About

About

Antonio Anderson is a seasoned technology executive with over two decades of experience driving enterprise-wide IT and cybersecurity strategies. As a strategic VP, Information Security & IT, he has successfully led digital transformation initiatives, accelerated cloud adoption, and integrated AI/ML solutions to deliver measurable business outcomes. Antonioholds advanced degrees in Law and Computer Science, and is a trusted advisor in aligning technology investments with business goals while ensuring strong governance and regulatory compliance. His leadership has enabled organizations to achieve operational efficiency, reduce cyber risk, and unlock new revenue streams through security assurance.
A recognized expert in cybersecurity, risk management, and data privacy, Antonio holds the CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), and CDPSE (Certified Data Privacy Solutions Engineer) certifications. His expertise spans SOX, HIPAA, GDPR, PCI-DSS, and NIST frameworks, making him a sought-after thought leader for organizations navigating complex compliance landscapes. Known for building high-performance teams and fostering cultures of innovation and accountability, Antonio brings both strategic vision and hands-on expertise to every engagement.

About

Terry hails from Santa Cruz California originally and began his career in Information Technology at Mighty Net, Inc. (founding company for Creditreport.com) as CTO – Director of Systems and Security while attending California State University Northridge. There he was responsible for all Infrastructure, networking, and security. In 2007, Terry took a Director of IT position at Protocol and left the company as Director of US IT Operations when they were acquired by Expert Global Solutions.
At EGS he ventured back into Information Security role full-time and worked alongside his CISO as the two man team responsible for achieving PCI compliance across the Enterprise. In 2015 he transitioned to American Express Global Business Travel as an Information Security Manager. Today his responsibilities include Cyber Security Metrics, Managing the Vulnerability management platforms including Qualys and several other Information Security platforms at GBT.

About

With nearly 20 years of executive experience running enterprise software companies, Tom Berquist announced his retirement in September 2025 as CFO of Cloud Software Group, an entity resulting from the merger of Citrix Systems and TIBCO Software in September 2022. Before the merger, Tom served as CFO of TIBCO Software for seven years. Tom’s professional journey includes serving as the CFO of Alludo (formerly Corel) and Actian (formerly Ingres), as well as being the CEO of Saba Software (acquired by Cornerstone OnDemand) and Alludo.
Tom spent a decade on Wall Street, acting as a managing director of Software Equity Research at various institutions such as Citigroup (formerly Salomon Smith Barney), Goldman Sachs, and Piper Sandler. His purview encompassed major enterprise software companies like Microsoft and Oracle, rapidly expanding cloud software entities like Salesforce and Concur, and security software companies like Symantec, McAfee, and Checkpoint Software. Tom spent the early part of his career at Deloitte Consulting as a management consultant developing software strategy plans for Fortune 500 customers including Honeywell, Liberty Mutual, and US Bancorp. Before Deloitte Consulting, Tom developed enterprise software for Wells Fargo and Fortis. Tom has previously served on the board of directors of Alludo, Saba Software, and Serus Corporation (acquired by E2open). Tom holds a BA in accounting and an MBA in management and marketing from the University of St. Thomas, Saint Paul, Minnesota.

About

About

Brendan Hall is a Senior Vice President and one of the leaders of the cyber insurance and consulting practice at Alliant Insurance Services. In his role, Brendan focuses on business development, strategy and execution for the cyber vertical, which includes counseling clients on their insurability and designing advisory solutions to improve cyber resilience.Brendan also works closely with private equity clients helping them deploy tailored cross-portfolio cyber risk mitigation solutions, as well as transactional cyber diligence.
Prior to his current position, Brendan was a Senior Vice President at Stroz Friedberg, an Aon Company where he was a leading producer for the firm’s cyber security practice which provided data breach incident response services, security advisory, technical testing, threat intelligence, investigations and cyber insurance to their clients.
Brendan regularly contributes to trade publications and is often invited to lend his expertise on industry panel discussions and podcasts. Brendan received his Bachelor of Arts in Economics from Hobart College where he also played four years of collegiate basketball.
He is an avid triathlete and distance runner having completed two Ironman triathlons and five marathons. Brendan resides in Long Island City, NY with his wife and two daughters.

About

Douglas Hubbard is the inventor of the Applied Information Economics (AIE) method and founder of Hubbard Decision Research (HDR). He is the author of How to Measure Anything: Finding the Value of Intangibles in Business, The Failure of Risk Management: Why It’s Broken and How to Fix It, Pulse: The New Science of Harnessing Internet Buzz to Track Threats and Opportunities, How to Measure Anything in Cybersecurity Risk, 2e, and his latest book How to Measure Anything in Project Management. He has sold over 200,000 copies of his books in eight different languages. Three of his books have been required reading for the Society of Actuaries exam prep. In addition to his books, Mr. Hubbard has been published in several periodicals including Nature, The IBM Journal of Research and Development, OR/MS Today, Analytics, CIO, Information Week, and Architecture Boston.
Mr. Hubbard’s career has focused on the application of AIE to solve current business issues facing today’s corporations. Mr. Hubbardhas completed over 200 risk/return analyses of large, critical projects, investments and other management decisions in the last 25 years. AIE is the practical application of several fields of quantitative analysis including Bayesian analysis, Monte Carlo simulations, and many others. Mr. Hubbard’s consulting experience totals over 36 years and spans many industries including insurance, financial services, pharmaceutical, healthcare, utilities, energy, federal and state government, entertainment media, military logistics, and manufacturing. His AIE methodology, has received critical praise from The Gartner Group, The Giga Information Group, and Forrester Research. He is a popular speaker at valuation, risk, metrics and decision analysis conferences all over the world.

About

About

Tony Martin-Vegue is a cybersecurity and technology risk expert with over 25 years of experience helping Fortune 500 companies and high-growth organizations build and scale quantitative risk programs. A hands-on practitioner as well as a leader, Tony has performed more than a thousand quantitative risk assessments across cyber, fraud, operations, and enterprise domains.
He is the author of the upcoming book From Heatmaps to Histograms: A Practical Guide to Cyber Risk Quantification (Apress, 2026) and writes the newsletter Heatmaps to Histograms: Field Notes, where he shares practical, creative approaches to risk and decision-making. Tony is a frequent speaker at FAIRcon, SIRAcon, RSA, Security BSides, and ISACA events, and has been published in outlets including the ISACA Journal and Risk.net.
Tony advises companies on starting or improving their cyber risk quantification programs, helping leaders choose the right CRQ platform, avoid common pitfalls, and translate analysis into decisions that matter. He is known for making complex concepts accessible, blending deep technical knowledge with relatable storytelling and a people-first approach.
Based on an island in the San Francisco Bay, Tony enjoys time with his family, travel, cooking (especially bread and Mexican food), and open-water swimming, including ten swims from Alcatraz to San Francisco.

About

About

About

Charity Otwell is the Director of the CIS Critical Security Controls for CIS. She has nearly 20 years of experience in the financial services industry and has built and led various programs such as Business Continuity, Disaster Recovery, Technology Governance, and Enterprise Architecture in a highly regulated environment. Before coming to CIS, Otwell was a GRC champion and practitioner with a focus on risk assessment, process optimization, process engineering, and best practice adoption for a top-50 bank within the United States. She also helped manage the relationship with federal regulators and the management of federal regulatory exams. She completed undergraduate and graduate studies in Birmingham, Alabama, and holds multiple industry certifications.

About

For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many. Jim is helping shape the future of information security and related technology industries as co-founder, CEO and driving force of the Cloud Security Alliance. Jim has been named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com.
Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, governments, large enterprises and other organizations on the implications of new trends such as Cloud, Mobility, Internet of Things and how to take advantage of them. Jim founded SecurityPortal, the Internet’s largest website devoted to information security in 1998, and guided it until a successful exit in 2000. Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration. Jim received a B.A. in Business Administration / Computer Science from Western Washington University in 1987 and formerly served on WWU’s alumni board. Jim was recognized as a WWU Distinguished Alumnus in 2015. In 2016, Jim was inducted into the Information Systems Security Association (ISSA) Hall of Fame.

About

About

About

About

About

About

About

About

Christy Sluder is a Manager of Vulnerability Management at HCA Healthcare with over 25 years of experience in both hospital settings and the corporate healthcare industry. She has led transformative collaboration initiatives across technical silos and divisions at a Fortune 100 company, pioneering programs that drive innovation and strengthen enterprise-wide security posture. With deep expertise in every phase of the vulnerability management lifecycle, Christy has successfully guided multiple teams through complex security challenges with precision and purpose. She earned her Bachelor of Applied Science in Computer Science from Western Governors University and remains a passionate advocate for continuous learning and cross-functional teamwork. Outside of work, Christy enjoys camping, hiking, and getting lost in a good book. She's also an avid board game enthusiast—especially when it comes to Trivial Pursuit—and loves attending concerts across all genres of music.

About

About

Mark Verbeck is a seasoned Chief Financial Officer and strategic advisor with over 20 years of experience scaling high-growth technology companies. He has served as CFO for Blade Network Technologies, Coupa Software, Saba, and Cyara, where he led financial strategy, operational transformation, and successful exits to both private equity and corporate acquirers.
In his leadership roles, Mark has consistently emphasized the importance of robust cybersecurity practices—not only to mitigate risk, but also to enhance enterprise value and acquisition readiness. His experience spans IPO preparation, M&A execution, and building finance teams that deliver actionable insights.
Mark holds a business degree from the University of St. Thomas and is a graduate of the Stanford Executive Program at the Stanford Graduate School of Business.

About

About

About

As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.

About

As the Chief Technology Officer and Senior Vice President of the Qualys Cloud Platform, Dilip is responsible for leading global product development, data and platform engineering, DevOps, site reliability engineering, cloud operations and customer support across Qualys’ broad security product portfolio. Dilip joined Qualys in 2016 to drive Qualys’ own internal digital transformation efforts and has been instrumental in helping scale the technology and organization in support of the company’s accelerated product growth and transformation into a unified security platform.
Prior to joining Qualys, Dilip served in multiple engineering leadership roles at various mid-sized and large organizations to build and deliver complex, scalable, distributed enterprise SaaS products and big data cloud platforms. Dilip has a bachelor’s degree in electronics engineering from the University of Mumbai and a master’s degree in computer science from Ball State University.

About

About

About

About

Shrikant Dhanawade is Director of Product Management, responsible for Cloud Security products in Qualys. He has more than a decade working experience in Cloud Automation, Cloud Security, DevSecOps with a demonstrated history of working in the Cybersecurity Products and information technology industry.
Previously, Shrikant worked for various Cloud Security initiatives with Xoriant and Accenture. Shrikant holds a Bachelor of Engineering Degree in Computers from Mumbai University and Executive Program in Global Business Management from IIM Calcutta.

About

About

Lavish Jhamb is Sr. Product Manager, Compliance solutions at Qualys, focused on building security solutions such as ‘Custom Assessment and Response’ and ‘File Integrity Monitoring’ and helping customers assess and improve their security and compliance posture. He has over 7 years of experience working on security solutions, regulatory standards, and cyber security frameworks, with thorough understanding of operating systems. Lavish holds a bachelor’s degree in computer engineering from the Kurukshetra University Institute of Engineering and Technology and a Post Graduate Diploma in IT Infrastructure, Systems and Security from CDAC Pune.

About

I am the Sr Product Manager for Compliance Solutions here at Qualys. I have been with Qualys for over 7 years working in engineering and product role. As a product manager for Qualys, my primary focus is on helping organizations meet there security and compliance needs leveraging Qualys Policy compliance and cloud platform.

About

Himanshu Kathpal is VP, Product Management, Platform and Technologies at Qualys. He has over 13 years of experience in cybersecurity and product management, with a specialization in vulnerability management, remediation, and next-generation endpoint security. Himanshu is passionate about developing security solutions that align with the company’s cybersecurity product strategy to meet customer needs, reduce the attack surface, and strengthen the organization’s security posture. He holds a master’s degree in engineering from D.Y.Patil University, Pune, as well as an MBA in International Business Management from NMIMS, Mumbai.

About

Alex Kreilein is Vice President of Product Security at Qualys. He leads efforts to deliver secure, resilient, and trustworthy products by focusing on portfolio risk management, vulnerability management, automation, and developer enablement. Previously, Alex led security, reliability, and performance programs for mission-critical workloads at Microsoft Azure. Alex has been the CISO of a cloud-native critical infrastructure company, a leader with the Department of Homeland Security, and a multi-time entrepreneur. He holds graduate degrees from CU Boulder and the U.S. Naval War College.

About

About

Eran Livne is Senior Director, Endpoint Remediation at Qualys, leading a team tasked with helping customers improve their security posture through cross-platform vulnerability remediation. He has more than 20-years of product management and computer science experience working in diverse IT and security markets. In 2014, Eran founded mobile security company, LetMobile, acquired by Ivanti. Following the acquisition, he drove Ivanti’s enterprise security and endpoint security and management solutions. Eran holds a bachelor’s degree in computer science from Tel Aviv University and an MBA in high-tech business administration from Technion - Israel Institute of Technology.

About

Karun leads Qualys’ worldwide strategic alliances and channel partnerships with MSSP’s, VAS partners, consultants and resellers. A computer engineer with a passion for cybersecurity, he has been at Qualys since 2013, supporting and helping grow its business with channel partners globally. Today, Qualys powers security and compliance solutions for the majority of MSSP’s in Gartner’s Magic Quadrant for Managed Security Services.
He has been a cybersecurity and cloud advocate since his early days at HCL Technologies, one of the large global systems integrators, where he ultimately led cybersecurity pre-sales and business development for North America . Karun’s experience includes advising CIO’s and CISO’s of large fortune 500 organizations on adapting cybersecurity programs for the digital and hyperconnected age. He has a bachelor’s degree in computer engineering from the University of Pune and a post-graduate Management degree in Business Administration (M.B.A.) from Amity University, India.

About

Abhinav Mishra is Product Management Director at Qualys, where he drives strategic initiatives to advance the company’s container security offerings. With a strong focus on risk-based operations and go-to-market alignment, he works across product, engineering, and field teams to deliver impactful security outcomes for global enterprises. He brings over a decade of experience spanning product leadership, software engineering, and GTM strategy. Prior to Qualys, Abhinav led container security at Uptycs, a CNAPP vendor, and spearheaded Kubernetes multi-tenancy and developer self-service initiatives at Rafay. He began his career at VMware, where he spent five years as a software engineer focused on cloud networking and security. Abhinav holds a bachelor’s degree in computer engineering from Columbia University and an MBA from the Kellogg School of Management

About

May Mitchell is the Chief Marketing Officer (CMO) at Qualys, where she spearheads global marketing strategy, drives business growth and pipeline contribution collaborating closely with Sales and Partners to implement scalable programs that accelerates customer acquisition, retention, and expansion. With a proven track record in aligning marketing initiatives to corporate objectives, May plays a pivotal role in strengthening Qualys’ market position as an industry leader in cybersecurity and risk management.
May brings over 25 years of experience in cybersecurity marketing, specializing in go-to-market strategies that deliver measurable impact. Her career includes 15 years in executive leadership, with three terms as CMO, at companies like HUMAN Security, Ontinue, iboss, Cylance, Symantec, Forcepoint, and McAfee, where she consistently drove innovation and growth. 
May has been honored as one of CRN’s Power 100 Women of the Channel for 13 consecutive years, named among the Top 50 Women in Cybersecurity by CyberScoop, and received the prestigious OnCon Top 50 Marketer Award for three consecutive years. 
She holds a bachelor’s degree in computer science from California State University and has completed engineering management programs at Santa Clara University.

About

Kunal is currently VP of Product Management for the CyberSecurity Asset Attack Surface Management (CAASM), Web App and API Security product line at Qualys HQ in Foster City, CA. He is Qualys boomerang. He worked at Qualys for 3 years and incubated the XDR product line from inception. Kunal has spent 15+ years working at startups, and big and mid-size companies in cybersecurity, networking, and application security in both product and engineering roles at Juniper Networks, Extreme Networks, Sun Microsystems and Infinera. Prior to re-joining Qualys, Kunal was heading products at Israeli startup in API security and bot management AppSec space.

About

About

Russ Sanderlin is a U.S. Marine Corps veteran and cybersecurity professional specializing in vulnerability management and risk reduction. As a Director and Subject Matter Expert for Qualys VMDR, he helps organizations strategically mature their vulnerability management programs, moving beyond traditional scanning to risk-based approaches. With a CISSP certification and consulting experience across finance, manufacturing, insurance, and travel, he brings cross-industry insights to help customers strengthen their cybersecurity programs.

About

About

Jonathan Trull is a longtime security practitioner and CISO & SVP Security Solution Architecture with over 18 years of experience in the cybersecurity industry and is currently the Senior Vice President of Customer Solutions Architecture and Engineering at Qualys. His career has spanned operational CISO and infosec roles with the State of Colorado, Qualys, Optiv, and Microsoft. While at Microsoft, Jonathan led the Microsoft Detection and Response Team (DART) whose mission was to respond to cyber security incidents around the globe ranging from cyber espionage initiated by nation-state actors to ransomware attacks and included the investigation of and response to the NOBELIUM threat actor campaign which leveraged the SolarWinds supply chain. Jonathan also serves as an advisor to several security startups and venture capital firms and supports the broader security community through his work with the Cloud Security Alliance, Center for Internet Security, and IANS. He is also an adjunct faculty member at Carnegie Mellon University where he mentors and coaches those attending the CISO Executive Education Program. Jonathan is a frequent speaker at industry conferences such as BlackHat, RSA, and SANS and holds several industry certifications including the CISSP, OSCP, CCSP, and GCFA. Jonathan is a veteran of the U.S. Navy finishing his career as a Lieutenant Commander supporting the Information Warfare Domain.

About

About

As President and CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. From 2014 to 2021, he served as Qualys’ Chief Product Officer, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.

About

Kip Boyle has 24 years of experience serving in cybersecurity and IT risk management roles for organizations in the insurance, financial services, technology, military, and logistics industries.
Over his entire career, Kip has helped executives change their cyber risks from business blockers to business enablers. As Chief Information Security Officer at PEMCO Insurance, he transformed a frustrating, cumbersome cybersecurity program into one that both protected customers’ information and enabled the business to grow at a faster pace. As Chief Security Officer of PEMCO Technologies, a debit and credit card transaction processor, and PEMCO Corporation, an IT services provider to financial institutions, Kip successfully led the companies through their first ever SAS70 type II certifications, removing a serious sales objection to the continued growth of those companies. At Expeditors International, he led a cross-functional IT governance team that significantly reduced the number of critical events and failures created by much-needed system and technology changes. While at Stanford Research Institute (SRI) Consulting, Kip led a team of six in a comprehensive security review and smartcard/encryption upgrade of the Windows-based FedLine, an instant-settlement funds transfer application for more than 12,000 U.S. financial institutions. For the USAF F-22 Advanced Tactical Fighter program, Kip successfully transformed the network security governance model from one of rigid centralized decision-making to one of delegated decision making by the prime contractors: Lockheed-Martin, Boeing, and Pratt & Whitney.
Kip earned a Masters of Science in Management from Troy State University. He earned a Bachelor of Science in Computer Information Systems from the University of Tampa. He has also received a graduate certificate in Executive Leadership from the Albers Business School at Seattle University.
Kip earned his Certified Information Systems Security Professional (CISSP) and Certified Information Systems Manager (CISM) credentials in 1997 and 2003, respectively. He has taught information security courses to hundreds of students all over the world.
Fire Doesn't Innovate.
Kip Boyle compares fire safety to cybersecurity, emphasizing that cyber threats constantly evolve unlike static risks. He argues organizations must abandon outdated approaches, manage cyber as dynamic risk, and embrace AI-powered resilience (being “hard to hack and fast to fix”) for proactive defense in today’s volatile digital landscape.

About

As the Chief Risk Technology Officer at Qualys, Richard helps customers and the broader security community measure, communicate, and eliminate risk. With over 10 years of experience as a CISO, he's led and supported security strategy, operations, and governance across critical infrastructure and cloud-native organizations. Richard has published two books, 'How To Measure Anything In Cybersecurity Risk' and 'The Metrics Manifesto: Confronting Security With Data.' Each provides practical and innovative approaches to quantifying and reducing security risk. His first book is the main curriculum at the US Dept of Defense (DoD) CISO program at Carnegie Mellon University and numerous other institutions of higher education.