footprint by 70% in six months through the use of AMIs. This talk outlines both the steps and impact of Ancestry's time-saving process of spinning up patched replacement servers instead of patching existing ones. Learn the impact of authentication through images, and how Ancestry improves image performance/effectiveness, then rolls reporting up to business leaders, using Qualys AssetView Dashboards.
|
10:40 AM |
Qualys Container Security — Deep Visibility and Adaptive Protection for the Rapidly Changing Container Stack
Asif Awan, CTO, Container Security, Qualys
By now, everyone in the Development and DevOps community is very familiar with the advantages of containerizing applications — that of portability, agility and compute density. But, how about mitigating the risk brought about by the new stack, enforcing compliance, and protecting the business applications during runtime? This session outlines the security risks associated with each phase of a containerized application, and how to address those risks in a rapidly changing container environment with a comprehensive solution that transparently weaves into the existing CI/CD pipelines.
Asif Awan's bio
|
11:30 AM |
Qualys API Updates and New Features
Laura Seletos, Solution Architect, Qualys
Accurate vulnerability assessment and network scan data from Qualys can dramatically improve the usefulness and accuracy of many complementary security products. This talk will cover integrations with leading tech and security companies. Come see demos of new features in both Splunk (Policy Compliance data) and the Service Now CMDB Sync Connector, plus learn about the new Jenkins plugins for DevSecOps.
|
12:20 PM |
The Art of Vulnerability Management
Tony Yodice, Subject Matter Expert
To address the challenges of vulnerability detections increasing year over year, Qualys is introducing new ways to visualize vulnerability data, layering Real-time Threat Information on top of detected vulnerabilities to provide consistent and automated remediation prioritization. AssetView technology in Qualys Vulnerability Management allows users to instantly search across vulnerabilities and create dynamic widgets and dashboards within the VM module. See the new VM Dashboard and instant search capabilities and a demo of Qualys Threat Protection for in-depth, risk prioritization.
|
1:00 PM |
CertView: Certificate Inventory, Assessment and Lifecycle
Asif Karel, Director of Product Management, Qualys
A safe browsing experience is good for business, driving HTTPS adoption to the extent that browsers now mark web pages NOT using SSL/TLS and certificates as “Not Secure”. In order to stay ahead of risk amidst the rise of DevOps and public clouds, organizations must automate visibility and tracking of their certificate deployments. Qualys CertView allows them to do so by centralizing visibility and lifecycle management of certificates as well as TLS configuration assessments into their overall continuous view of security and compliance state, and by enabling customers to rapidly see and remediate expired or vulnerable certificates. Learn how CertView can help you prevent downtime and outages, audit and compliance failures, mitigate risks associated with expired or vulnerable certificates and simplify the process of renewing, revoking and acquiring certificates to just a few clicks.
Asif Karel's bio
|
1:50 PM |
A 360-Degree Approach to Securing AWS Workloads
Hari Srinivasan, Director of Product Management, Qualys
Cloud is a core fabric of digital transformation, as users have a shared security responsibility with the cloud providers. This session will introduce the threats and solutions needed to secure cloud workloads and cloud infrastructure. Learn to gain visibility of your public clouds, secure workloads from both internal and perimeter vulnerabilities, and set up continuous security montioring of cloud resources to avoid issues such as data leaks and cryptomining attacks through your cloud infrastructure.
Hari Srinivasan's bio
|
2:40 PM |
Qualys API Updates and New Features
Laura Seletos, Solution Architect, Qualys
Accurate vulnerability assessment and network scan data from Qualys can dramatically improve the usefulness and accuracy of many complementary security products. This talk will cover integrations with leading tech and security companies. Come see demos of new features in both Splunk (Policy Compliance data) and the Service Now CMDB Sync Connector, plus learn about the new Jenkins plugins for DevSecOps.
|
3:30 PM |
Building Bridges and Not Walls — A Shift to Get into DevSecOps
Hari Srinivasan, Director of Product Management, Qualys
Learn how security teams can leverage automation to provide support at the speed and scale of DevOps. This talk outlines use cases and best practices from three customers who effectively managed to gain visibility and automate security practices in their DevOps pipelines.
Hari Srinivasan's bio
|
4:20 PM |
Global AssetView
Pablo Quiroga, Director of Product Management, Qualys
|
5:10 PM |
Do More With Less: Extending the Reach of Qualys into AWS
Michael Quealy, Subject Matter Expert
Cloud is a core fabric of Digital Transformation, as users have a shared security responsibility with cloud providers. The challenges we have as security professionals are achieving 100% visibility and keeping up with the ephemeral nature of cloud environments. Learn how you can use the Qualys suite of integrated apps to maintain a complete and comprehensive inventory of your cloud assets. We will also explore ways to help boost the security of your public clouds by identifying threats caused by misconfigurations, unwarranted access, and non-standard deployments.
|
6:00 PM |
Booth Closes |