Qualys at Infosecurity Europe 2019: Hear best practices from industry leaders
There will be no lack of interesting content from Qualys at Infosecurity Europe 2019 this year. Depending on you interests, you might want to make time for some of these talks and presentations. Visit Qualys at stand L100 to hear best practices presentations from industry leaders.
Tuesday, June 4
10:00 – 10:15 AM
Gain Unprecedented Visibility with Global IT Asset Inventory
Cyrus Tata, Technical Account Manager, Qualys
The digital transformation and the ever-evolving cybersecurity threat landscape introduce new technology at increasing variety, scale and speed. Simultaneously, teams are trying to manage resources under budget constraints and with siloed security solutions. Learn to tackle these challenges by delivering unprecedented visibility into all environments with one tool: Qualys Asset Inventory – a single and unified solution that enables better collaboration and strategic planning across IT and Infosec. See how Asset Inventory discovers assets across global hybrid infrastructure, normalizes and categorizes each hardware and software, and enriches with non-discoverable asset intelligence such as vendor lifecycle information.
11:00 – 11:15 AM
Supporting Security Challenges in Digital Transformation
Marco Rottigni, Chief Technical Officer, EMEA, Qualys
The most scalable way to prevent breaches of endpoints, servers, and cloud workloads is to reduce the attack surface of the asset itself. Operational vulnerability management, remediation prioritization, transparent patching, secure configuration assessment, real-time activity monitoring, and active threat hunting delivered by a unified security platform can significantly reduce the likelihood of breaches by focusing on reducing the attack surface of enterprise IT environments. In this session, learn how to identify, remediate, detect, and respond to common and targeted attacks that can evade traditional and next-gen prevention technologies.
12:00 – 12:15 PM
A 360-degree Approach to Securing Public Clouds
Hari Srinivasan, Director, Product Management, Qualys
Cloud is a core fabric of digital transformation, as users have a shared security responsibility with the cloud providers. This session will introduce the threats and solutions needed to secure cloud workloads and cloud infrastructure. Learn to gain visibility of your public clouds, secure workloads from both internal and perimeter vulnerabilities, and set up continuous security monitoring of cloud resources to avoid issues such as data leaks and cryptomining attacks through your cloud infrastructure.
1:00 – 1:15 PM
The Art of Vulnerability Management: from Running Scans to Managing Risk
Jimmy Graham, Sr. Director, Product Management, Qualys
To address the challenges of vulnerability detections increasing year over year, Qualys is introducing new ways to visualize vulnerability data, layering Real-time Threat Information on top of detected vulnerabilities to provide consistent and automated remediation prioritization. AssetView technology in Qualys Vulnerability Management allows users to instantly search across vulnerabilities and create dynamic widgets and dashboards within the VM module. See the new VM Dashboard and instant search capabilities, a demo of Qualys Threat Protection, as well as a sneak peek at our new Reporting Module that will unify reports across the Qualys Cloud Platform.
2:00 – 2:15 PM
Qualys Container Security – Visibility and Security for Containers from Build to Deployments
Hari Srinivasan, Director, Product Management, Qualys
Containers are the most sought after development tool for microservices. Their simplicity and portability allow DevOps to create true agile builds within development cycles. However, this new kind of environment brings a new set of security threats at every phase of this cycle – from unvalidated software entering the environment, to secrets being leaked, to runtime drifting and breaking immutable behaviors. This session outlines common security risks and practical use cases across every phase in order to help security teams better understand how to efficiently manage security at the speed and scale of DevOps.
3:00 – 3:15 PM
Cloud Migration and Vulnerability Management – How Qualys Supported Our Move
Robert Barrow, Security Officer, Secure Trading
Secure Trading used Qualys to ensure that the migration from a traditional on-premises server farm to an agile cloud solution was secure, and completed cost effectively. Hear how the team used Qualys before, during and after the transition.
3:20 – 3:45 PM
Security at the speed of DevOps – Building In, not Bolting On
Hari Srinivasan, Director, Product Management, Qualys
Location: Strategy Talks – Security embedded within DevOps reduces risk exposure up to 80%. Adopt security automation in the DevOps process, providing automation and actionable data to developers when and where needed. Use practices like AMI bakery, integrated deployment, and closed-loop automation from detection to remediate. Building security into the toolchain to deliver secure applications at the speed and scale of DevOps.
4:00 – 4:15 PM
Agile Harmonisation of IT Security & Compliance in Digital Transformation journeys
Marco Rottigni, Chief Technical Officer, EMEA, Qualys
Organisations undertaking digital transformation journeys are often facing challenges in structuring the processes efficiently to cope with dissolving barriers, ever changing IT landscape and a security posture that requires augmented capabilities. We’ll analyse in theory and practice how to evolve a traditional waterfall approach towards an agile one, to empower orchestration and communication among silos to achieve a single source of truth.
5:00 – 5:15 PM
Incorporate Visibility of Inaccessible or Sensitive Assets into Your Overall Vulnerability and Compliance Program
Valdas Bycenkovas, Technical Account Manager, Qualys
Organizations using programmable logic controllers (PLC) and other secretive or disconnected assets can be challenged to incorporate them into the scope of their overall cybersecurity and risk program. Such assets do not allow traditional remote or agent-based scanning and thus remain outside the scope of security assessments. Learn how Qualys Offline Device Assessment, an extension of the Qualys sensor family, enables these organizations to enhance overall risk analysis by extending their single-pane-view of security and compliance to these inaccessible or sensitive assets.
Wednesday, June 5
10:00 – 10:15 AM
Incorporate Visibility of Inaccessible or Sensitive Assets into Your Overall Vulnerability and Compliance Program
Valdas Bycenkovas, Technical Account Manager, Qualys
Organizations using programmable logic controllers (PLC) and other secretive or disconnected assets can be challenged to incorporate them into the scope of their overall cybersecurity and risk program. Such assets do not allow traditional remote or agent-based scanning and thus remain outside the scope of security assessments. Learn how Qualys Offline Device Assessment, an extension of the Qualys sensor family, enables these organizations to enhance overall risk analysis by extending their single-pane-view of security and compliance to these inaccessible or sensitive assets.
11:00 – 11:15 AM
The Art of Vulnerability Management: from Running Scans to Managing Risk
Jimmy Graham, Sr. Director, Product Management, Qualys
To address the challenges of vulnerability detections increasing year over year, Qualys is introducing new ways to visualize vulnerability data, layering Real-time Threat Information on top of detected vulnerabilities to provide consistent and automated remediation prioritization. AssetView technology in Qualys Vulnerability Management allows users to instantly search across vulnerabilities and create dynamic widgets and dashboards within the VM module. See the new VM Dashboard and instant search capabilities, a demo of Qualys Threat Protection, as well as a sneak peek at our new Reporting Module that will unify reports across the Qualys Cloud Platform.
1:00 – 1:15 PM
Gain Unprecedented Visibility with Global IT Asset Inventory
Cyrus Tata, Technical Account Manager, Qualys
The digital transformation and the ever-evolving cybersecurity threat landscape introduce new technology at increasing variety, scale and speed. Simultaneously, teams are trying to manage resources under budget constraints and with siloed security solutions. Learn to tackle these challenges by delivering unprecedented visibility into all environments with one tool: Qualys Asset Inventory – a single and unified solution that enables better collaboration and strategic planning across IT and Infosec. See how Asset Inventory discovers assets across global hybrid infrastructure, normalizes and categorizes each hardware and software, and enriches with non-discoverable asset intelligence such as vendor lifecycle information.
1:00 – 2:00 PM
Whose transformation is it anyway? How IT security teams can support digital services
Moderator: Mr. Dan Raywood, Contributing Editor, Infosecurity Magazine
Panellist: Mr. Marco Rottigni, Chief Technical Security Officer EMEA, Qualys
Panellist: Mr. Thom Langford, Founder, tl2security
Panellist: Mr. Arthur Barnes, Cyber Threat Investigations, Pearson
Panellist: Mr. David Ferguson, Security Principal, Bank of England
Location: The Information Security Exchange Theater – Ask any CIO what phrase they have been asked about most often in the past year, and digital transformation is probably the most common response. Digital transformation initiatives aim to deliver new services that make life easier for customers and keep companies competitive. However, are IT security teams getting involved in these new projects early enough to keep security at the heart of company IT plans? What happens when this doesn’t take place? And how much are these digital transformation projects fulfilling their objectives?
The panel session will discuss the value that digital transformation can deliver in real world IT environments, and how IT security teams can help other departments build systems that are secure by design.
2:00 – 2:15 PM
A 360-degree Approach to Securing Public Clouds
Hari Srinivasan, Director, Product Management, Qualys
Cloud is a core fabric of digital transformation, as users have a shared security responsibility with the cloud providers. This session will introduce the threats and solutions needed to secure cloud workloads and cloud infrastructure. Learn to gain visibility of your public clouds, secure workloads from both internal and perimeter vulnerabilities, and set up continuous security monitoring of cloud resources to avoid issues such as data leaks and cryptomining attacks through your cloud infrastructure.
3:00 – 3:15 PM
Cloud Migration and Vulnerability Management – How Qualys Supported Our Move
Robert Barrow, Security Officer, Secure Trading
Secure Trading used Qualys to ensure that the migration from a traditional on-premises server farm to an agile cloud solution was secure, and completed cost effectively. Hear how the team used Qualys before, during and after the transition.
4:00 – 4:15 AM
Agile Harmonisation of IT Security & Compliance in Digital Transformation journeys
Marco Rottigni, Chief Technical Officer, EMEA, Qualys
Organisations undertaking digital transformation journeys are often facing challenges in structuring the processes efficiently to cope with dissolving barriers, ever changing IT landscape and a security posture that requires augmented capabilities. We’ll analyse in theory and practice how to evolve a traditional waterfall approach towards an agile one, to empower orchestration and communication among silos to achieve a single source of truth.
5:00 – 5:15 PM
Qualys Container Security – Visibility and Security for Containers from Build to Deployments
Hari Srinivasan, Director, Product Management, Qualys
Containers are the most sought after development tool for microservices. Their simplicity and portability allow DevOps to create true agile builds within development cycles. However, this new kind of environment brings a new set of security threats at every phase of this cycle – from unvalidated software entering the environment, to secrets being leaked, to runtime drifting and breaking immutable behaviors. This session outlines common security risks and practical use cases across every phase in order to help security teams better understand how to efficiently manage security at the speed and scale of DevOps.
Thursday, June 6
10:00 – 10:15 AM
Agile Harmonisation of IT Security & Compliance in Digital Transformation journeys
Marco Rottigni, Chief Technical Officer, EMEA, Qualys
Organisations undertaking digital transformation journeys are often facing challenges in structuring the processes efficiently to cope with dissolving barriers, ever changing IT landscape and a security posture that requires augmented capabilities. We’ll analyse in theory and practice how to evolve a traditional waterfall approach towards an agile one, to empower orchestration and communication among silos to achieve a single source of truth.
11:00 – 11:15 AM
The Art of Vulnerability Management: from Running Scans to Managing Risk
Jimmy Graham, Sr. Director, Product Management, Qualys
To address the challenges of vulnerability detections increasing year over year, Qualys is introducing new ways to visualize vulnerability data, layering Real-time Threat Information on top of detected vulnerabilities to provide consistent and automated remediation prioritization. AssetView technology in Qualys Vulnerability Management allows users to instantly search across vulnerabilities and create dynamic widgets and dashboards within the VM module. See the new VM Dashboard and instant search capabilities, a demo of Qualys Threat Protection, as well as a sneak peek at our new Reporting Module that will unify reports across the Qualys Cloud Platform.
12:00 – 12:15 PM
Supporting Security Challenges in Digital Transformation
Marco Rottigni, Chief Technical Officer, EMEA, Qualys
The most scalable way to prevent breaches of endpoints, servers, and cloud workloads is to reduce the attack surface of the asset itself. Operational vulnerability management, remediation prioritization, transparent patching, secure configuration assessment, real-time activity monitoring, and active threat hunting delivered by a unified security platform can significantly reduce the likelihood of breaches by focusing on reducing the attack surface of enterprise IT environments. In this session, learn how to identify, remediate, detect, and respond to common and targeted attacks that can evade traditional and next-gen prevention technologies.
01:00 – 01:15 PM
Gain Unprecedented Visibility with Global IT Asset Inventory
Cyrus Tata, Technical Account Manager, Qualys
The digital transformation and the ever-evolving cybersecurity threat landscape introduce new technology at increasing variety, scale and speed. Simultaneously, teams are trying to manage resources under budget constraints and with siloed security solutions. Learn to tackle these challenges by delivering unprecedented visibility into all environments with one tool: Qualys Asset Inventory – a single and unified solution that enables better collaboration and strategic planning across IT and Infosec. See how Asset Inventory discovers assets across global hybrid infrastructure, normalizes and categorizes each hardware and software, and enriches with non-discoverable asset intelligence such as vendor lifecycle information.
2:00 – 2:15 PM
Incorporate Visibility of Inaccessible or Sensitive Assets into Your Overall Vulnerability and Compliance Program
Valdas Bycenkovas, Technical Account Manager, Qualys
Organizations using programmable logic controllers (PLC) and other secretive or disconnected assets can be challenged to incorporate them into the scope of their overall cybersecurity and risk program. Such assets do not allow traditional remote or agent-based scanning and thus remain outside the scope of security assessments. Learn how Qualys Offline Device Assessment, an extension of the Qualys sensor family, enables these organizations to enhance overall risk analysis by extending their single-pane-view of security and compliance to these inaccessible or sensitive assets.