Name: Web Application Threats and Trends
Start: 2014-08-01T19:40:00Z
End: 2014-08-01T19:40:49.000Z
Location: BrightTALK
Rating: 4

Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.
 
Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

The gap between detection and remediation leaves your organization exposed. It's time to move from manual analysis to autonomous action.

Join us for "Expose and Eliminate: Mastering Agent Sara and Agent Nova" webinar to discover how Qualys' new Agentic AI capabilities can transform your cyber risk management program. Learn how to operationalize a continuous threat exposure management (CTEM) framework and automate risk elimination with two powerful AI agents.

In this webinar, you will see how to:

- Leverage Agent Nova to autonomously discover and prioritize external exposures with a hacker's-eye view, turning complex data into clear, actionable insights. 

- Deploy Agent Sara to automate the entire Patch Tuesday lifecycle, drastically reducing Mean Time to Remediation (MTTR) with intelligent prioritization and remediation plans. 

- Transform your security operations from reactive to proactive, freeing up teams to focus on strategic initiatives instead of manual risk analysis.

Register now to learn how to expose your most critical risks and eliminate them at machine speed with Agentic AI.

Expose and Eliminate: Mastering Agent Sara and Agent Nova

The UK's new Cyber Security & Resilience (CSR) Bill represents the most significant overhaul of national cyber regulation since 2018 , introducing sweeping new duties for MSPs, Data Centers, Operators of Essential Services, and their critical suppliers. With 24-hour incident reporting, board-level accountability, aggressive enforcement, and expanded supply-chain oversight, organisations can no longer rely on siloed tools, manual processes, or reactive security. 
 
 
Join Ivan Milenkovic, Vice President, Cyber Risk Technology at Qualys, on 29 January at 1pm (London) for a practical, strategic session unpacking the bill’s new requirements and how organisations can meet them through a unified platform approach.
 
This webinar will explore:

- The four major shifts introduced by the CSR Bill including Managed Service Provider regulation, Data Centre obligations, and the Designated Critical Supplier regime.
- Why the 24/72-hour reporting mandate makes fragmented detection and manual investigation operationally impossible.
- How the Qualys Enterprise TruRisk Platform delivers continuous asset visibility, proactive risk reduction, audit-ready compliance evidence, and rapid incident investigation.
- How to turn compliance into competitive advantage, especially for MSPs and critical suppliers now facing mandatory customer-notification requirements.

You’ll leave with a clear blueprint for achieving continuous compliance, accelerating incident readiness, and reducing organisational cyber risk under the UK's new regulatory framework.

Mastering the UK Cyber Security & Resilience Bill: How to Build a Unified, Audit-Ready Security Program

With 74% of breaches involving credential misuse, identity has become the most exploited and least quantified attack surface. Yet most tools treat identity risk separately from asset risk, leaving security teams to stitch together fragmented visibility and incomplete risk signals.

Join us on Dec 16, 2025, at 10 AM PT for this exclusive session introducing Qualys ETM Identity — the newest capability within Qualys Enterprise TruRisk™ Management (ETM) — designed to make identity risk measured, communicated, and eliminated within the same platform you already use for vulnerability, compliance, and asset risk.

In this webinar, we'll learn how to extend your Risk Operations Center (ROC) to the identity perimeter and reduce your identity-driven attack surface faster by:

- Learning why identity can’t be a separate swim lane in 2025.
- Bringing identity posture and exposure directly into ETM with consolidated identity and asset risk
- Finding and prioritizing the most exploitable routes with Attack Path Analysis and Domain Trust Mapping.
- Executing closed-loop remediation with risk response orchestration workflows, validation and auto-rescoring.
- Reporting with audit-ready dashboards aligned to DISA/CIS and more along with continuous integrity monitoring for “who changed what, when, where."

Extending Your Risk Operations Center with Qualys ETM Identity

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on December 11, 2025.

We will discuss this month's high-impact vulnerabilities, including those that are part of November 2025 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, November 2025 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

Patch Tuesday Webinar December 2025: This Month in Vulnerabilities and Patches

How Agentic AI is transforming cloud security from code to cloud.

Cloud environments have become intelligent, fast-moving ecosystems — where code, infrastructure, and AI workloads evolve daily. Defending them requires more than detection; it demands systems that can see, reason, and act across every layer.
In this Cyber Risk Series edition, we’ll explore how Agentic AI is redefining cloud defense — unifying visibility, risk, and response across code, apps, and multi-cloud environments.

We’ll be joined by leading voices in cybersecurity who will explore how organizations can unify visibility, prioritization, and response across the digital ecosystem — rethinking how we manage risk, threats, and emerging AI-driven operations.

Cyber Risk Series: Cloud-Native to AI-Native Edition

Couldn’t make it to ROCon Mumbai? No stress - we got you. 
 
The Risk Operations Conference (ROCon25) brought together top CISOs, security leaders, and practitioners to unpack the most urgent challenges shaping today’s cybersecurity landscape. And now, we’re bringing the biggest moments and hard-hitting insights straight to your screen. 

In this exclusive online recap, we’ll break down the core themes, announcements, live demos, and mind-bending insights from ROCon25 - including how organizations are shifting from managing sprawling attack surfaces to mastering a risk-first security strategy that actually moves the needle. 

From Active Directory exploits and cloud blind spot to identity compromise, patch precision, and cyber-risk quantification - this recap distills everything you need to stay ahead in 2025. 

What You’ll Learn
- Why “risk surface” is the new security battleground
- How Enterprise TruRisk™ Management powers the ROC
- Cyber Risk Quantification that actually aligns with finance
- Identity is the #1 exploited surface 
- TotalCloud CNAPP Deep Dive
- Patch fatigue to patch precision

This recap delivers the most important takeaways so you can strengthen resilience, minimize exposure, and align security with leadership priorities. 

Why Attend
- Catch the biggest takeaways from Mumbai, without the travel 
- Learn what the world’s top practitioners are prioritizing for 2025 
- Get actionable strategies to modernize your RiskOps program 
- Understand how attack paths, identity risk, cloud exposure, and patching precision fit into one unified TruRisk™ model 
- Build alignment with IT, DevOps, and leadership through data-driven insights 
- Win exciting prizes at the end of webinar

ROCon25 Recap - The Future of Risk Operations

Cyber Risk Series: Cloud-Native to AI-Native Edition - APAC

How Agentic AI is transforming cloud security from code to cloud.

Cloud environments have become intelligent, fast-moving ecosystems — where code, infrastructure, and AI workloads evolve daily. Defending them requires more than detection; it demands systems that can see, reason, and act across every layer.

In this Cyber Risk Series edition, we’ll explore how Agentic AI is redefining cloud defense — unifying visibility, risk, and response across code, apps, and multi-cloud environments.

We’ll be joined by leading voices in cybersecurity who will explore how organizations can unify visibility, prioritization, and response across the digital ecosystem — rethinking how we manage risk, threats, and emerging AI-driven operations.

Learn How to Automate Cloud Security & Compliance
A Fireside Chat with Qualys and ServiceNow 

Cloud misconfigurations cause over 80% of breaches, and with ephemeral resources, evolving policies, and expanding attack surfaces, manual triage can't be maintained.

Join Qualys cloud experts for a fireside chat webinar on November 20 at 11 AM PT | 2 PM ET to learn how you can continuously monitor cloud risks, prioritize business impact, and accelerate remediation with automated workflows.

 What you’ll learn:
- How to discover all cloud assets (including shadow IT, serverless, and containers) with API-driven visibility
- Why real-time configuration monitoring is essential for compliance with 40+ global frameworks
- How contextual prioritization reduces noise and focuses teams on the most impactful risks
- Ways automated ServiceNow workflows speed remediation and ensure audit-ready compliance

 You’ll also learn about the new Qualys TotalCloud CSPM integration with ServiceNow Configuration Compliance

 Featured Speakers:
• Maanas Saran, Senior Staff Outbound Product Manager, ServiceNow
• Shrikant Dhanawade, Director, Product Management, Cloud Security, Qualys, Inc.

Automate Cloud Security & Compliance with Qualys and ServiceNow

Security leaders are no longer simply managing vulnerabilities or even identifying exposures. The next generation of cybersecurity is focused on quantifying and addressing risks based on business context and financial impact. 

Many organizations are already taking steps to tackle these challenges but bridging the gap between understanding risks and effectively addressing them can feel overwhelming. Rest assured, with the right approach and tools, you can confidently turn these challenges into opportunities for stronger, smarter security. 

Discover how leading organizations are building Risk Operations Centers that deliver measurable business impact and executive confidence. 

Why Attend:
- See how Qualys Enterprise TruRisk Management provides unified visibility, prioritization, and orchestration across cloud, on-premises, and hybrid environments 

- Discover Qualys agents that enrich threat intelligence, discover hidden assets, identify risk factors, and take action to secure your environments 

- Learn about proven methodologies to measure and communicate cyber risk in financial terms to board-level stakeholders 

- Explore how ImagineX's expert-led services accelerate deployment and maximize platform value from day one 

 Register now to secure your spot and take the first step towards a stronger, more resilient security posture.

Power Your Risk Operations Center with Qualys + ImagineX

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on November 13, 2025.

We will discuss this month's high-impact vulnerabilities, including those that are part of October 2025 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, October 2025 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

Patch Tuesday Webinar November 2025: This Month in Vulnerabilities and Patches

Containers and Kubernetes have become a a critical component of modern cloud-native environments and a new way to approach software delivery, but they also introduce new layers of complexity.

Tailored for vulnerability management teams, this session will explore the unique risks containers introduce, how to secure them throughout the CI/CD pipeline, and how to gain visibility into container vulnerabilities at runtime.


Join us to learn how to integrate container security seamlessly into your existing vulnerability management program, ensuring scalable and consistent protection across dynamic cloud workloads.

What you’ll learn:

 - The fundamentals of container security: why it involves securing images, runtimes, environment settings, orchestration layers and networks.
 - Why container security is challenging due to increased attack surface and lack of visibility, and how specialised tools provide insight into container activity.
 - How DevSecOps embeds security into CI/CD pipelines, enabling early detection of vulnerabilities and fostering crossfunctional collaboration.
 - Best practices for collaborative container security, such as enforcing least privilege, using trusted images, continuously monitoring every layer and establishing automated security testing.
 - The rising importance of Kubernetes Security Posture Management (KSPM) as Kubernetes displaces cloud native solutions.

Episode 3 – Containerisation in Practice: The Developer/Security Relationship

Vulnerability management is the backbone of cybersecurity but it's no longer enough to keep pace with attackers in the age of AI. Security leaders need to bring information from every corner of their attack surface together, find the few exposures that create the great financial risks to their organization, and convert those signals into quicker, more accurate decisions that are simple to communicate in business terms. The next stage of cybersecurity is here. 

Join Qualys and ImagineX to learn how to build a comprehensive Risk Operations Center that gives security teams the power to measure, communicate, and eliminate cyber risk. 

Why Attend:
- Learn how Enterprise TruRisk Management builds on your existing Qualys foundation to deliver unified risk visibility across your entire attack surface 

- See how Agentic AI extends your security team, reducing manual effort while improving response times and accuracy 

- Discover frameworks to quantify cyber risk in financial terms and demonstrate clear return on security investments 

- Explore how ImagineX's expert-led services accelerate deployment and maximize platform value from day one 

Hosted by Richard Seiersen, Qualys CTO and featuring Tim Salvador, ImagineX Principle Security Architect and [TK Qualys Expert] 

Date & Time: November 11th, 11:00 AM PT 

Take the first steps to transform your existing Qualys investment into a comprehensive risk operations platform.

The Risk Operations Center (ROC) Made Easy: Vulnerability Management to ROC with Qualys + ImagineX

Cloud and Container Security Risk Reduction Best Practices for 2026

A Fireside Chat with Qualys and GigaOm

Containers are no longer just about microservices; they now power AI pipelines, data-intensive apps, and critical business services. With the advent of AI-powered attack paths comes new security challenges: runtime risks that emerge in milliseconds, sensitive secrets hidden in workloads, and AI models introducing novel tactics. Traditional “scan and alert” approaches can’t keep pace.

On Nov 6 at 11 AM PT, join security and container technical experts from Qualys and Gigaom as they explore the next era of container security including:

- Code to cloud scanning and third-party dependency analysis
- Contextual risk analysis tying containers to attack paths, apps, and APIs
- Bridging gaps between cloud, containers, compliance, and application security
- Runtime security for understanding behavior, especially for AI workloads
- Supply chain attacks and their impact on container security
- The concept of "fix left" rather than "shift left" in security practices

Attendees will gain a roadmap for shifting from detection-heavy container security to a modern, remediation-focused approach that matches the speed and scale of today’s cloud-native and AI-driven environments.

GigaOm will also discuss key findings from their Radar reports related to container security.

Featured Speakers:

- Chris Ray, GigaOm Analyst
- Abhishek Singh, VP Product Management, Qualys

Register now to transform your cloud and container security. <a href="https://www.brighttalk.com/webcast/11673/655187">[GigaOM 2025 Radar: The Next Era of Container Security]</a>

GigaOM 2025 Radar: The Next Era of Container Security

Join Spencer Brown, Principal Product Manager at Qualys, for an insightful webinar on how Manifest Version Control (MVC) in the Qualys TruRisk Platform transforms update management from a reactive, risky process into a controlled, risk-aware strategy. Learn how organizations can deploy updates safely, stage rollouts, and maintain operational stability without sacrificing speed or security.

This session covers: Qualys experts will demonstrate how MVC provides visibility, control, and resilience, ensuring updates protect endpoints without introducing instability.

What you'll learn: 

Delay and Stage Manifest Updates: Introduce controlled buffers between release and deployment, test updates in non-production environments, and prevent unintended disruptions in production systems.

Prevent and Control Deployment: Temporarily block problematic manifests, validate changes in dev/test environments, and safely re-enable updates when ready for enterprise-wide adoption.

Operational Confidence: Treat manifest updates as a fully managed, risk-aware process, reducing the risk of outages while keeping endpoints protected.

End-to-End Resilience: See how MVC works alongside self-healing agents and TruRisk Labs’ real-world validation environments to ensure updates perform reliably across diverse and complex setups.

Scalable Enterprise Control: Create profiles for production and non-production environments, stage updates in waves, and align rollout strategies with organizational policies for enterprise-wide reliability.

Built-In Resilience for Safer Updates: Mastering Manifest Version Control in the Qualys TruRisk Platform

Join us for an exclusive deep dive into Qualys Patch and the evolution toward TruRisk™ Eliminate. In this session, our Principal SME Mukesh Choudhary will walk through proven best practices, tips & tricks, and real-world use cases to help you get even more from your current Patch deployment. Then, Padmanabh Sahasrabudhe, Senior Principal Product Manager for Remediation & Mitigation, will present the latest roadmap, spotlighting the key innovations and unique value propositions of Eliminate. Whether you're already using Qualys Patch or considering the migration, this webinar will open your eyes to what's possible when patching meets risk elimination.

Unlock deeper value from your Qualys investment. Learn how to patch smarter today and prepare for the future of risk elimination.

Why Attend
Many organizations deploy Qualys Patch, but few tap into its full potential. Even fewer understand how it evolves into TruRisk™ Eliminate. This webinar bridges that gap.

What You’ll Learn:
- Patch Best Practices & Tips
- What’s New in Qualys Patch
- Eliminate Roadmap & Unique Value
- Migration Path & Decision Framework

Who Should Attend:
- Current Qualys Patch users
- IT Ops / SecOps teams evaluating the shift to Eliminate
- Technical leads, vulnerability managers, remediation leads

Speakers:
- Mukesh Choudhary, Principal SME, Qualys
- Padmanabh Sahasrabudhe, Senior Principal Product Manager, Qualys

Bonus: Attendees receive checklist, migration readiness worksheet, and early access preview.

Best Practices of Using Qualys Patch: What’s New & Where We’re Going with Eliminate

Would you like to streamline your risk operations to continuously reduce exposures and maintain compliance while reducing complexity and overall costs? Would you like to augment your team with a digital workforce of cyber risk AI agents that help you move with speed and scale that supports the business needs? 

Join us for an educational session on how you can enable an AI-native Risk Operations Center that dramatically improves your security posture. 
<ul><li>Discover how Qualys Enterprise TruRisk Management with Agentic AI makes managing cyber risk simpler (and smarter!).</li><li>See the Cyber Risk AI Agents in action during a demo as they unlock access to all your exposure data and surface actionable insights, prioritize risks with business context and real-time threat intel, and remediate risks at the speed of detections.</li><li>Learn how AI-driven strategies can elevate your cyber defense and free you for more strategic work.</li></ul>

Modernize Your Cyber Risk Management with Agentic AI

This webcast will review recently published web application threat intelligence from IBM, Verizon and Symantec to provide a current view of the web application threat landscape. The changing methods and motives of attackers will be reviewed as will the best practice methods for detecting and defending against the risks these threats represent.

> Find out how web application attacker's methods and motives are changing from recently published threat intelligence.
> Gain insight into the trends that are exposed by breach investigations.
> Learn how to detect and defend against the most common and risky web application attacks.

Web Application Threats and Trends

web application security

owasp

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Web Application Threats and Trends

Presented by

About this talk

Qualys