Search

See Resources

QUALYS BOOTH SCHEDULE

Hear best practices and case study presentations from industry leaders

MONDAY, FEBRUARY 29

5:00PM Showfloor Opens

5:10PM

Introducing Qualys ThreatProtect

Tim White, Director of Product Management, Cloud Platform, Qualys

5:50PM

How ACI Streamlined Its Vulnerability Management Processes

Douglas Rogers, Security Analyst, ACI Worldwide

Ryan Macdonald, Associate Security Analyst, ACI Worldwide

6:30PM

Policy Compliance and Security Assessment Questionnaire

Hariom Singh, Director of Product Management, Policy Compliance, Qualys

Enjoy Refreshments

during each presentation

Nespresso

Win High-Tech Prizes

after each presentation

Nespresso
Apple
GoPro

Get a Show Bag

after each presentation

Qualys showbag

TUESDAY, MARCH 1

10:00AM Showfloor Opens

10:15AM

Using ServiceNow for Vulnerability Response

Harold Byun, Senior Director, Product Management, ServiceNow

Jeff Leggett, Director, Cloud Services, API and Integrations, Qualys

11:00AM

UMass' Managed Security Services and Qualys

Keith Moran, Chief Technology Officer, University of Massachusetts

11:45AM

Cloud Agent and AssetView

Tim White, Director of Product Management, Cloud Platform, Qualys

12:30PM

Vulnerability Detection in Mobile Computing

Corey Reed, Senior Information Security Analyst, Synovus Bank

1:15PM

Using Splunk to Visualize Vulnerability Data

James Brodsky, Sales Engineering Manager, Southwest US, Splunk

Jeff Leggett, Director, Cloud Services, API and Integrations, Qualys

2:00PM

U.S. Bank's Vulnerability Management and Remediation Approach

James Barlow, Information Security Manager, U.S. Bank

Dennis Amundson, Sr. Information Security Specialist, U.S. Bank

3:00PM

Q&A with Rami Malek

Rami Malek, portrayer of cybersecurity engineer / vigilante hacker, Mr. Robot

Wolfgang Kandek, CTO, Qualys

Rami Malek Mr. Robot

3:30PM

Autographs & Photo Ops

Rami Malek, portrayer of cybersecurity engineer / vigilante hacker, Mr. Robot

Mr. Robot T-Shirt

4:30PM

The Evolution of Web Application Security and Scanning

Dave Ferguson, Application Security Solution Architect, Qualys

5:15PM

Secure Your Network Against Advanced Threats

Marty Davis, Business Dev. & Alliances, ForeScout Technologies

Vincent Saporito, Systems Eng., ForeScout Technologies

WEDNESDAY, MARCH 2

10:00AM Showfloor Opens

10:15PM

Secure Your Network Against Advanced Threats

Marty Davis, Business Dev. & Alliances, ForeScout Technologies

Vincent Saporito, Systems Eng., ForeScout Technologies

11:00AM

U.S. Bank's Vulnerability Management and Remediation Approach

James Barlow, Information Security Manager, U.S. Bank

Dennis Amundson, Sr. Information Security Specialist, U.S. Bank

11:45AM

The Evolution of Web Application Security and Scanning

Frank Catucci, Director of Product Management, Web Application Security, Qualys

12:30PM

Using Splunk to Visualize Vulnerability Data

James Brodsky, Sales Engineering Manager, Southwest US, Splunk

Jeff Leggett, Director, Cloud Services, API and Integrations, Qualys

1:15PM

Leveraging Qualys SaaS to Accelerate a Path Towards Compliance Automation

Josh Hankins, Information Security Solutions Team Manager, 84.51°

2:00PM

Vulnerability Detection in Mobile Computing

Corey Reed, Senior Information Security Analyst, Synovus Bank

3:00PM

Introducing Qualys ThreatProtect

Tim White, Director of Product Management, Cloud Platform, Qualys

3:45PM

UMass' Managed Security Services and Qualys

Keith Moran, Chief Technology Officer, University of Massachusetts

4:30PM

Using ServiceNow for Vulnerability Response

Harold Byun, Senior Director, Product Management, ServiceNow

Jeff Leggett, Director, Cloud Services, API and Integrations, Qualys

5:15PM

How ACI Streamlined Its Vulnerability Management Processes

Douglas Rogers, Security Analyst, ACI Worldwide

Ryan Macdonald, Associate Security Analyst, ACI Worldwide

Enjoy Refreshments

during each presentation

Nespresso

Win High-Tech Prizes

after each presentation

Nespresso
Apple
GoPro

Get a Show Bag

after each presentation

Qualys showbag

THURSDAY, MARCH 3

10:00AM Showfloor Opens

10:15AM

Q&A with Michael McCaul

Congressman Michael McCaul, Chairman, House Committee on Homeland Security

Congressman Michael McCaul

10:45AM

Book Signing

Congressman Michael McCaul, Chairman, House Committee on Homeland Security

Failures of Imagination: The Deadliest Threats to Our Homeland – and How to Thwart Them Book Cover - Michael McCaul

11:45AM

Leveraging Qualys SaaS to Accelerate a Path Towards Compliance Automation

Josh Hankins, Information Security Solutions Team Manager, 84.51°

1:15PM

Secure Your Network Against Advanced Threats

Marty Davis, Business Dev. & Alliances, ForeScout Technologies

Vincent Saporito, Systems Eng., ForeScout Technologies

2:00PM

Cloud Agent and AssetView

Tim White, Director of Product Management, Cloud Platform, Qualys

U.S. Bank's Vulnerability Management and Remediation Approach

James Barlow
Information Security Manager – Vulnerability Management, U.S. Bank

Dennis J. Amundson
Sr. Information Security Specialist, U.S. Bank

Remediation - It's the single most challenging aspect of enabling an enterprise vulnerability management program. Competing priorities, organizational silos, and technical finger-pointing all act as major headwinds for the Vulnerability Management and Remediation teams in charge of improving security posture and reducing risk across the enterprise. Join Jim Barlow and Dennis Amundson from U.S. Bank and Qualys, as we investigate US Bank's inventive approach to securing organizational buy-in and corporate responsibility for enterprise assets. This talk will detail US Bank's vulnerability management workflow from device detection, vulnerability analysis, assignment of responsibility, and remediation tracking.

James Barlow
Information Security Manager, Vulnerability Management, U.S. Bank

James Barlow has worked in the security field for over fifteen years. His experience has been in the areas of incident response, intrusion detection, network monitoring, vulnerability detection and remediation. He lead the security operations and incident response team at a national high performance computing center for a large portion of his career and currently he is managing the Vulnerability Assessment team at U.S. Bank.

Dennis J. Amundson

Dennis J. Amundson
Sr. Information Security Specialist, U.S. Bank

Dennis has served with the Information Security Services (ISS) function of U.S. Bank since 2008. His last five years have been with the Assessment Services team; tasked with enumeration the networked assets of the bank, running periodic vulnerability assessments against those same assets, facilitating the remediation process against issues found, collecting metrics on those efforts, as well as providing technical guidance to others within the enterprise driving the remediation efforts.


Prior to his current time at US Bank, Dennis served as a Unix/Linux systems administrator for approximately 15 years (fluent with AIX, Solaris, HP-UX, RHEL and SLES platforms), both in the educational and corporate arenas. He also has in-depth knowledge of IBM's AS/400 platform (now known as iSeries), having worked at IBM's Rochester Programming Laboratory as a student.

Leveraging the Qualys SaaS offering to accelerate a path towards compliance automation

Josh Hankins
Information Security Solutions Team Manager, 84.51°

This is the story of how the Qualys Policy Compliance module put my organization onto a path of compliance automation. I will walk through real-life use cases that demonstrate the efficiencies (both in the form of time and money) of the Qualys SaaS model that enabled me to bring change to my organization quickly. I will highlight valuable lessons learned along this journey and speak about the keys to my success. Also, I will present an audit preparation checklist others can leverage, demonstrating a clear link between the audit preparation checklist and how the Qualys Policy Compliance module can help with audit preparations by delivering usable and accurate "evidence" to the auditors in a swift manner.

Dennis J. Amundson

Josh Hankins
Information Security Solutions Team Manager, 84.51°

Josh Hankins is the Information Security Solutions Team Manager at 84.51° In this role, he is responsible for the technical security oversight and strategic direction for 84.51°'s infrastructure, architecture, and applications. His team also provides internal consulting services within the 84.51° organization. Previously, Josh served as a Security Architect at Accenture and for large superregional bank and credit card processer. He earned a BS from Northern Kentucky University and holds numerous IT certifications, including CISSP and GIAC certifications. Josh resides in the greater Cincinnati area.

The University of Massachusetts' Managed Security Services and Qualys

Keith Moran
Chief Technology Officer, University of Massachusetts

The University of Massachusetts cybersecurity program is based on the NIST Cybersecurity Framework (CSF) and the 20 Critical Security Controls (CSC). Starting in the Fall, 2015, UMASS began offering Cybersecurity consulting and operations services to some of our key business customers. These services match closely the services and capabilities provided to the University campuses. This session will review some of the key Managed Security Services (MSS) that UMASS is providing to our customers, and discuss how solutions from Qualys are used to support the UMASS Managed Security Services offerings.

Keith Moran

Keith Moran
Chief Technology Officer, University of Massachusetts

Keith Moran is the CTO of the University of Massachusetts President's Office. He is responsible for the technical aspects of the university's centralized shared services platforms. His responsibilities include mission critical applications in the areas of finance, HR/payroll, student systems, business intelligence, web presence, desktop, helpdesk, email etc. He is responsible for implementation of the University Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices, the NIST Cybersecurity Framework, ISO 27001 Code of Practice, and the 20 Critical Security Controls (CSC).


Additionally, Keith has P&L responsibilities for the Massachusetts Information Turnpike Initiative (MITI). MITI provides IT services beyond the university to non-umass entities especially in the higher education segment. Cybersecurity services include assessments, program development, 24x7 security operations center monitoring, incident response, education, training and vulnerability management. Various network related and internet services are also supported including, connectivity across the client enterprise, and connectivity to external entities, e.g., the internet and internet2. Lastly, various infrastructure services include co-location and site backup and recovery.


Prior to joining UMASS, Keith was Vice President, technical services at Fidelity Investments. While at Fidelity for 12+ years, Keith was responsible for building global technology teams and solutions in support of many "start up" initiatives within Fidelity's Employer Services division. These services were provided to some of the largest companies in the U.S.


Keith holds a Bachelor of Science degree in Management, from University of Massachusetts. He is a graduate of the Marriot Corp Management Training Program. He was the recipient of the Marriott Most Valuable IT Player award. He attended the University of Maryland's Master in Information Technology program. He is also a board member for the Boston chapter of the Society for Information Management (SIM).

The Evolution of Web Application Security and Scanning

Dave Ferguson
Application Security Solution Architect, Qualys

Best practices for web application security and scanning, change and evolve with the evolution of applications and technologies. This talk will focus on what we have done, are currently doing and progressing towards with our advanced scanning and detection methodologies pertaining to Qualys WAS.

Dave Ferguson

Dave Ferguson
Application Security Solution Architect, Qualys

Dave Ferguson is a Web Application Security Subject Matter Expert at Qualys. After 12+ years as a software developer writing Java and C++ code, Dave has specialized in application security for the last 10 years. Dave has pen tested countless applications and trained developers as a security consultant and served as the Application Security Lead at a multi-billion dollar travel technology company. He is a regular speaker at OWASP events and local chapters and is primary author of the OWASP Forgot Password Cheat Sheet. Dave holds CISSP and CSSLP certifications.

The Evolution of Web Application Security and Scanning

Frank M. Catucci
Director of Product Management, Web Application Security, Qualys

Best practices for web application security and scanning change and evolve with the evolution of applications and technologies. This talk will focus on what we have done, are doing currently and are progressing towards with the advanced scanning and detection methodologies in Qualys WAS.

Frank M. Catucci

Frank M. Catucci
Director of Product Management, Web Application Security, Qualys

Frank Catucci is currently the Director of Web Application Security, Product Manager and a Subject Matter Expert for Qualys. He has over 15 years experience in the Information Technology and Security field that spans enterprise, financial services, university/higher education, government, healthcare, legal, start-up businesses, public and private industries. Aside from his daily Web Application Security duties, Frank also conducts security research, penetration testing, and often speaks at information security conferences and events such as BSides, OWASP, ISSA, etc.

Vulnerability Detection in Mobile Computing

Corey Reed
Senior Information Security Analyst, Synovus Bank

Tracking vulnerabilities on mobile computing devices is some of the most difficult data to obtain on a consistent basis. If the device is not on the network at the time of your scan or if you do not schedule a scan for that device specifically, your data can become weeks or months out of date. So the question becomes how can you close this assessment gap while allowing your workforce to remain agile in how they conduct business. Enjoy a short presentation on the Qualys Cloud Agent and its new take on vulnerability scanning.

Corey Reed

Corey Reed
Senior Information Security Analyst, Synovus Bank

Corey Reed is a Senior Information Security Analyst within the Cyber Threat Management Division of Synovus. His current focus is vulnerability management and data loss prevention. Over a 12 year career Corey has worked in a multitude of IT disciplines including software engineering, system administration, identity access management, virtualization, and data analytics. Corey holds a Bachelors of Science, Computer Science from Morehouse College.

Hariom Singh, CISSP
Director of Policy Compliance

With over 12 years of experience in cyber security and IT GRC, he has been a driving force for positive change, helping organizations across industries lower IT security risk and meet their IT GRC objectives. As Qualys' director of policy compliance, he works with clients to help them secure their cyber infrastructure and exceed their IT-GRC goals. Prior to Qualys, he worked as the technical lead for Creative Breakthroughs, a technical consultancy, and as senior consultant for Symantec, building his vast experience designing and building effective security and compliance solutions for large enterprises in the healthcare, energy, financial and telecommunications industries.

Rami Malek

Rami Malek
Portrayer of cybersecurity engineer / vigilante hacker in Mr. Robot

Rami Malek currently stars in the USA series MR. ROBOT. He recently wrapped filming the independent feature BUSTER'S MAL HEART. He recently appeared on screen in NIGHT AT THE MUSEUM 3 opposite Ben Stiller. Rami appeared in Paul Thomas Anderson's THE MASTER opposite Philip Seymour Hoffman, Joaquin Phoenix and Amy Adams. Rami also notably appeared in the HBO miniseries THE PACIFIC as 'Snafu.' His performance garnered incredible reviews and led to him being cast by Tom Hanks in LARRY CROWNE at Universal and Bill Condon in the last installment of TWILIGHT SAGA: BREAKING DAWN. Prior to that, Rami worked in NIGHT AT THE MUSEUM 1 & 2 and had a memorable arc on 24. Rami can be seen in Spike Lee's OLD BOY opposite Josh Brolin and Elizabeth Olsen, as well as SHORT TERM 12, directed by Destin Cretton. He also starred in the Dreamworks feature, NEED FOR SPEED, directed by Scott Waugh, in which he portrays a car expert whose motivations hinge upon his sense of loyalty and justice.

Wolfgang Kandek

Wolfgang Kandek

As the CTO for Qualys, Wolfgang is responsible for product direction and all operational aspects of the Qualys platform and its infrastructure. Wolfgang has over 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Prior to joining Qualys, Wolfgang was Director of Network Operations at the Online Music streaming company myplay.com and at iSyndicate, an Internet media syndication company. Earlier in his career, Wolfgang held a variety of technical positions at EDS, MCI and IBM. Wolfgang earned master's and bachelor's degrees in computer science from the Technical University of Darmstadt, Germany.

How ACI Streamlined Its Vulnerability Management Processes

Douglas (Doug) Rogers
Security Analyst, ACI Worldwide

Ryan Macdonald
Associate Security Analyst, ACI Worldwide

ACI scans our entire corporate network of roughly 438,000 IP's and just over 21,000 hosts around the world in 5 days with 2 Qualys scanners, one physical and one virtual. Once the scans are complete I have the results in a matter of hours, not days, and they're shared with resources who can start remediation efforts.


If you can think of it, Qualys lets you build a template to report on it. The "Sev5 & Sev4 with available patch" report actually shows IT where we should be focusing their efforts to get rid of the worst vulnerabilities in our environment. We also use the "Qualys Patch Report" to show all vulnerabilities that have an available patch to help remediate them.


Our Qualys story proves that someone with absolutely zero (0) scanning experience can take Qualys, configure it, scan with it, and use its reporting features to build a productive Vulnerability Management process.

Doug Rogers

Douglas (Doug) Rogers
Security Analyst, ACI Worldwide

After 15 years in the beverage industry Doug knew he wanted to do something different. Armed with his recent BS in Computer Information Systems he sought his first job in the IT world. Landing at ACI he was quickly pulled into the world of Information Security and a company-wide deployment of 2-factor authentication. Just as the dust would settle on that project he would be approached with the task of vulnerability scanning for his worldwide employer. When he is not scanning or performing some scanning related task, Doug spends his time with his wife and 2 daughters trying to convince them to install the latest updates on their phones and laptops for security purposes.

Ryan Macdonald

Ryan Macdonald
Associate Security Analyst, ACI Worldwide

Ryan Macdonald is a security analyst at ACI Worldwide where he focuses on vulnerability management and incident response. In his spare time, he enjoys developing and designing custom applications as a freelancer. Ryan currently holds a bachelors in Information Security and Assurance from Kennesaw State University and is currently working on his masters from Bellevue University.

TBD

Congressman Michael T. McCaul

Congressman Michael T. McCaul, Chairman, House Committee on Homeland Security

Congressman Michael T. McCaul is currently serving his sixth term representing Texas’s 10th District in the United States Congress. The 10th District stretches from Austin to the Houston suburbs. In January of 2013, McCaul became Chairman of the House Committee on Homeland Security, which has oversight of the Department of Homeland Security ensuring it is able to carry out its core mission of protecting the American people from terrorist attacks. McCaul is also a regular on the Sunday shows offering analysis and solutions for a nationwide audience on the pressing issues of the day. A fourth generation Texan, McCaul earned a B.A. in business and history from Trinity University and holds a J.D. from St. Mary’s University School of Law. McCaul is married with five children.

Jeff Leggett

Jeff Leggett, Director, Cloud Services, API, and Integrations for Qualys

Jeff Leggett is currently Director of Cloud Services, API and Integrations for Qualys. With over 25 years of IT and InfoSec experience, he acts as both Product Manager and Subject Matter Expert on Automation and Integrations for the company.

Using Splunk to Visualize Vulnerability Data

Jeff Leggett
Director, Cloud Services, API and Integrations, Qualys

James Brodsky, Sales Engineering Manager, Southwest US, Splunk

Security analytics can give businesses critical insight into potential threats and enable faster detection by prioritizing vulnerability and event data. This session will demonstrate a new way to look at and analyze vulnerability data by combining Splunk and Qualys. A live demo will walk attendees through a Splunk app that pulls vulnerability data using Qualys APIs, and shows users how to build custom reports and dashboards to help security teams identify the most critical threats in their perimeter.

Tim White

Tim White, CISSP, Director of Product Management for Policy Compliance, Qualys

With over 15 years of experience in IT GRC, he has worked with a variety of large enterprises over the years shaping products in the industry. He also has significant experience in other areas of Information Security working with products ranging from Firewalls, Network Security, and Host Security.

James Brodsky

James Brodsky, Sales Engineering Manager, Southwest US, Splunk

James Brodsky is an SE Manager and Security SME for Splunk and is located in Denver, CO. He works with some of Splunk's larger commercial customers in the US to improve their security posture through the use of Splunk's security intelligence programs. James also has extensive experience with integrity monitoring, security configuration management, and vulnerability management, and is the author of a guide mapping Splunk's capabilities to the CIS 20 CSC.

Secure Your Network Against Advanced Threats

Marty Davis
Senior Director, Business Development and Alliances, ForeScout Technologies

Vincent Saporito
Manager of Systems Engineering Enablement, ForeScout Technologies

Organizations are challenged by the pervasive nature of cyberthreats and vulnerabilities to their valuable corporate information that is maintained on their networks. By continuously monitoring the network and the devices on the network, world class tools, working together, such as Qualys and ForeScout, assess the state of vulnerabilities by executing scans anytime desired. Vulnerabilities can be discovered and remediated quickly.

Marty Davis

Marty Davis, Senior Director, Business Development and Alliances, ForeScout Technologies

Marty is the Senior Director of Business Development at ForeScout, responsible for developing and managing Business and Technology Partnerships for ForeScout's ControlFabricTM EcoSystem.

Vincent Saporito

Vincent Saporito, Manager of Systems Engineering Enablement, ForeScout Technologies

Vincent runs the ForeScout Enablement team in charge of on-boarding and developing technical skills for System Engineers.

Using ServiceNow for Vulnerability Response

Jeff Leggett
Director, Cloud Services, API and Integrations, Qualys

Harold Byun
CISSP, Senior Director, Product Management, ServiceNow

This session will demonstrate how organizations can use ServiceNow Security Operations and Qualys to help determine not only what systems and services are susceptible to a vulnerability, but also easily identify dependencies across systems and quickly assess the business impact. Response teams can also trigger patch remediation workflows with automated verification, all from a single platform. The result is a coordinated remediation strategy for vulnerabilities across services and assets while simultaneously eliminating manual response tasks.

Harold Byun

Harold Byun, CISSP, Senior Director, Product Management, ServiceNow

Harold Byun heads up product management for the ServiceNow Security Business unit. Prior to ServiceNow, he ran product management at Skyhigh Networks, a CASB cloud security company. His background includes roughly two decades of experience in security. He’s held product roles at MobileIron focusing on mobile app security and enterprise app delivery, and at Vontu / Symantec Data Loss Prevention where he worked with several customers and their SecOps and behavioral intelligence groups. He holds an MBA from the Haas School of Business at UC Berkeley, an undergraduate degree from Tufts University, and holds a patent on security risk visualization.

Contact sales or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics