Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Compliance
Cloud Security
2023 Cyber Risk Submit 2023 Cyber Risk Submit

Attack Surface Management Edition

From on-premises devices and applications across every endpoint, cloud, and container, Security and IT teams are looking for real-world insights and expert perspectives on the newest attack surface management strategies successfully keeping threat actors at bay.

Wednesday, July 26, 2023

Virtual

Featured Speakers

Jonathan Trull
CISO & SVP, Security, Solution Architecture, Qualys

Mike Orosz
CISO, Vertiv

Ryan Barrett
CISO, Intermedia

Shailesh Athalye
Senior Vice President, Product Management, Qualys

Kunal Modasiya
VP, Product Management, Attack Surface Management & AppSec, Qualys

Jon Oltsik
Distinguished Analyst and Fellow, Enterprise Strategy Group

Art Thompson
CIO, City of Detroit

Bio

Corey Smith
Sr. Director Solutions Architecture, Qualys

Bio

Bill Reed
Marketing Expert, Qualys

Connect with fresh perspectives on your expanding attack surface

With increased adoption of cloud, Internet of Things (IoT), and a continually growing remote workforce, it's harder than ever for security teams to correlate their externally visible and internally managed assets and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.

Don’t miss this unique opportunity to connect with effective strategies to see and protect your external attack surface from every angle.

Topics

Keynotes

Get inspired to shield your organization's external, internet-facing assets from advanced threats with an all-star line-up of keynote speakers who will be sharing valuable insights, best practices and alternative viewpoints on strengthening your security posture in 2023 and beyond.

Innovation Sessions

Simplifying your security posture and protecting every externally exposed IT asset across your evolving attack surface can seem like a daunting proposition to many cybersecurity practitioners. Be sure to tune into this unique opportunity to see the latest Qualys innovations that are revolutionizing cybersecurity risk management and making it easier to safeguard re-cloud sources through a single pane of glass.

Partner Sessions

Don't miss your opportunity to learn, share, and exchange ideas with members of the Qualys partner community across a wide range of pivotal topics designed to help small and mid-sized businesses stay ahead of cybercriminals.

Hands-on Sessions

What's the best way to maximize visibility across your entire attack surface? Is your Mean Time to Remediation (MTTR) faster than your attackers? Find out at this fast-paced, ask-me-anything, hands-on session where you'll get direct, on-the-spot advice from highly experienced Qualys experts.

Videos

10:00 AM PT

Keynotes

Navigating Risk in an Era of Expanding Attack Surfaces

Jonathan Trull
CISO, Qualys

Join us as we delve into the pressing issue of growing attack surfaces and the need for organizations to address the associated risks. In an era of digitalization, cloud adoption, and interconnected systems, the entry points for threat actors are multiplying, and attackers are more adept at swiftly exploiting organizations’ defenses. Discover how security leaders can go beyond traditional methods to manage and reduce risk.

10:30 AM PT

Keynotes

Attack Surface Management Matters

Jon Oltsik
Sr. Principal Analyst & Fellow, Enterprise Strategy Group

Attack Surface Management (ASM) has gained attention over the past few years, driven by digital transformation initiatives, cloud computing adoption, a remote workforce, and a dangerous threat landscape. Despite this attention, there’s still confusion about what ASM is, why it matters, and how organizations should approach it. In this session, Jon will help security professionals answer these questions and share trends and insights from ESG research.

11:00 AM PT

Keynotes

Defining the Attack Surface: A CISO's Perspective

Jonathan Trull
CISO, Qualys
Ryan Barrett
CISO, Intermedia

Join us for an insightful discussion featuring Qualys CISO, Jonathan Trull, and Intermedia CISO, Ryan Barrett. Together, they will explore the challenges posed by the expanding attack surface and provide valuable insights and strategies to safeguard your organization’s digital assets. Don’t miss this opportunity to enhance your security defenses.

11:30 AM PT

Keynotes

The CISO Maturity Model: Building a Cyber Strategy that Aligns with Corporate Risk Goals

Mike Orosz
Global VP & Information and Product Security, Vertiv

Today, CISOs are more central to an organization’s strategy than ever. Attackers have grown more sophisticated, breaches have become more expensive, and the attack surfaces organizations must defend have expanded.

The average Chief Information Security Officer (CISO) now assumes a heightened position, as they are responsible for shaping, validating, and communicating the risk exposure of their entire organization to the senior executives and board of directors. However, considering this expanded role, have the tools accessible to most CISOs adapted to their increased level of responsibility? What are the most critical considerations when building a cyber risk management strategy to meet the demands of an anxious boardroom? Lastly, can success be measured in a way that supports the CISOs’ cyber risk evolution?

Join Mike Orosz, the Global Chief Information and Product Security Officer of Vertiv, as he answers these questions and more. In this 30-minute keynote, Mike will share what methods and metrics have made Vertiv’s cyber risk strategy scale to secure a business with operations in more than 130 countries.

11:30 PM PT - TRACK 2

Keynotes

Attack Surface Management with an Attacke's and Defende's View

Kunal Modasiya
VP, Product Management, Attack Surface Management & AppSec, Qualys

Gain crucial insights into building a successful Attack Surface Management (ASM) project to safeguard your internet-exposed assets from cyber attackers. Through impactful use cases, learn about the key elements and strategies that will help fortify your security defenses.

12:30 PM PT

Keynotes

Fireside Chat: ASM & the Zero-Trust Connection

Art Thompson
CIO, City of Detroit
Bill Reed
Marketing Expert, Qualys

Explore the challenges and risks organizations face in adopting Zero Trust policies without proper asset visibility. Bill and Art will share best practices and learn how external attack surface management is crucial for effective Zero Trust strategies.

1:00 PM PT

Innovation Pavilion

Preview: Latest Qualys Innovations

Shailesh Athalye
SVP Product Management, Qualys

Qualys will share a sneak peek of our upcoming technology offerings to help organizations further reduce cyber risk across their enterprise.

1:30 PM PT

Hands-on Session

Wrapup and Free EASM Report Offer

Corey Smith
Sr. Director Solutions Architecture, Qualys

Preview of the EASM report and a unique opportunity to sign up for a free report, including a 1:1 readout session with a Qualys expert.

Tap into expert cyber risk insights every quarter!

Sumedh Thakar

Sumedh Thakar

President and CEO, Qualys

As President and CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. From 2014 to 2021, he served as Qualys’ Chief Product Officer, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.

Sumedh is a long-time proponent of SaaS and cloud computing. He previously worked at Intacct, a cloud-based financial and accounting software provider. He also worked at Northwest Airlines developing complex algorithms for its yield and revenue management reservation system. Sumedh has a bachelor’s degree in computer engineering with distinction from the University of Pune.

Shailesh Athalye

Shailesh Athalye

Senior Vice President, Product Management, Qualys Inc.

As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.

Art Thompson

Art Thompson

CIO, City of Detroit

Art Thompson is the Chief Information Officer (CIO) for the City of Detroit, Department of Innovation and Technology (DoIT).

Prior to this appointment, he served as the Director of Public Safety and Cyber Security for DoIT. Thompson is a graduate of Eastern Michigan University with a degree in Supply Chain Management.

He has more than 12 years of technical experience with the public safety environment and managing public safety personnel. His technical skills include radio and desktop installation, as well as software and hardware maintenance. His responsibilities included, but were not limited to, managing Desktop Support, Mobility Support, Network Administration and Cyber Security Teams all of which he confidently championed.

Thompson began his career with DoIT as the Manager for Mobility Support. His accomplishments as Manager further revealed his advanced technical skills and managerial abilities, which lead to his promotion to Director. After serving nearly three (3) years as Director, he further excelled in management and in handling budgetary issues. His vision, dedication, motivation and commitment to the City of Detroit ultimately lead to his appointed as CIO.

Mike Orosz

Mike Orosz

Global Chief Information and Product Security Officer, Vertiv

Mike Orosz is Global Chief Information and Product Security Officer at Vertiv accountable for all aspects of global information and product security. He was previously Sr. Director Global Cyber and Physical Security at Citrix and Global compliance Officer for Citi. Mike also served in the US Army focusing on Intelligence, Security and Analytics. He holds a master’s degree in information sciences, cybersecurity from PennState University.

Kunal Modasiya

Kunal Modasiya

Vice President, Product Management, Attack Surface Management & AppSec, Qualys

Kunal is currently VP of Product Management for the CyberSecurity Asset Attack Surface Management (CAASM), Web App and API Security product line at Qualys HQ in Foster City, CA. He is Qualys boomerang. He worked at Qualys for 3 years and incubated the XDR product line from inception. Kunal has spent 15+ years working at startups, and big and mid-size companies in cybersecurity, networking, and application security in both product and engineering roles at Juniper Networks, Extreme Networks, Sun Microsystems and Infinera. Prior to re-joining Qualys, Kunal was heading products at Israeli startup in API security and bot management AppSec space.

Jonathan Trull

Jonathan Trull

CISO & SVP Security Solution Architecture, Qualys

Jonathan Trull is a longtime security practitioner and CISO & SVP Security Solution Architecture with over 18 years of experience in the cybersecurity industry and is currently the Senior Vice President of Customer Solutions Architecture and Engineering at Qualys. His career has spanned operational CISO and infosec roles with the State of Colorado, Qualys, Optiv, and Microsoft. While at Microsoft, Jonathan led the Microsoft Detection and Response Team (DART) whose mission was to respond to cyber security incidents around the globe ranging from cyber espionage initiated by nation-state actors to ransomware attacks and included the investigation of and response to the NOBELIUM threat actor campaign which leveraged the SolarWinds supply chain. Jonathan also serves as an advisor to several security startups and venture capital firms and supports the broader security community through his work with the Cloud Security Alliance, Center for Internet Security, and IANS. He is also an adjunct faculty member at Carnegie Mellon University where he mentors and coaches those attending the CISO Executive Education Program. Jonathan is a frequent speaker at industry conferences such as BlackHat, RSA, and SANS and holds several industry certifications including the CISSP, OSCP, CCSP, and GCFA. Jonathan is a veteran of the U.S. Navy finishing his career as a Lieutenant Commander supporting the Information Warfare Domain.

Jon Oltsik

Jon Oltsik

Distinguished Analyst and Fellow, Enterprise Strategy Group

Jon Oltsik is a distinguished analyst, fellow, and the founder of the firm’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO’s perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.