Cloud Platform
Community
Support
Try it

Join us at Black Hat USA 2019

We hope to see you at Black Hat USA 2019 at the Mandalay Bay in Las Vegas this year from August 3-8! We are excited to join in with over 19,000 attendees to participate in first-rate, hands-on training courses, expert presentations on groundbreaking security research, insightful keynote speeches and a massive expo floor.

Qualys presentation
Qualys presentation

We hope to see you at Black Hat USA 2019 at the Mandalay Bay in Las Vegas this year from August 3-8! We are excited to join in with over 19,000 attendees to participate in first-rate, hands-on training courses, expert presentations on groundbreaking security research, insightful keynote speeches and a massive expo floor.

TOP 10 sessions to attend at Black Hat

To make the most of your time at Black Hat, we’ve curated 10 sessions that we think will be particularly relevant and valuable for Qualys customers.

Research Briefings > Training Courses >

Research Briefings

Research Briefings

Controlled Chaos: The Inevitable Marriage of DevOps & Security

This session explains the basics of DevOps and the concepts of resilience and chaos engineering. The speakers will delve into implications for security programs, particularly the shift from security for its own sake to security as an enabler of business objectives.
Read more

Research Briefings

Trust and Transformation – The Post Breach Journey

Jamil Farshchi, CISO at Equifax,helped rebuild the cybersecurity systems of The Home Depot and Equifax after their data breaches. He'll share vital lessons learned about issues like workplace culture, controls and compliance.
Read more

Research Briefings

The Enemy Within: Modern Supply Chain Attacks

It's a statistical certainty: everyone will eventually be a victim of a supply chain compromise. Whether you're in SecOps or app dev, this presentation will give you practical guidance on how to defend against supply chain attacks and harden your systems.
Read more

Research Briefings

Attacking and Defending the Microsoft Cloud

This presentation focuses on the Microsoft Cloud (Office 365 & Azure AD). It explores the most common attacks against the cloud and describes effective defenses and mitigation. While the focus is on Microsoft, some topics are applicable to other cloud providers.
Read more

Research Briefings

Practical Approach to Automate the Discovery and Eradication of Open-Source Software Vulnerabilities at Scale

This talk explains how Netflix identifies and eliminates vulnerabilities in the open source software components it uses in its applications at scale. The speaker will describe the stages in Netflix’s automation strategy and the tools it uses.
Read more

Training Courses

Training Courses

Advanced Cloud Security And Applied Devsecops

This highly technical course delves deep into practical cloud security and applied DevSecOps for enterprise-scale cloud deployments, and focuses on IaaS and PaaS. It’s intended for security professionals wanting to expand their hands on knowledge of cloud security and DevSecOps at enterprise scale.
Read more
Blog post

Training Courses

Attacking and Securing APIs

With APIs everywhere — in apps, clouds, and more — it’s key knowing how to protect them. This course teaches how to create secure APIs, and shows new and old attack vectors. The course has been designed for developers, security engineers, architects, researchers, bug bounty hunters, sysadmins, and security pros.
Read more
Blog post

Training Courses

Windows Enterprise Incident Response

This course highlights targeted attack phases, key evidence sources, and forensics know-how. It teaches how to do triage on a potentially compromised system, uncover attack evidence, recognize persistence mechanisms, and more. It’s recommended for those with a background in forensic analysis, network traffic analysis, log analysis, security assessments, penetration testing, security architecture, system administration, and management of incident response and forensic analysis.
Read more

Training Courses

An Introduction to IoT Pen Testing With Linux

This is a hands-on, example-driven introduction to IoT hacking, and teaches proven tactics for effectively assessing and exploiting real devices. It’s aimed at anyone wanting a hands-on introduction on using Linux to perform software-based security analysis of embedded Linux devices.
Read more

Training Courses

Adversary Tactics — Detection

This course focuses on abnormal behaviors and attacker “tactics, techniques, and procedures” (TTPs). It teaches how to create hypotheses based on attacker TTPs to perform threat hunting operations and detect attacker activity. This class is for defenders wanting to learn how to hunt in enterprise networks.
Read more

Visit us at booth #204!

Qualys will again have a major presence at Black Hat USA 2019 aimed at helping security pros protect their hybrid IT environments without slowing down their organizations’ digital transformation.

Stop by our booth and chat informally with our product managers and technical account managers. Enjoy a cup a coffee from our Nespresso bar. Win hi-tech prices and get the famous Qualys tote bag after each presentation.

Presentations at the Qualys theater:

Exclusive product previews

We’re unveiling several major solutions at Black Hat!

Schedule coming soon.

The Qualys Cloud Platform Demo

See how our end-to-end platform gives businesses a real-time, global view of their IT, security and compliance posture for comprehensive breach prevention and immediate incident response.

Schedule coming soon.

Best practices presentations from leading enterprises 


Schedule coming soon.

Black Hat USA 2019 FAQs

When and where is Black Hat USA 2019?

August 3-8 at the Mandalay Bay in Las Vegas

Who attends Black Hat USA 2019?

You’ll be able to network with over 19,000 security experts, practitioners, business developers, cutting-edge researchers and leading solution providers in the Black Hat USA 2019 Business Hall.

Are there special tracks or programs at Black Hat USA 2019?

Take advantage of two knowledge-gathering programs:

The CISO Summit — a program for CISOs and InfoSec executives that provides practical insight into security trends, technologies and enterprise best practices.

The Arsenal — a demo area where researchers and the open source community demonstrate tools they develop and use in their daily professions.