Qualys Security Conference

Qualys Security Conference

Qualys Security Conference

Get More Security

Join us in person to gain new insights and best practices for measuring, managing, and eliminating cyber risk from endpoints to the data center to the cloud. Hear from industry experts, learn strategies and tactics to secure your organization, and network with your peers and other Qualys experts to accelerate your career.

Keynote Speakers

Sumedh Thakar
President and CEO, Qualys

Rachel Wilson
Managing Director, Morgan Stanley

Frank Dickson
Group Vice President, Security & Trust, IDC

Troy Leach
Chief Strategy Officer, Cloud Security Alliance

Agenda

Kick off QSC Americas on Tuesday, November 7, at 7:30 PM with a reception featuring Indiana Jones. Experience adrenaline-pumping stunts and thrills as Indy narrowly escapes deadly traps and leaps from tall buildings that will take you to the edge of your seat. But the fun doesn't stop there! After the show, you’ll indulge in an epic feast not to be missed. It’s sure to be an exciting evening of fun, adventure, and the perfect way to kick off QSC Americas with security practitioners from all over! Plus, you can meet old friends, make new ones, enjoy cocktails, and connect with Qualys experts and peers.

Indiana Jones

Reception Open to All QSC Attendees (Conference badge required)

7:30 – 9:00 AM Registration & Breakfast
9:00 – 9:10 AM Welcome
9:10 – 10:00 AM The New Cyber Threat Landscape
Rachel Wilson, Managing Director, Morgan Stanley
Watch the presentation

10:00 – 10:45 AM Cybersecurity at a Crossroads: New Approach to Managing Business Risk
Sumedh Thakar, President and CEO, Qualys

Sumedh Thakar’s bio

Watch the presentation
10:45 – 11:00 AM Break
11:00 – 11:45 AM Measure, Communicate and Eliminate Your Cyber Risk with Qualys Platform
Shailesh Athalye, Senior VP Product Management, Qualys

Shailesh Athalye’s bio
Join us for a thought-provoking session that delves into how the Qualys Enterprise TruRisk Platform acts as a game-changer to measure, communicate, and eliminate cyber risk. Learn how cybersecurity, risk, and IT teams can contextualize risk factors across the attack surfaces with threat and business context, effectively communicate the impactful data to the right stakeholders, reduce the time and effort, and eliminate the cyber risk using an approach beyond patching while balancing the business impact.

Watch the presentation
11:45 – 12:05 AM Risk and the Changing Role of the CISO: KRIs vs. KPIs
Mike Orosz, VP, Information and Product Security, Vertiv

Mike Orosz’s bio
In today's digital age, the significance of risk management has soared, especially with the growing influence of software in various business sectors. Cyber risk, once confined to the realm of CISOs and cybersecurity teams, has now become a pervasive concern. Today, the accountability for mitigating cyber risk extends to CTOs, CEOs, and even Boards of Directors. Consequently, the role of the CISO has evolved from merely assessing cyber risk to actively eliminating and communicating it.

Watch the presentation
12:05 – 12:40 PM A Risk-Based Defense of the Threat Landscape With Qualys VMDR
Mehul Revankar, VP, Product Management & Engineering, VMDR, Qualys
Raphael Ferreira, Corporate Security, Governance, Banco Pan

Mehul Revankar’s bio
Enterprise risks now pose a triple threat: an exponentially growing attack surface; more sophisticated threats; and faster weaponization of vulnerabilities. You must reduce these risks quickly, but how? It seems like a never-ending battle. But this challenge can be won by programmatically finding and fixing the risks that matter most. ASAP, of course!

The attack surface is expanding exponentially, threats are becoming more sophisticated, and vulnerabilities are getting weaponized faster than ever before. Reducing this risk can seem like a never-ending battle, but it is possible if organizations can focus on what matters, identify risks and mitigate them quickly.

This presentation delves into the latest threat landscape and discuss the need to prioritize vulnerabilities with a focus on risk reductions and need for automation for better outcomes.

Watch the presentation
12:40 – 1:45 PM Lunch & Q&A Bar
1:45 – 2:20 PM Attack Surface Management (ASM) from Attacker's and Defender's View, Unified, with Qualys CyberSecurity Asset Management (CSAM)
Kunal Modasiya, VP, Product Management, Attack Surface Management and AppSec, Qualys
Beatrice Sirchis, VP, Application Security Manager, IDBNY

Kunal Modasiya’s bio

Watch the presentation
2:20 – 3:00 PM Strengthening the Cloud Security: Strategies for Comprehensive Risk Management
Parag Bajaria, VP Product Management, Qualys
Terry Barber, Manager, Security Operations, American Express Global Business Travel

Parag Bajaria’s bio
Terry Barber’s bio

Watch the presentation
3:05 – 3:30 PM Detecting and Fixing Risks in Your Supply Chain and in Custom Applications
Eran Liven, Sr. Director, Product Management, Qualys
Corey Amsler, Director Cybersecurity, General Electric

Eran Liven’s bio

Recent significant breaches came from risks where you'd least expect them: First-party custom applications and vulnerabilities in the supply chain. Many of these were victims of vulnerabilities in open-source libraries baked into vital custom business applications. This code is everywhere, yet security teams are often blind to these risks simply because they are not detected with legacy tools.

Watch the presentation
3:30 – 3:45 PM Break
3:45 – 4:30 PM Journey From Siloed Security Data to Enterprise TruRisk Management
Shailesh Athalye, Senior VP Product Management, Qualys
Raphael Ferreira, Cybersecurity Technology Leader, Banco Pan

Shailesh Athalye’s bio

As cyber threats continue to escalate, the typical response is often to acquire additional tools for protection. However, the proliferation of these tools can make managing cyber risk increasingly challenging rather than simplifying the task. With siloed tools and conflicting priorities, effective cyber risk management is more difficult than ever.

Watch the presentation
4:30 – 5:30 PM Remediation Beyond Patching: Alternative Mitigation Paths for Reducing Operational Risk
Eran Livne, Sr. Director, Product Management, Qualys
Jeff Huffman, Sr. Director of IT Security and Administration, New Orleans Saints

Eran Livne’s bio
Panel
Haydur Agha,VP, Cyber Security, Sony Music Global InfoSec
Nick Shimmen, Technical Consultant, ABF

Explore the New Orleans Saints' successful deployment of Qualys Patch Management, featuring cutting-edge automation and zero-touch patching. Delve deeper into upcoming innovations that empower you to address critical vulnerabilities in scenarios where traditional patch deployment is infeasible for essential assets or when patches are not yet available. Additionally, learn about alternative mitigation strategies that provide effective risk reduction without relying solely on patching.

Watch the presentation
5:30 – 5:45 PM Unlocking the Power of AI & ML To Defend, Prioritize & Reduce Your Cybersecurity Risk
Mehul Revankar, VP, Product Management & Engineering, VMDR, Qualys
Dilip Bachwani, CTO and SVP, Qualys Cloud Platform, Qualys
Watch the presentation

Partner Pavilion

Visit our valued partners during QSC. Learn more by clicking on their logo.

Conference Highlights

Explore and secure the digital journey.

Dive into the profound impact of the digital journey and explore how to build in security automation from the data center to the cloud. Industry experts and Qualys leaders discuss automation strategies, preview product roadmaps, listen to your challenges, and answer your questions.

Get inspired.

Engage with Qualys’ customer-facing teams and your peers around best practices and user case studies for applying security automation to real-world challenges.

Sharpen your expertise.

Two days of free training covers forward-looking strategies, best practices to improve effectiveness and productivity, and core and expanded product features to up-level your security program. Get valuable ISC2 CPE credits.

Who Should Attend

CIOs, CSOs and CTOs; directors and managers of network, security and cloud; developers and DevSecOps practitioners; Qualys partners and consultants; or any forward-thinking security professionals.

Disney Swan & Dolphin Resort
Orlando, USA

Qualys Security Conference will be held at the The Disney Swan & Dolphin Resort Orlando.

1500 Epcot Resorts Blvd, Lake Buena Vista,
Orlando, USA
T: +1 407-934-4000
Disney Swan & Dolphin Resort - Orlando | USA

Accommodations at the Swan & Dolphin Resort is SOLD OUT. Email qsc@qualys.com for more information.

Nearby Hotels

We recommend the following alternative hotels:


Conference Pricing

Attendance at QSC is complimentary. This includes access to all general sessions, breakfast, lunch and breaks.

Travel and hotel accommodations are not included with QSC or pre-conference training.

Disney Swan & Dolphin Resort

FAQs

Qualys is committed to providing a safe and healthy experience for all QSC participants.

As part of our efforts to make QSC Americas a successful and productive event, Qualys is committed to providing a safe, professional and welcoming environment for all participants. To that end, we require everyone to follow our Code of Conduct.

Code of Conduct

If you have any questions, please read our FAQs. If you still have questions, please call us at +1 (650) 801 6100 or email us at qsc@qualys.com

Frequently Asked Questions

Pinkesh Shah

Pinkesh Shah

Chief Product Officer, Qualys

As Chief Product Officer of Qualys, Pinkesh has global responsibility for all Product Management, Product & UX Design, Product Marketing, Demand Generation, Branding, Analyst Relations, and other Marketing functions. An entrepreneurial product leader, Pinkesh brings more than 18 years of experience in building and launching category-defining technology products designed to deliver delight. Pinkesh has deep cybersecurity expertise and has led product, engineering, and marketing teams at companies including McAfee, BeyondTrust, Exabeam, netIQ, IBM, among others.

Pinkesh is a Professor of Practice at the Institute of Product Leadership and other leading Business schools, where he mentors and coaches at the Executive Education programs on Product Strategy & Digital Marketing. He has received his master’s in Computer Science with a cybersecurity specialization from Purdue University.

Himanshu Kathpal

Himanshu Kathpal

Sr. Director, Product Management, Platform, Qulays

Himanshu Kathpal is senior director of Product Management at Qualys. He has over 13 years of experience in cybersecurity and product management, with a specialization in vulnerability management, remediation, and next-generation endpoint security. Himanshu is passionate about developing security solutions that align with the company’s cybersecurity product strategy to meet customer needs, reduce the attack surface, and strengthen the organization’s security posture. He holds a master’s degree in engineering from D.Y.Patil University, Pune, as well as an MBA in International Business Management from NMIMS, Mumbai.

Nayeem Islam

Nayeem Islam

Vice President, Product Management, Qualys

Nayeem Islam is the Vice President of Product Management at Qualys for the TotalCloud initiative. Prior to joining he was founder and CEO of Blue Hexagon, a cloud security company that pioneered the use of AI to detect cloud threats. Blue Hexagon is now part of Qualys.

Utpal Desai

Utpal Desai

Senior Director of Product Management, Qualys

Utpal “U.J” Desai, is Senior Director of Product Management at Qualys. He is responsible for developing the vision and roadmap for Endpoint Security products at Qualys. U.J. has more than 20 years of experience in the cyber security space, specializing in endpoint security. He is passionate about building products that change the way people do things, making life easier and more efficient. Prior to joining Qualys, he held product management positions at Symantec, Bitdefender and McAfee. Mr. Desai earned a master’s degree in computer science from West Illinois University, and attended executive education courses at University of California Berkeley, Haas School of Business.

Pablo Quiroga

Pablo Quiroga

Senior Director, Product Management, CSAM & EASM, Qualys

Pablo Quiroga is a Director of Product Management at Qualys, where he is in charge of the product definition, roadmap and strategy for the IT asset visibility & management initiatives. With over 10 years of experience in Enterprise Software and the IT industry, Pablo has helped numerous customers gain significantly better visibility to support data-powered decision that often led to multi-million-dollar savings and risk avoidance.

Sumedh Thakar

Sumedh Thakar

President and CEO, Qualys

As President and CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. From 2014 to 2021, he served as Qualys’ Chief Product Officer, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.

Sumedh is a long-time proponent of SaaS and cloud computing. He previously worked at Intacct, a cloud-based financial and accounting software provider. He also worked at Northwest Airlines developing complex algorithms for its yield and revenue management reservation system. Sumedh has a bachelor’s degree in computer engineering with distinction from the University of Pune.

Karun Malik

Karun Malik

VP, Strategic Alliances and Channel Development, Qualys

Karun leads Qualys’ worldwide strategic alliances and channel partnerships with MSSP’s, VAS partners, consultants and resellers. A computer engineer with a passion for cybersecurity, he has been at Qualys since 2013, supporting and helping grow its business with channel partners globally. Today, Qualys powers security and compliance solutions for the majority of MSSP’s in Gartner’s Magic Quadrant for Managed Security Services.

He has been a cybersecurity and cloud advocate since his early days at HCL Technologies, one of the large global systems integrators, where he ultimately led cybersecurity pre-sales and business development for North America . Karun’s experience includes advising CIO’s and CISO’s of large fortune 500 organizations on adapting cybersecurity programs for the digital and hyperconnected age. He has a bachelor’s degree in computer engineering from the University of Pune and a post-graduate Management degree in Business Administration (M.B.A.) from Amity University, India.

Shailesh Athalye

Shailesh Athalye

Senior Vice President, Product Management, Qualys Inc.

As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.

Mike Orosz

Mike Orosz

Global Chief Information and Product Security Officer, Vertiv

Mike Orosz is Global Chief Information and Product Security Officer at Vertiv accountable for all aspects of global information and product security. He was previously Sr. Director Global Cyber and Physical Security at Citrix and Global compliance Officer for Citi. Mike also served in the US Army focusing on Intelligence, Security and Analytics. He holds a master’s degree in information sciences, cybersecurity from PennState University.

Parag Bajaria

Parag Bajaria

Vice President, Cloud & Container Security Solutions, Qualys

Parag Bajaria is vice president of cloud and container security solutions at Qualys, focused on building and evangelizing cloud and container products and solutions. He has spent the last decade working in cloud security building products in various domains including data security, cloud posture management, identity security, and workload security. Previously, Parag was head of Product Management at CloudKnox, a cloud infrastructure entitlements management (CIEM) company. Parag has held product leadership roles at HyTrust, Yahoo, and Juniper Networks. Parag has an MBA from Cornell University and a master’s in electrical engineering from the University of Maine.

Himanshu Verma

Himanshu Verma

Worldwide Security Specialist Leader, AWS Security Services

Himanshu is a Worldwide Security Specialist Leader for AWS Security Services. In this role, he leads the go-to-market creation and execution for AWS Security Services, field enablement, and strategic customer advisement. Prior to AWS, he held several leadership roles in Product Management, engineering and development, working on various identity, information security and data protection technologies.

Mehul Revankar

Mehul Revankar

Vice President, Product Management and Engineering, Qualys

Mehul Revankar is a cybersecurity professional with more than 15 years of experience in Vulnerability Management, Policy Compliance and Security Operations. He leads Product Management and Vulnerability Research at Qualys for VMDR. Before joining Qualys, Mehul led the development of vulnerability and patch management products at SaltStack, and prior to that he led multiple research teams at Tenable. Mehul has a bachelor’s degree in electronics from the University of Mumbai and a master’s degree in computer engineering from George Mason University.

John Delaroderie

John Delaroderie

Director, Product Management, Web App Security, Qualys

John Delaroderie is Director of Product Management for Web Application Security. He joined Qualys in 2018 and has spent the past decade working for various government agencies and private organizations in cybersecurity, incident response, digital forensics, and systems integrations. John holds a bachelor’s degree in political science from the U.S. Naval Academy and a master’s degree in computer science from the Naval Postgraduate School.

Steve Lodin

Steve Lodin

Vice President, Information Security, Sallie Mae

Steve Lodin is vice president of Corporate Security at Sallie Mae. He has thirty-two years of experience implementing defense-in-depth strategies focused on Security, Risk, Compliance, and Governance. He leads teams that protect corporate systems and customer-sensitive data in the cloud. Steve holds a master’s degree in computer science from Purdue University where he was a member of the COAST/CERIAS program.

Lavish Jhamb

Lavish Jhamb

Sr. Product Manager, Compliance Solutions, Qualys

Lavish Jhamb is Solution Architect for Compliance Solutions at Qualys, focused on building security solutions such as ‘Custom Assessment and Response’ and ‘File Integrity Monitoring’ and helping customers assess and improve their security and compliance posture. He has over 7 years of experience working on security solutions, regulatory standards, and cyber security frameworks, with thorough understanding of operating systems. Lavish holds a bachelor’s degree in computer engineering from the Kurukshetra University Institute of Engineering and Technology and a Post Graduate Diploma in IT Infrastructure, Systems and Security from CDAC Pune.

Eran Livne

Eran Livne

Senior Director, Endpoint Remediation, Qualys

Eran Livne is Senior Director, Endpoint Remediation at Qualys, leading a team tasked with helping customers improve their security posture through cross-platform vulnerability remediation. He has more than 20-years of product management and computer science experience working in diverse IT and security markets. In 2014, Eran founded mobile security company, LetMobile, acquired by Ivanti. Following the acquisition, he drove Ivanti’s enterprise security and endpoint security and management solutions. Eran holds a bachelor’s degree in computer science from Tel Aviv University and an MBA in high-tech business administration from Technion - Israel Institute of Technology.

Kunal Modasiya

Kunal Modasiya

Vice President, Product Management, Attack Surface Management & AppSec, Qualys

Kunal is currently VP of Product Management for the CyberSecurity Asset Attack Surface Management (CAASM), Web App and API Security product line at Qualys HQ in Foster City, CA. He is Qualys boomerang. He worked at Qualys for 3 years and incubated the XDR product line from inception. Kunal has spent 15+ years working at startups, and big and mid-size companies in cybersecurity, networking, and application security in both product and engineering roles at Juniper Networks, Extreme Networks, Sun Microsystems and Infinera. Prior to re-joining Qualys, Kunal was heading products at Israeli startup in API security and bot management AppSec space.

Dilip Bachwani

Dilip Bachwani

CTO and SVP, Qualys Cloud Platform, Qualys

As the Chief Technology Officer and Senior Vice President of the Qualys Cloud Platform, Dilip is responsible for leading global product development, data and platform engineering, DevOps, site reliability engineering, cloud operations and customer support across Qualys’ broad security product portfolio. Dilip joined Qualys in 2016 to drive Qualys’ own internal digital transformation efforts and has been instrumental in helping scale the technology and organization in support of the company’s accelerated product growth and transformation into a unified security platform.

Prior to joining Qualys, Dilip served in multiple engineering leadership roles at various mid-sized and large organizations to build and deliver complex, scalable, distributed enterprise SaaS products and big data cloud platforms. Dilip has a bachelor’s degree in electronics engineering from the University of Mumbai and a master’s degree in computer science from Ball State University.

Jonathan Trull

Jonathan Trull

CISO & SVP Security Solution Architecture, Qualys

Jonathan Trull is a longtime security practitioner and CISO & SVP Security Solution Architecture with over 18 years of experience in the cybersecurity industry and is currently the Senior Vice President of Customer Solutions Architecture and Engineering at Qualys. His career has spanned operational CISO and infosec roles with the State of Colorado, Qualys, Optiv, and Microsoft. While at Microsoft, Jonathan led the Microsoft Detection and Response Team (DART) whose mission was to respond to cyber security incidents around the globe ranging from cyber espionage initiated by nation-state actors to ransomware attacks and included the investigation of and response to the NOBELIUM threat actor campaign which leveraged the SolarWinds supply chain. Jonathan also serves as an advisor to several security startups and venture capital firms and supports the broader security community through his work with the Cloud Security Alliance, Center for Internet Security, and IANS. He is also an adjunct faculty member at Carnegie Mellon University where he mentors and coaches those attending the CISO Executive Education Program. Jonathan is a frequent speaker at industry conferences such as BlackHat, RSA, and SANS and holds several industry certifications including the CISSP, OSCP, CCSP, and GCFA. Jonathan is a veteran of the U.S. Navy finishing his career as a Lieutenant Commander supporting the Information Warfare Domain.

Terry Barber

Terry Barber

Information Security Manager - Security Analytics, American Express Global Business Travel

Terry hails from Santa Cruz California originally and began his career in Information Technology at Mighty Net, Inc. (founding company for Creditreport.com) as CTO – Director of Systems and Security while attending California State University Northridge. There he was responsible for all Infrastructure, networking, and security. In 2007, Terry took a Director of IT position at Protocol and left the company as Director of US IT Operations when they were acquired by Expert Global Solutions.

At EGS he ventured back into Information Security role full-time and worked alongside his CISO as the two man team responsible for achieving PCI compliance across the Enterprise. In 2015 he transitioned to American Express Global Business Travel as an Information Security Manager. Today his responsibilities include Cyber Security Metrics, Managing the Vulnerability management platforms including Qualys and several other Information Security platforms at GBT.

Sean Sweeney

Sean Sweeney

CISO, Oracle

Sean Sweeney leads the Field CISO & Security Advisor team for Oracle Cloud Infrastructure Engineering. He and his team focus on advising customer CISOs on security and compliance issues related to cloud, creation of secure design patterns, as well as providing strategic direction on Oracle security products, services, and partnerships. Sean joined Oracle from Microsoft where he was the Global Chief Security Advisor, and has served as CISO, CIO, and CTO within higher education, the US Federal government, the legal industry, and the energy sector. He is also an Affiliate Practice Scholar in the University of Pittsburgh’s Cyber Institute of Policy, Law, and Security.

Frank Dickson

Frank Dickson

Group Vice President, Security & Trust Research, IDC

Frank Dickson is the Group Vice President for IDC’s Security & Trust research practice. In this role, he leads the team that delivers compelling research in the areas of Security Services; Information and Data Security; Endpoint Security; Trust; Governance, Risk & Compliance; Identity & Digital Trust; IoT Security; Network Security; Privacy & Legal Tech; Security Analytics; Video Surveillance; and, New for 2022, Application Security & Fraud. Topically, he provides thought leadership and guidance for clients on a wide range of security topics including ransomware and emerging products designed to protect transforming architectures and business models.

BACKGROUND

Mr. Dickson joined IDC with 20 years of industry analyst experience examining a number of interrelated content domains including security, mobile, wireless, telecom, multimedia, computing, and semiconductors. Prior to joining IDC, Mr. Dickson served as a Research Director, managing cybersecurity research, including outsourced security services (e.g., managed, and professional security services). Mr. Dickson has also pioneered innovative research for a number of market intelligence firms serving as Vice President of Research, Mobile & Wireless with In-Stat (The NPD Group), founding MultiMedia Intelligence as Chief Research Officer, launching iSuppli’s TMT research practice, and managing Cahners In-Stat Group’s largest research practice (Multimedia) as Vice President of Research.

EDUCATION/INDUSTRY ACCOMPLISHMENTS