Explore the profound impact of digital transformation on the security industry and what it means for practitioners, partners and vendors. Join us in Las Vegas for the 2019 Qualys Security Conference. You’ll hear from industry experts, see major innovative extensions to the Qualys Cloud Platform, get practical experiences and tips, and network with Qualys engineers and other security experts, all of which will help you accelerate your security career.
Kick off QSC19 on Tuesday, November 19, 6:00 PM – 9:00 PM with a social evening. Meet old friends, make new ones, enjoy cocktails, and connect with Qualys experts and peers.
|7:30 – 8:30 AM Registration & Breakfast|
8:30 – 8:35 AM
Laurie MacCarthy, EVP of Worldwide Field Operations, Qualys
8:35 – 9:20 AM
Featured Keynote – The Cyber War and You
Richard A. Clarke, National Security and Cyber Risk Expert, Author of The Fifth Domain
Ten years ago, in the seminal book Cyber War, America’s first cyber czar predicted how hacker groups and nation-states would put America’s companies, power grid, and critical infrastructure at risk. Now, that has happened. Drawing from his new book, The Fifth Domain, Clarke outlines how to protect our country, our companies, and ourselves.
9:20 – 9:50 AM
Keynote – Security at a Crossroads, Part II
Philippe Courtot, Chairman and CEO, Qualys
At QSC18, Philippe discussed the profound impact of digital transformation on the enterprise — the rapid adoption of clouds, the consolidation of the stack, the evolution of the managed security service provider (MSSP), and the continued impact of IoT and OT — all of which have come to fruition. At QSC19, we'll take this a step further and explore what these changes mean for us as security practitioners, partners and vendors with an emphasis on how we'll adapt and evolve.
|9:50 – 10:15 AM Break|
10:15 – 12:00 PM
Keynote – The Evolution of the Qualys Platform:
Unveiling the Latest Updates and Next-Gen Initiatives
Sumedh Thakar, President and Chief Product Officer, Qualys
Effective cybersecurity needs real-time context. Today's approach of deploying multiple, siloed cybersecurity products and stitching them together with SIEM solutions to get context is not working. The keynote will cover current industry trends, challenges, and opportunities for better security in the new hybrid world. Sumedh will share Qualys' approach to building a unique, unified platform for IT, security and compliance, covering architecture and recent updates as well as next-gen initiatives with lively demos.
12:00 – 1:30 PM
Book Signing: The Fifth Domain
|1:30 – 1:45 PM Kahoot® Live Customer Polling and Trivia|
1:45 – 2:15 PM
Real-Time Vulnerability Detection, Prioritization and Response
Chris Rodgers, Director of Product Management, Qualys
In this age of instant gratification, businesses are finally able to catch up with their desire to have everything identified, prioritized, and remediated in real time. Practitioners can utilize the vulnerability detection and remediation cycle to establish efficient closed-loop processes for their organizations. Find out how to get started when you are staring down a mountain of vulnerability data, and learn how to sift out remediation processes with ease by spending time on the right vulnerabilities. See how sharing simple and actionable insights with your colleagues and executive team provides the assurance they need to know their vulnerability detection and remediation is accurate and in good hands.
2:15 – 2:45 PM
Securing the Digital Transformation with DevOps:
Cloud and Container Security Automation
Badri Raghunathan, Director of Product Management, Qualys
Enterprises are committed to adopting and operationalizing cloud infrastructure and cloud-native compute technologies like containers and serverless platforms as part of their digital transformation efforts. Yet, digital transformation also brings with it an increased attack surface. What’s more, the sheer speed and scale of the underlying DevOps pipeline requires a proactive, continuous and automated approach to security. To address these challenges, Qualys is introducing new capabilities to increase inventory visibility and enable complete security assessments of cloud infrastructure and application workloads across the DevOps pipeline.
|2:45 – 3:00 PM Break|
3:00 – 3:40 PM
Keynote – Building Security into Azure
Ramesh Chinta, Group Program Manager, Microsoft
Security and Compliance are critical decision-making criteria for customer's digital transformation, modernization and migration to the cloud. Ramesh Chinta will discuss how Azure security services are built in conjunction with a rich ecosystem of partners. The primary focus will be on how Azure delivers end-to-end, built-in security to customers. The session will cover key Azure security services and their comprehensive coverage in the areas of protection, detection, and response to protect customer workloads on Azure.
3:45 – 4:30 PM
Panel: Security in the Age of Digital Transformation – The View from Our Customers
Moderator: Sumedh Thakar, President and Chief Product Officer, Qualys
Panelist: Wendy M. Pfeiffer, CIO, Nutanix
Panelist: Chad Schieken, Executive Director Cyber Exposure Management, Comcast
Panelist: Senthil Selvaraj, SVP Independent Technology Risk, PNC Bank
Panelist: Thomas Graham, CISO, CynergisTek
Panelist: Hemanta Swain, VP & Chief Information Security Officer, TiVo Corporation
This panel of leading industry experts will focus on discussing the opportunities we have in today's world of digital transformation to improve our IT and security delivery. We'll discuss how the rapid adoption of clouds, the consolidation of the security stack, and the proliferation of OT and IoT has impacted our panelists' companies and teams. Next, we'll debate DevOps, and see what DevOps approaches panelists are using to advance their security posture along with other topics. Moderated by Sumedh Thakar, Qualys President and Chief Product Officer, panelists include senior representatives from Comcast, CynergisTek, Nutanix, PNC Bank, and TiVo Corporation.
|4:30 – 4:45 PM Kahoot® Live Customer Polling and Trivia|
4:45 – 5:00 PM
Day 1 Closing Remarks
Philippe Courtot, Chairman and CEO, Qualys
|7:00 – 8:00 PM Cocktail Hour|
|8:00 – 9:00 PM Dinner|
|9:00 – 11:00 PM Qualys Casino Night|
At the conference, you will meet Qualys engineers, the driving force behind our Qualys Cloud Platform, hear our roadmap for the future and have the opportunity to provide direct feedback and suggestions.
Listen to best practices and user case study presentations, connect with our product managers and fellow Qualys customers and tally up your CPE credits.
CIOs, CSOs and CTOs; directors and managers of network, security and cloud; developers and DevSecOps practitioners; Qualys partners and consultants; or anyone passionate about security.
Qualys Security Conference will be held at The Bellagio Hotel.
3600 S Las Vegas Blvd
Las Vegas, NV 89109
T: (702) 693-7111
Attendance at QSC is complimentary. This includes access to all general sessions, breakout sessions, breakfast, lunch, breaks, and receptions.
Travel and hotel accommodations are not included with QSC or pre-conference training.
A discounted rate of $226 per night, plus $36 daily resort fee (taxes not included) is available for a limited time at the Bellagio. Take advantage of this rate by completing your QSC registration.
Join us to learn how to effectively secure your hybrid IT environment, streamline your security and compliance initiatives and enable digital transformation. There is no cost to attend this event.
As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures. Philippe received the SC Magazine Editor's Award in 2004 for bringing on demand technology to the network security industry. He was also named the 2011 CEO of the Year by SC Magazine Awards Europe. He was previously Chairman and CEO of Signio until its acquisition by VeriSign. He is also a member of the Board of Directors of StopBadware, a non-profit, anti-malware organization.
As President and Chief Product Officer at Qualys, Sumedh oversees worldwide field operations as well as all things product including engineering, development, product management, cloud operations, DevOps, and customer support. He is responsible for the design, development, delivery and support of all product lines. He has also built up multiple Qualys sites resulting in a global 24x7 follow-the-sun product team. Sumedh has been with Qualys since 2003 and was most recently vice president of engineering. He has a bachelor’s degree in computer engineering with distinction from the University of Pune.
Jimmy Graham is the Sr. Director of Product Management for Vulnerability Management. He has been deeply involved in information security and vulnerability management for over 10 years, and has managed teams covering security operations, incident response, application security, vulnerability management, penetration testing, governance, and compliance.
Asif is a passionate cybersecurity entrepreneur with a broad business and technology expertise that spans enterprise, healthcare and financial domains, and cloud, mobile and deep learning technologies. He was the founder and CTO of Layered Insight till it was acquired recently by Qualys. He is now the CTO for Container Security at Qualys. Layered Insight was a pioneer in the container security space that offered a solution for providing deep visibility and protection for containerized and serverless workloads, using an innovative application-centric approach. It's the only infrastructure and orchestration agnostic solution that's zero-touch to developers and DevOps, and fully portable for cloud and edge workloads.
Asif is a pioneer in the Mobile Application Management space. Back in 2011, he identified a serious gap in the enterprise solutions being offered for BYOD, envisioned an innovative user-space virtualization solution, and founded Plursona to build that solution and realize the business vision. Plursona was acquired in 2012 by HPE (Aruba Networks) for its best-in-class technology. Asif has held various technology and business leadership positions at HPE (Aruba Networks), Motorola Mobility, Wells Fargo, Juniper Networks and Boston Scientific (Guidant).
Dave Ferguson is Director of Product Management for Web Application Security at Qualys. After writing code and developing applications for over a decade, Dave transitioned to focus on application security. Prior to Qualys, he led the global application security program at Sabre Corporation and worked as a Principal Consultant at FishNet Security (now Optiv). Dave is author of the OWASP Forgot Password Cheat Sheet and holds CISSP and CSSLP certifications.
Asif Karel is the director of product management for Qualys CertView. He has over 20 years of experience in Information Security including online fraud detection, PKI, strong authentication and single sign-on. Prior to joining Qualys, he was a subject matter expert in digital certificates and certificate solutions at VeriSign and Symantec, a solutions architect in the CASB space at CipherCloud and a solutions manager at Venafi.
Chris Carlson is a vice president of strategy at Qualys, where he is in charge of the product definition, roadmap and strategy for the Cloud Agent Platform. During his 20+ year career in the infosec industry, Carlson has attained expertise in multiple areas, ranging from firewalls, VPNs and intrusion prevention systems to real-time event-processing, security analytics and next-generation endpoint platforms. Prior to joining Qualys, he held security architecture roles at UBS and at Booz Allen Hamilton, and product management positions at venture-funded startups and at leading vendors, including Hexis Cyber Solutions, Agent Logic, Informatica and Trustwave.
Shailesh Athalye (CISA, CRISC, CEH, ISO 27001 LA) drives product management and engineering for Qualys' line of compliance products including Policy Compliance, File Integrity Monitoring, Security Assessment Questionnaire. With over 15 years of experience in the fields of IT GRC and information security, he has been a driving force for creating innovative ways to streamline risk, configuration and compliance management use cases.
Pablo Quiroga is a Director of Product Management at Qualys, where he is in charge of the product definition, roadmap and strategy for the IT asset visibility & management initiatives. With over 10 years of experience in Enterprise Software and the IT industry, Pablo has helped numerous customers gain significantly better visibility to support data-powered decision that often led to multi-million-dollar savings and risk avoidance.
Hari Srinivasan is director of product management for Qualys’ security for cloud and virtualization. He has expertise in numerous enterprise software disciplines including cloud security and analytics, automation, systems management, data center transformation, Hybrid Cloud, PaaS - DBaaS, compliance and configuration management. He previously worked at Oracle both as an engineer and spent over a decade in multiple areas in product management positions.
Scott Crawford is Research Vice President for the Information Security Channel at 451 Research, where he leads coverage of emerging trends, innovation and disruption in the information security market.
Well known as an industry analyst covering information security prior to joining 451 Research, Scott has experience as both a vendor and an information security practitioner. At IBM, Scott guided offering strategy and development with a primary focus on security intelligence for IBM Security Services. He is the former CISO of the Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) International Data Centre in Vienna, Austria, where he pioneered the implementation of security policy and architecture for a non-governmental organization (NGO) serving more than 150 nations.
Richard A. Clarke is a former key advisor on intelligence and counter-terrorism who worked during the administrations of Presidents Ronald Reagan, George H. W. Bush, and Bill Clinton. Starting in 1998, he also served as the National Coordinator for Security, Infrastructure Protection, and Counter-terrorism for the U.S. National Security Council.
In The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats, Clarke and fellow cybersecurity expert Robert K. Knake provide a vivid, engrossing tour of cyberspace, introducing us to the scientists, executives, and public servants who have learned through hard experience how government agencies and private firms can fend off cyber threats.
Upon leaving the Bush administration in 2003, Clarke began speaking about his experience and future predictions about intelligence and counter-terrorism. He is an on-air ABC News consultant on political and security issues, and lectures at the John F. Kennedy School of Government at Harvard University. Clarke has appeared on Real Time with Bill Maher, The Daily Show, The Colbert Report, CNN, and more, where he has spoken about cyber war, crisis management, terrorism, the Middle East, and other major political issues of our time. Additionally, Clarke has written several op-eds on these subjects for the New York Times, the Washington Post, and the Wall Street Journal. His 2018 podcast, Future State, discussed the issues crucial to voters in the weeks preceding the election with such high-profile guests as former Secretary Madeleine Albright and former President Bill Clinton.
Clarke currently chairs the Board of Governors of the Middle East Institute. He has written nine books, both fiction and nonfiction, including the #1 New York Times bestseller Against All Enemies: Inside America’s War on Terror.
Dilip Bachwani is Senior Vice President, Engineering and Cloud Operations at Qualys, responsible for spearheading Qualys’ Cloud Platform Engineering, DevOps and SRE initiatives. An Agile and DevOps champion passionate about its transformational potential on organizational productivity and success, Dilip has deep technology and architecture expertise and over 18 years experience in building complex scalable distributed systems.
Laurie leads the worldwide field operations teams. In this role, she works with all regional leaders to provide customers with solutions that help them secure their digital transformation efforts. She also builds technology partnerships with customers that guide and shape the direction and vision of the Qualys Cloud Platform. In addition, Laurie ensures that the field teams provide the highest level of technical support to customers – ensuring maximum performance and results from the deployment of Qualys solutions.
Laurie has 22 years of experience in the IT industry, with a focus on information security for the past 12 years. Before joining Qualys in 2012, she managed the vulnerability program for CVS Caremark. Laurie has also program managed strategic initiatives at various security companies, including SecureWorks and VeriSign.
Charles Henderson is the Managing Partner and Global Head of X-Force Red. Throughout his career, Charles and the teams he has managed have specialized in network, application, physical, and hardware/device penetration testing as well as vulnerability research. X-Force Red’s clients range from the largest on the Fortune lists to small and midsized companies interested in improving their security posture.
Charles is also an enthusiastic member of the information security community and an advocate of vulnerability research. He has been a speaker at various conferences (including Black Hat, DEFCON, RSA, SOURCE, OWASP AppSec USA and Europe, and SXSW) around the world on various subjects relating to security testing and incident response. He has also appeared on or in The Today Show, CBS Evening News, CNN, Fox News, MSNBC, BBC, The Wall Street Journal, Forbes, USA Today, The Register, SC Magazine, Engadget, eWeek, Reuters, Car & Driver, and various other media outlets.
Badri Raghunathan is a director of product management at Qualys, responsible for spearheading Qualys’ product initiatives around cloud-native infrastructure (containers, serverless). A technology entrepreneur at heart, Badri thrives on understanding customer problems, building differentiated products, and taking them to market. Badri has worked in product and engineering management roles in a variety of industries, including security, networking and consumer electronics. Most recently, Badri was a founder at an early stage cloud DevSecOps startup, and prior to that, he led cloud-based security and networking products at companies like Symantec and Cisco. Badri holds 9 U.S. patents and has several more applications in the pipeline. He holds an MBA from the University of California Berkeley, and M.S. and B.S. degrees in electrical engineering from Oklahoma State University and the University of Madras, respectively.
Chris Rodgers is a director of product management, vulnerability detection and response, at Qualys. Chris has more than 15 years of experience in technology and information security. Previously, he was an information security engineer in charge of vulnerability management at Western Union, and before that, he held business and technical roles at Arrow Electronics and Ryerson. He holds a master’s degree in organizational leadership from the University of Denver and a bachelor’s degree in leadership development from Texas A&M University.
As the CIO of Nutanix, Wendy's focus on enterprise adoption of modern technologies fuels the company's global mission. Wendy also serves on the boards of Qualys, Inc. and Girls In Tech. A consumer tech enthusiast, Wendy has led technology and operational functions for Robert Half, GoPro, Yahoo! and Cisco. Wendy's recent accolades include being named ORBiE's Bay Area Enterprise CIO of the Year, the Fisher Center for Data Analytics' CIO of the Year, and one of HMG's Top Technology Executives. She was also ranked first on Enterprise Management 360's list of Top 10 Tech CIO's, named one of Silicon Valley Business Journal's Women of Influence and listed as one of the National Diversity Council's Top 50 Most Powerful Women in Technology.
Ramesh Chinta is a group program manager and seasoned leader at Microsoft. During his tenure, he has built protocols and the storage stack for the Exchange Server and security authentication, authorization, and management services for Windows. He has experience managing Bing infrastructure services to operate systems and security at scale. In his current role, he manages Azure Security and Compliance in the security health and analytics areas. Ramesh is responsible for the security services in the Azure Security Center. He is an expert in cloud security, delivering cloud services at hyperscale, distributed systems, security health, and analytics domains and holds multiple patents in these areas.
Senthil Selvaraj is a risk and technology executive in the banking industry. He is currently with PNC Bank as the second line risk lead supporting CIO groups. Previously, Senthil was with Bank of America in multiple technology, consumer and risk roles. His focus is on technology infrastructure, data center modernization (which includes vulnerability, change, and testing aspects associated with vendor products), and impact on artificial intelligence for banking applications.
Brian Rossi has been a cybersecurity leader at Caterpillar for the past 5 years focusing on IAM best practices and vulnerability management. Prior to this role, Brian spent 15 years integrating IT operations into service management through automation to bring greater efficiency to the business. Now leveraging his passion for automation and cybersecurity, he is helping to securely enable the Caterpillar supply chain through effective technology integrations.
Grant Johnson is the Director of Risk and Compliance at Ancestry where he is responsible for a team that manages all things IT compliance, including: GDPR Privacy Controls, Payment Card Industry (PCI) reporting, Cloud Security compliance & control and Vulnerability Management. He started his career with the Big Four accounting firms and has worked in different industries since then. He has been involved with IT security and compliance for over 20 years. Vulnerability management has been a favorite pass-time of his since he took over responsibility for scanning an entire Class A sized network at General Electric and regularly involved in working through the challenges posed by scanning over 900K hosts. He most recently developed the scanning and vulnerability operations process to meet the unique needs of the cloud-based infrastructure at Ancestry. When he is not at work, he loves spending time under the hood of a car and suffering chronic seasonal mood disorder induced by following BYU’s football team.
John Njenga current lives within the Atlanta metro area and has been working as an IT professional for more than 25 years. He has held various roles in software development, IT systems and network engineering, technical management, and IT security risk and compliance within the IT technology, engineering, banking and finance, security consulting, and retail industries. He is currently employed as a Principal Security Engineer within the cybersecurity risk and engineering space for a Fortune 50 retailer based in the Southeast United States.
Chad Schieken has over 20 years of professional experience in cybersecurity in a variety of settings. His primary areas of competency include cloud security, privacy, compliance and vulnerability management. Having worked at both a large public cloud provider and one of the leading incident response firms, Chad has had a unique opportunity to see how leading organizations address today’s challenges. Chad is from Philadelphia, PA where he lives safely tucked away with his wife, 4 children and their dog, Winston.
Thomas Graham serves as the CISO for CynergisTek, a top Healthcare Security company based in Austin, Texas. Prior to this, he supported the Defense Health Agency in a variety of roles. Most recently, prior to working with CynergisTek, his team received a FedHealthIT award for innovation presented at the National Press Club in Washington, DC. He currently holds MBA and MS-Technology Systems degrees, along with being in the final stages of his PhD in Information Assurance. Thomas has received CISSP and HCISPP designations, along with other industry recognized certifications. Thomas also serves on the MIS advisory board for East Carolina University and has spoken at multiple industry-recognized conferences.
As an enterprise architect at Celestica, Andrei Hotaran focuses on security strategy and technology innovation. He brings more than 20 years of Information Technology experience spanning across application development, cloud technologies, machine learning and cybersecurity.
Geronimo Welter E. Lapinig is a senior developer with 14 years of experience in information technology and part of Celestica's Global Shopfloor application development team. His role is to ensure seamless and secure deployment of applications across all Celestica sites whether on premise or in the cloud.
Hemanta Swain is the VP & Chief Information Security Officer at TiVo Corp, headquartered in San Jose, California. TiVo is a global leader in entertainment technology and creator of Digital Video Recorder, and holds 6,000+ patents worldwide. Hemanta leads a global team of security professionals to manage cybersecurity, regulatory compliance, privacy and risk management initiatives across the company. Hemanta has more than 22 years of IT experience including greater than 15 years of cybersecurity and risk management expertise. Hemanta has held multiple roles at TiVo. Prior to joining TiVo, Hemanta held various security technical leadership roles for companies like GE and Wipro. Hemanta has been a Qualys customer for more than a decade. Hemanta holds multiple Industry standard technology certifications including Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP).
Kumar Ravi brings over 18 years of diversified experience in management, consulting, and implementation in the areas of information security and cybersecurity, data privacy, risk and compliance management, project management, security architecture, and disaster recovery solution design. He is with EXL Service as vice president of Information Security and is responsible for leading EXL's global information security, cybersecurity and data privacy programs. Kumar has a a diploma in Business Management from AIM, Phillipines. He is a certified CISSP, CISA, CISM, CRISC, CEH, DCPLA, ISO 27001LA, CCNP, CCNA and MCSE.
Vinny Hoxha is the Director of the GM Cyber Defense function which is responsible for protecting against threats and vulnerabilities, detecting, analyzing, and containing attacks on GM’s digital information and infrastructure. Since joining the GM security team in 2012, Vinny has been instrumental in establishing several key GM cybersecurity capabilities including the implementation of the first industrial cybersecurity program, implementation of the global application security program, and red team capabilities to continuously assess prevent, detect, and respond capabilities. Vinny holds a Bachelor of Science degree in Computer Information Systems and a Master of Science in Business Information Technology with a concentration in Information Assurance.
Wilson Lee leads the GM Global Vulnerability Management program, responsible for the timely detection, analysis, and remediation of vulnerabilities across GM’s information technology systems. Wilson has been responsible for implementing GM’s vulnerability management system which automates risk prioritization, governance and vulnerability assessments. Wilson holds a Bachelor of Science degree in Computer Information Systems and a Master of Science in Information Assurance.