Name: A Case for Vulnerability and Configuration Management:
Start: 2015-02-12T18:00:00Z
End: 2015-02-12T19:00:13.000Z
Location: BrightTALK
Rating: 4.54

Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.
 
Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Cybersecurity teams must move faster than attackers when vulnerabilities are disclosed. This is only possible if the attack surface is mapped out continuously. This Fireside conversation explores attack service management, tools that infosec professionals can use to manage risks before attackers discover them, and what threat intelligence indicates about the likelihood of exploitation. Register now and gain insights to help you better mitigate threats.

Implementing an Attack Surface Management Program

Most organizations would agree that the greatest cybersecurity risks would cause the most interruption to the business. But how can CISOs and infosec professionals get ahead of potential risks and prioritize those? This conversation will explore how organizations can focus on a risk-based approach to cybersecurity, cybersecurity in the boardroom, and more.

Moderated by: 
Doug Cahill, VP, Analyst Services, Sr. Analyst, ESG

Featuring: Jonathan Trull, CISO, Qualys

Understanding a Risk-Based Approach to Cybersecurity

With attacks on payment data increasing, organizations are looking to achieve data protection as well as streamline PCI compliance in an automated manner. But only 27.9% of organizations were fully PCI compliant during their interim validation in 2019 according to the Verizon Payment Security Report (PSR) 2020. The PSR also highlights the top control gaps, which organizations need to prioritize for better data protection and complete PCI.

Qualys fills these gaps by expanding its PCI compliance solution beyond PCI ASV scanning to support more than 97% of PCI requirements. Qualys’ integrated platform gives you one holistic view of your PCI in-scope assets and their PCI compliance posture along with the tools and automation you need to meet PCI DSS requirements efficiently.

Join us for a webinar on August 26, 2021 where PCI experts Hariom Singh, director of product management for compliance solutions at Qualys, and Mathias Hoelzli, senior manager threat and vulnerability management at NortonLifeLock, walk you through the challenges organizations face and how they can overcome them to protect their cardholder data.

Get started now:

- Sign up for the PCI Compliance webinar on August 26, 2021.
- Learn about the complete Qualys PCI Compliance solution.
- Start your trial of the new integrated Qualys PCI Compliance solution.

Get PCI Compliant with Qualys

In support of DevSecOps teams using Kubernetes to build modern applications, Qualys and Red Hat are collaborating to secure the complete Red Hat OpenShift stack.   

Newly introduced capabilities delivered via Qualys Cloud Agent enable vulnerability scanning directly into Red Hat Enterprise Linux CoreOS in Red Hat OpenShift.   

This new offering enhances Red Hat’s layered approach to security and complements the Qualys Container Security app, which already secures your containers from build to runtime.  

Join this webinar on August 16, 2021 for a demonstration of full-stack security of containers and the container stack in Red Hat OpenShift presented by container security experts Dave Meurer, Global Principal Solutions Architect at Red Hat, and Jason Ell, Sr. Director of Product Management for Cloud Agent at Qualys. 

Sign up now!

Securing Red Hat Enterprise Linux CoreOS in Red Hat OpenShift with Qualys

Please join the Qualys research and product teams for the webinar “This Month in Vulnerabilities and Patches” on August 12, 2021.  

We will discuss this month's high-impact vulnerabilities, including those that are part of August 2021 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:  

The significant vulnerabilities published this month:

- Pulse Connect Secure RCE (CVE-2021-22937)
- Sequoia – Linux Filesystem Privilege Escalation Vulnerability (CVE-2021-33909)
- Microsoft Patch Tuesday, August 2021
	- Windows Update Medic Service Elevation of Privilege Vulnerability (CVE-2021-36948)
	- Remote Desktop Client RCE Vulnerability (CVE-2021-34535)
	- Windows Services for NFS ONCRPC XDR Driver RCE Vulnerability (CVE-2021-36942)
- Adobe Patch Tuesday, August 2021

An action plan to quickly identify and remediate vulnerabilities:
- Learn how to use Qualys Patch Management to remediate vulnerabilities

This Month in Vulnerabilities and Patches

Please join the Qualys research and product teams for the webinar “This Month in Vulnerabilities and Patches” on July 15, 2021.

We will discuss this month's high-impact vulnerabilities, including those that are part of July 2021 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

Agenda:

The significant vulnerabilities published this month:
- Windows Print Spooler RCE Vulnerability
- Kaseya Zero Day Vulnerabilities
- SonicWall Buffer Overflow Vulnerability
- Microsoft Patch Tuesday, July 2021
- Adobe Patch Tuesday, July 2021

Demos showing how to address this month's top vulnerabilities:
- Identify and prioritize vulnerabilities with Qualys VMDR
- Remediate with Qualys Patch Management

Vulnerability assessment alone is not enough to protect systems from compromise as misconfigurations are a major source of breaches. Weak or improper continuous security configuration assessment (SCA) settings are often exploited by hackers and have played a significant role in high-profile cyberattacks like Petya. 

Join this Technical Series webinar and learn from a Qualys Technical Account Manager why Security Configuration Assessment should not be ignored.   

This session covers:  

- Introduction to SCA  
- A brief enumeration of the differences with the Policy Compliance apps  
- A digress about the Center for Internet Security (CIS)  
- Quick start guide

Qualys Technical Series – The Ins and Outs of Security Configuration Assessment

Qualys and the Channel Alliances Team invite you to learn about Qualys Community Edition, a free version of the Qualys Cloud Platform to help you discover your IT assets and their vulnerabilities and get detailed reports using the industry's most accurate and comprehensive security assessment platform. 

This educational session will cover how to use Community Edition including:  

- Vulnerability management 
- Web application scanning 
- Multiple data collection methods  
- Best practice workflow for scanning 
- Reporting options and workflows 
- Q&A

See how IT professionals can experience Qualys for FREE with Community Edition

Please join the Qualys research and product teams for the webinar “This Month in Patches” on June 10th, 2021.

We will discuss this month's high-impact vulnerabilities, including those that were part of June's Microsoft Patch Tuesday. We will walk you through the steps to quickly identify vulnerable assets and remediate them with Qualys VMDR and Patch Management.

We will cover:

The significant vulnerabilities published this month:

- VMware vCenter Server Multiple Vulnerabilities
- Ubuntu XStream Vulnerabilities
- Microsoft Patch Tuesday, June 2021	

An action plan to quickly identify and remediate vulnerabilities:

- Learn how to use Qualys Patch Management to remediate vulnerabilities
- A sneak peek into Linux Patch Management with Qualys

This Month in Patches

Qualys Web Application Scanning (WAS) adds continuous discovery of web applications and detection of vulnerabilities and misconfigurations at scale to the Qualys Cloud Platform. Qualys WAS complements your security and compliance program with scanning of the application logic of both "human-readable" WEB apps and API-based apps. Join this Technical Series webinar and learn from a Qualys Solution Architect how to up your security game by using Qualys WAS. 

This session covers: 

- What is Qualys Web Application Scanning? 
- Diagnosing a WAS scan 
- Authentication in WAS - what works, what doesn't, and "why" 
- The ‘hidden’ features of WAS

Qualys Tech Series – Extend Your Security & Compliance Program with Qualys WAS

Join us for AssetView Live to learn how we’ve reinvented asset management for cybersecurity professionals. CyberSecurity Asset Management (CSAM) monitors IT asset health from a security perspective, helping inventory your complete IT ecosystem, detect security gaps, and respond to the risk, all from a unified platform.

Register today for AssetView Live to hear our vision, see a deep-dive demo, learn how customers use CSAM, and participate in a Q&A.

Agenda:

10:00 – 10:15 am
Introducing CyberSecurity Asset Management (CSAM)
Sumedh Thakar, CEO and President, Qualys

10:15 – 11:00 am 
Live CSAM Demo
- Identify and alert on unauthorized assets
- Monitor critical assets for external exposure
- Alert for EOL, unauthorized software and missing required software
- Response actions: uninstall EOL Adobe Flash with one click 
- FedRAMP and PCI-DSS report for asset health
Ed Rossi, VP of Product Management, Qualys

11:00 – 11:15 am
Customer Insights: Asset Inventory for Security Pros
Jatinder Pal Singh, Director of Security Operations, Informatica

11:15 – 11:30 am 
Industry Insights: Your Security Foundation Starts with Asset Visibility and Context
Todd Waskelis, AVP, AT&T Cybersecurity Solutions

11:30 – 11:50 am
Live Q&A

AssetView® Live - Reinventing Asset Management for Cybersecurity

We are bringing the ability to detect and block advanced threats in real time to the Qualys Cloud Platform. The same Qualys Cloud Agent that provides inventory, vulnerability management, patching and endpoint detection and response (EDR) now prevents malware exploitation and blocks known phishing and ransomware attacks.

Traditional EDR/EPP solutions focus only on malicious activities, and risk mitigation solutions focus on vulnerabilities and patch management, requiring siloed agents and applications. This approach does not provide a complete picture of the environment, its attack surfaces, weaknesses that cybercriminals can exploit, or the ability to natively remediate most cyberattacks' root cause - unpatched vulnerabilities. Qualys removes these blind spots by combining risk mitigation, malware prevention, detection, and response into a single solution.

Join Hiep Dang, Qualys VP of Endpoint Security Solutions, on Wednesday, May 26 at 10:00 am PT for a demonstration of Qualys Multi-Vector EDR's new anti-malware capabilities along with a preview of our plans to combine real-time malware protection and endpoint telemetry with cross-correlation with asset visibility, vulnerability management, patch management, and policy compliance.

Protect, Detect & Respond with Anti-Malware Features in Qualys Multi-Vector EDR

Please join the Qualys research and product teams for the webinar “This Month in Patches” on May 13th, 2021.

We will discuss this month's high-impact vulnerabilities, including those that were part of May's Microsoft Patch Tuesday. We will walk you through the steps to quickly identify vulnerable assets and remediate them with Qualys VMDR and Patch Management.

We will cover:

The significant vulnerabilities published this month:

- 21Nails Exim Mail Server Multiple Vulnerabilities
- Pulse Connect Secure Remote Code Execution Vulnerability (CVE-2021-22893)
- Microsoft Patch Tuesday, May 2021

An action plan to quickly identify and remediate vulnerabilities:

- Learn how to use Qualys Patch Management to remediate vulnerabilities
- A sneak peek into Linux Patch Management with Qualys

Are you a FedRAMP-certified cloud services provider with vulnerability scanning gaps between your traditional and containerized cloud systems? If so, join us on May 12, as we walk you through the details and challenges of compliance.

On March 16 FedRAMP released the Vulnerability Scanning Requirements for Containers and required Cloud Service Providers serving the federal market to submit a compliance plan and demonstrate compliance in six months' time. The document is supplemental to existing FedRAMP requirements around vulnerability scanning and applies to all FedRAMP-authorized systems leveraging container technology.

In this webinar, the Qualys compliance and container security teams will:

- Explain each new FedRAMP requirement in detail
- Discuss the challenges of implementation
- Demonstrate how the FedRAMP-certified Qualys Cloud Platform and Container Security product address the challenges

FedRAMP Vulnerability Scanning for Containers

Your Qualys subscription is only as good as the data that’s in it. So how do you get the most from your data? Join this Technical Series webinar and learn from a Qualys Solution Architect how to evaluate, action and clean up the data in your Qualys subscription. 

This session covers: 

- Asset Record Duplication – Why these are happening and how to troubleshoot. 
- Data Merging – What are the options and how do they work? 
- Stale Assets - Purge Rules and Manual Purging 
- Tags/Asset Groups - How many are too many?

Qualys Tech Series – Optimizing Qualys: It’s Time to Clean Up Your Subscription

As attacks on infrastructure continue to increase, security teams are looking to go beyond detection and response by eliminating the root cause of the attacks -- unpatched vulnerabilities. With the majority of production systems running Linux, customers have been looking for a single, efficient patch workflow that extends their Windows patching program to Linux and third-party applications. 

Join Qualys director of product management Eran Livne on May 5 at 10:00 am Pacific as he discusses the challenges in patch management and effective best practices for faster vulnerability remediation, including: 

- Patch management challenges, especially in Linux environments 
- Why IT & security teams need integrated patch management to reduce the attack surface 
- Demo of automatic detection, prioritization and remediation of vulnerabilities 
- Demo of key Qualys Patch Management features for Linux including scheduled and on-demand patching, system reboot, tracking remediation, and auto-rescan after patching

Up the Patch Game: Unified Patch Management for Windows & Linux

News of ransomware attacks hits the headlines on a near-daily basis, so it is no surprise that ransomware attacks increased over the past year. They’ve also become more dangerous as attackers target and encrypt growing amounts of data, and ransom demands skyrocket. Yet, despite the visibility, risks and increasing costs, organizations aren’t taking some of the basic precautions to protect themselves from attacks, such as remediating key known vulnerabilities. 

Speakers Brian Kime, Security and Risk Senior Analyst at Forrester and Mehul Revankar, VP of Product Management and Engineering at Qualys will discuss the current state of ransomware and prevention techniques including:

- Latest threat vectors with an emphasis on ransomware attack vectors  
- Examples of ransomware attacks that exploited specific vulnerabilities  
- How to harden systems as temporary risk mitigation where immediate patching is not possible 

Mehul will also address how to discover, assess and patch critical vulnerabilities with Qualys VMDR.

Preventing Ransomware Attacks in the Age of Covid-19

Join Qualys' Research and Product Team for a discussion of this month's high-impact vulnerabilities, including those that were part of April's Microsoft Patch Tuesday. We will walk you through the steps to quickly identify vulnerable assets and remediate them with Qualys Patch Management.  

We will cover:  

- The significant vulnerabilities published this month 
- Qualys Research Team's analysis of the most critical vulnerabilities  
- An action plan for quickly identifying and remediating vulnerabilities

Best Practices for State and Local Governments

In this webinar, we examine the specific threats facing state and local governments and provide a case for why vulnerability and configuration management should be a key strategic initiative.  We will also identify best practices for deploying a vulnerability and configuration management program, including obtaining executive level buy-in and budgetary support.  Finally, we will demonstrate how the Qualys platform can be used to implement these best practices and help governments achieve a significant reduction in their overall risk of being compromised.

A Case for Vulnerability and Configuration Management:

Security

state

local

government

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

A Case for Vulnerability and Configuration Management:

Presented by

About this talk

More from this channel