Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security
2024 Cyber Risk Submit 2024 Cyber Risk Submit

Art of the Impossible: Navigating the Broken CMDB

Relying on your configuration management database (CMDB) for a comprehensive view of assets leaves significant gaps in your security program. In this edition of the Cyber Risk Series, we'll go beyond broken CMDBs to consolidate asset inventory and ALL risk factors to one source of truth for Security and IT teams. Join us at the next Cyber Risk Series as we transform the CMDB into a resource for defending evolving attack surfaces.

Wednesday, May 8, 2024


Featured Speakers

Sumedh Thakar
President and CEO, Qualys

Omar Santos
Cybersecurity and AI Security Research, OASIS Open

Shira Rubinoff
President, Cybersphere

Kunal Modasiya
VP, Product Management, Attack Surface Management & AppSec, Qualys

Learn what industry leaders are tracking on their cyber assets

The modern attack surface is dynamic, and a periodically updated list of assets won't secure your organization. CISOs and security teams need an actionable, risk-based approach to attack surface management to prioritize their riskiest assets amidst the sprawl.

Don't miss this unique opportunity to hear industry experts offer their best advice on what security leaders need to know to protect their entire attack surface from growing threats and navigate far beyond the limitations of the CMDB.


Beware Your EoL/EoS Tech Debt

End-of-life (EoL) and end-of-support (EoS) hardware, software, and operating systems are often seen as an IT responsibility. The problem for security teams is that these instances of tech debt expose the organization to unpatchable vulnerabilities and other critical risks. While IT may control the budget and resources for upgrades, security bears the responsibility for associated risks. So, how can security teams measure the risk and align with IT proactively?

De-risking Your External Attack Surface

The modern enterprise has thousands of assets outside of its network, exposed to the internet—many of which are unknown. Not only does the cybersecurity team need to find these websites, applications, and legacy systems, but they must identify critical risk among the sprawl. Learn best practices for discovering external assets and providing IT and Security teams with the required intelligence to de-risk the external attack surface.

Bringing ITOps & Security Together

For IT teams, asset management implies procurement, change management, patching, and operational efficiency. For Security teams, asset management is the foundation for measuring and prioritizing risk. Every organization must find harmony between prioritizing risk and powering business operations through technology. Learn how to create a unified view of technology and risk to bridge the gap between Security and IT.

Asset Inventory Risk

Many asset management programs focus on building a comprehensive inventory—an important first step. But a list of assets is useless, unless you know the asset criticality along with associated vulnerabilities, misconfigurations, EoL/EoS data, and missing security controls. Learn the difference between visibility and inventory risk assessment.


Agenda coming soon

Tap into expert cyber risk insights every quarter!

Missed past Cyber Risk Series events?

Watch full recordings of every session.

Navigating the Complexity of Cloud Security: Challenges, Vulnerabilities, and Common Solutions Needed in 2024

David S. Linthicum, Globally recognized thought leader, innovator, and influencer in cloud computing, AI, and cybersecurity

Decoding Risk in the Cloud: A Fireside Conversation with CSA’s Jim Reavis, and Qualys’ Sumedh Thakar

Jim Reavis, CEO, Cloud Security Alliance

Sumedh Thakar, President and CEO, Qualys

Adoption of CIS Benchmarks™ to Enhance Your Cloud Security

Sean Atkinson, CISO, Center for Internet Security

Navigating Business Growth and Transformation Through Rapid Hardening of Cloud-Native Environments

Terry Barber, Security Operations, American Express Global Business Travel

Cloud Security 101: When, Why, and How Your Security Team Needs to Harness the Power of Cloud Security

Rob Smith, Founder & CEO, Lionfish Tech Advisors, Inc

Strong Cloud Security is a Team Sport

Clayton Smith, Principal Security GTM Specialist, AWS

Prioritizing Risk In a Fragmented Cloud

Nayeem Islam, Vice President, Product Management, Qualys


Jonathan Trull, CISO, Qualys

Compliance and the Cloud

Troy Leach, Chief Strategy Officer (CSO), Cloud Security Alliance

PCI DSS 4.0 Myths and Facts from the Assessor's Perspective

Avani Desai, CEO, Schellman

Matt Crane, Senior Manager, Schellman

Four Common Trends in PCI DSS 4.0 Compliance

Gene Yoshida, Consultant - Chief Risk/Compliance

Bill Reed, Marketing Expert, Qualys

Four Common Trends in PCI DSS 4.0 Compliance

Terry Barber, Manager, Security Operations, American Express Global Business Travel

The Platform Approach to PCI

Lavish Jhamb, Sr. Product Manager, Compliance Solutions, Qualys

PCI DSS 4.0 Challenges and Cardnet's Experience

Isaias Mercado, Senior Systems Security Manager, Cardnet


Corey Smith, Vice President, Solution Architects, Qualys

Navigating Risk in an Era of Expanding Attack Surfaces

Jonathan Trull, CISO, Qualys

Attack Surface Management Matters

Jon Oltsik, Sr. Principal Analyst & Fellow, Enterprise Strategy Group

Defining the Attack Surface: A CISO's Perspective

Jonathan Trull, CISO, Qualys

Ryan Barrett, CISO, Intermedia

The CISO Maturity Model: Building a Cyber Strategy that Aligns with Corporate Risk Goals

Mike Orosz, Global VP & Information and Product Security, Vertiv

Attack Surface Management with an Attacke's and Defende's View

Kunal Modasiya, VP, Product Management, Attack Surface Management & AppSec, Qualys

Fireside Chat: ASM & the Zero-Trust Connection

Art Thompson, CIO, City of Detroit

Bill Reed, Marketing Expert, Qualys

Wrapup and Free EASM Report Offer

Corey Smith, Sr. Director Solutions Architecture, Qualys

Building a cyber resilient enterprise by pivoting to risk management

Sumedh Thakar, President and CEO, Qualys

The convergence of data security and data management in a world of ransomware protection and recovery

Sanjay Poonen, CEO and President, Cohesity

Fireside Chat: How CISOs Can Navigate the Changing Landscape of Cybersecurity

Jonathan Trull, Chief Security Officer, Qualys

Rinki Sethi, VP & CISO, Bill

Unlocking Intelligence-Backed Remediation: Insights from the Qualys Threat Research Unit

Travis Smith, Vice President, Threat Research Unit, Qualys

Cyber Insurance – Are we there yet?

Rajeev Gupta, CPO and Co-founder, Cowbell

Sneak Peak of Qualys Latest Innovation

Shailesh Athalye, SVP, Product Management, Qualys
Shira Rubinoff

Shira Rubinoff

President, Cybersphere

Shira is President, Cybersphere, The Futurum Group’s cybersecurity practice. She is a recognized Cybersecurity executive, cybersecurity advisor, global keynote speaker, influencer and author, who has built two Cybersecurity product companies, and both incepted and led multiple Women-in-Technology initiatives.

Shira also serves as President of the NYC-based technology incubator, Prime Tech Partners and the social-media-security firm, SecureMySocial. In addition, she holds seats on the Boards of Pace University Cybersecurity Programme, The Executive Women’s Forum for Information Security, Leading Women in Technology, the Capri Ventures, Memcyco and many other leading technology and security companies.

Shira has published countless articles and lectures on topics related to the human factors of cybersecurity, blockchain, AI and related topics, and holds several patents/patents-pending in areas related to the application of psychology to improve information technology and Cybersecurity.Shira was awarded as “New Jersey’s Best 50 Women in Business”; “Woman of Influence” by CSO Magazine; “One to Watch” by CSO and the EWF; “Outstanding Woman in Infosec” by the CyberHub Summit; One to Watch in IT Security by SC Media and Top Female Cybersecurity Influencer on Social Media.

Sumedh Thakar

Sumedh Thakar

President and CEO, Qualys

As President and CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. From 2014 to 2021, he served as Qualys’ Chief Product Officer, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.

Sumedh is a long-time proponent of SaaS and cloud computing. He previously worked at Intacct, a cloud-based financial and accounting software provider. He also worked at Northwest Airlines developing complex algorithms for its yield and revenue management reservation system. Sumedh has a bachelor’s degree in computer engineering with distinction from the University of Pune.

Omar Santos

Omar Santos

Cybersecurity and AI Security Research - Security & Trust, OASIS Open

Omar is a board member of OASIS Open. Omar is the chair of the Common Security Advisory Framework (CSAF) developing new ways to automate security vulnerability disclosure and management. These efforts include the CSAF Vulnerability Exploitability eXchange (VEX). He is the founder and chair of OpenEoX. Omar is the co-chair of the Forum of Incident Response and Security Teams (FIRST) PSIRT SIG.

Kunal Modasiya

Kunal Modasiya

Vice President, Product Management, Attack Surface Management & AppSec, Qualys

Kunal is currently VP of Product Management for the CyberSecurity Asset Attack Surface Management (CAASM), Web App and API Security product line at Qualys HQ in Foster City, CA. He is Qualys boomerang. He worked at Qualys for 3 years and incubated the XDR product line from inception. Kunal has spent 15+ years working at startups, and big and mid-size companies in cybersecurity, networking, and application security in both product and engineering roles at Juniper Networks, Extreme Networks, Sun Microsystems and Infinera. Prior to re-joining Qualys, Kunal was heading products at Israeli startup in API security and bot management AppSec space.