Hi [[ session.user.profile.firstName ]]

Applying Actionable Threat Intelligence to your Vulnerability Management Program

This live webinar will showcase how Qualys and Kenna together connect an organisation’s vulnerability scanning program with actionable threat intelligence to employ a risk-based approach to vulnerability management. Attendees will learn strategies for applying actionable threat intelligence to their vulnerability management programs.
Recorded Sep 24 2015 36 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Damian O'Hara from Qualys, David French from Kenna Security
Presentation preview: Applying Actionable Threat Intelligence to your Vulnerability Management Program

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Automating Critical Security Controls for Threat Remediation and Compliance Recorded: Sep 28 2017 57 mins
    John Pescatore and Tim White
    Trends like the increased use of cloud computing by businesses and their vendors introduce new complexities in reducing risk and assessing security across the supply chain. Demonstrating continuous risk reduction and compliance with internal policies and external regulations, fixing violations and configuration drift, centrally managing exceptions, and documenting progress are all common challenges.

    The Center for Internet Security’s (CIS) Critical Security Controls (CSCs) were selected and prioritized by leading security experts to stop today’s most common and serious cyber threats. By implementing these controls, organizations can improve their security posture and reduce the risk of threats to critical assets, data, and network infrastructure.

    In this webcast, SANS Senior Analyst John Pescatore and Tim White, Director of Product Management for Qualys Policy Compliance (PC), will discuss how you can achieve continuous security and compliance, and leverage Qualys solutions to address all 20 CSCs.

    The presentation will encompass:

    • An overview of the CIS Critical Security Controls, including ongoing updates
    • Success patterns organizations have demonstrated for using the controls to their advantage
    • How an automation can reduce the staffing load to determine whether controls are in place and effective
    • How to prioritize remediation efforts
    • Real-world examples of recent attacks that leveraged misconfigured systems

    This webcast will include a demo and Q&A session with the speakers.
  • Securing Your Public Cloud Infrastructure Recorded: Jul 20 2017 54 mins
    Mark Butler Chief Information Security Officer, Qualys and Hari Srinivasan Director, Product Management, Cloud and Virtualiza
    Public cloud providers operate on a shared responsibility model, which places the onus on the customer to define and secure the data and applications that are hosted within cloud infrastructure. To that end, it is critical that organizations accurately and selectively pinpoint which cloud workloads and virtual IT assets must be monitored, updated and patched based on developing threats to customer data and applications.

    In this webcast, Mark Butler, Chief Information Security Officer at Qualys, and Hari Srinivasan, Director of Product Management for Qualys Cloud and Virtualization Security will detail how you can gain complete visibility of your organization’s entire cloud asset inventory and security posture to help you keep up with shared security responsibility models across public cloud infrastructure.

    The presentation will cover:

    > Challenges surrounding increased migration to public clouds
    > Using automation for secure DevOps
    > How to ensure effective and efficient operations

    This webcast will include a Q&A session, as well as a live demonstration of how to deploy Qualys seamlessly and deeply into public cloud environments with new features.
  • Streamlining Third Party Risk Assessments in the Cloud Recorded: Jun 20 2017 59 mins
    Jonathan Osmolski, Enterprise Records & Information Governance, Pekin Insurance & Hariom Singh, Product Management Qualys
    Security assessments drastically reduce your organization’s risk of suffering a data breach by identifying poor InfoSec and privacy practices among vendors, partners, contractors, and other third parties.

    For most businesses, these assessments are a slow, unscalable, manual process that strains InfoSec teams and creates a backlog of security evaluations.

    During this webcast, Jonathan Osmolski, Manager of Enterprise Records and Information Governance at Pekin Insurance, and Hariom Singh, Director of Product Management for Qualys Security Assessment Questionnaire (SAQ) will show you how you can free your organization from unreliable and labor-intensive manual processes, and optimize the accuracy of audit results.

    You will learn how Pekin Insurance:

    > Replicated its manual 76-question assessment process within SAQ’s web-based UI in just two hours
    > Simplified the design, distribution, tracking, and analysis of multiple vendor risk assessment campaigns
    > Gained improved visibility into its compliance performance metrics
    Increased the overall productivity and efficiency of its InfoSec team

    This webcast will include a live demo and Q&A session.
  • Visualize Your Threat Exposure to WannaCry & Shadow Brokers With Dashboards Recorded: Jun 1 2017 50 mins
    Jimmy Graham, Director of Product Management, Qualys
    The WannaCry ransomware virus has wreaked havoc on hundreds of thousands of computers around the world since the outbreak began on May 12. This virus exploits vulnerabilities in Microsoft Windows XP and 2003, encrypting files and demanding that users pay a ransom to regain access. Determining whether the vulnerability exists within your global IT environment can be a daunting task, and existing enterprise security solutions are slow to deploy.

    Jimmy Graham, Director of Product Management for ThreatPROTECT at Qualys, will demonstrate how you can:

    • Identify, track, and remediate assets susceptible to critical vulnerabilities, including WannaCry and the recent Samba exploit
    • Create dashboards and reports to visualize the impact of assets in real time and track your remediation efforts
    • Institute threat-prioritized remediation processes to mitigate current and future risks

    This webcast will include a Q&A session with the speaker.
  • Countdown to GDPR - Reduce your Risk Recorded: May 24 2017 60 mins
    Darron Gibbard, Managing Director, EMEA North at Qualys & Jonathan Armstrong, Partner at Cordery
    This is a must-attend webcast for anyone working for an organisation within Europe and responsible for the security of personal data.

    You are probably already thinking about the EU General Data Protection Regulation (GDPR) and the huge potential fines of €20m or 4% of annual worldwide turnover.

    For organisations headquartered across EMEA, GDPR is a key focus for the next 12 months as the 25 May 2018 deadline approaches. Qualys solutions can help your organisation prepare and comply with GDPR.

    During this webcast, Jonathan Armstrong, Compliance and Technology Lawyer, Partner at Cordery, will answer any compliance questions and highlight the key areas to consider. Darron Gibbard, Managing Director, EMEA North at Qualys, will show you how to know and control your data, assets and suppliers.

    You will get practical advice on:

    - What you need to focus on: data, assets, suppliers
    - Who you should involve: key stakeholders and departments
    - How you can automate processes with Qualys Security Assessment Questionnaire

    This webcast will include a live Q&A session.
  • Spot & Patch Web App Bugs in One Click Recorded: May 23 2017 57 mins
    Vikas Phonsa, Product Management, Qualys WAF and Frank Catucci, Product Management, Qualys WAS
    Web application security is becoming increasingly complex due to the continuously evolving threat landscape, the diverse nature of web applications, and the broad range of systems needed to manage security.

    Qualys simplifies web app security with an end-to-end solution.

    During this webcast, presenters Vikas Phonsa and Frank Catucci will show you how you can:

    * Scan your apps using Qualys Web Application Scanning (WAS)
    * Deploy one-click virtual patches for detected vulnerabilities in Qualys Web Application Firewall (WAF)
    * Manage it all from a centralized, cloud-based portal

    This webcast will include a live Q&A session.
  • How to Rapidly Identify Assets at Risk to WannaCry Ransomware Recorded: May 17 2017 77 mins
    Jimmy Graham, Director of Product Management, Qualys and Mark Butler, Chief Information Security Officer, Qualys
    A major ransomware attack using a leaked NSA exploit known as “WannaCry” has hit more than 150 countries since May 12. More than 200,000 infections globally have been detected and the attack, which uses the WannaCry (WanaCrypt0r 2.0) ransomware, continues to spread.

    WannaCry utilizes the ETERNALBLUE exploit targeting newly disclosed vulnerabilities (MS17-010). Once leaked, it took only 28 days for this exploit to be used in a full-scale cyber attack. Organizations that scan for vulnerabilities only monthly or less frequently can still be at risk.

    During this webcast Jimmy Graham, Director of Product Management at Qualys, and Mark Butler, Chief Information Security Officer at Qualys, will discuss how to:

    • Patch and implement other mitigations for WannaCry
    • Detect and get full visibility on impacted assets for prompt remediation
    • Institute threat-prioritized remediation processes to mitigate current and future risks

    This webcast will include a live Q&A session.
  • Gain Visibility & Control of IT Assets in a Perimeterless World Recorded: May 4 2017 45 mins
    Jimmy Graham, Director, Product Management, AssetView and Darron Gibbard, Chief Technical Security Officer EMEA, Qualys
    In today’s perimeterless world, enterprise security teams are challenged with maintaining visibility and control over the exploding number of assets on their networks.

    The IT assets that pose the greatest risk to your organization’s security are the ones you don’t know are there. Lack of visibility into your IT environment undermines the foundations of your enterprise security and compliance infrastructure and puts your organization at serious risk of a breach. Without knowledge of which software and devices exist in your network — whether on-premises, on endpoints, or in elastic clouds — InfoSec professionals are unable to enact proper security and protection.

    During this webcast, Jimmy Graham, Director of Product Management for Qualys AssetView and Darron Gibbard, Chief Technical Security Officer for Qualys EMEA will cover the six key elements of an ideal cloud-based IT asset inventory system:

    1. Complete visibility of your IT environment
    2. Deep visibility into assets
    3. Continuous and automatic updates
    4. Asset criticality ranking
    5. Interactive, customizable dashboarding and reporting
    6. Integration with your CMDB

    Those of you in the EU will also be interested to learn about asset inventory for GDPR compliance.

    This webcast will include a live Q&A session.
  • Automated Compliance Assessment for RBI Cyber Security Guidelines Recorded: May 3 2017 56 mins
    Shailesh Athalye, Senior Manager, Compliance Research & Analysis, Qualys
    Perimeterless IT infrastructure and its security is now an integral part of the operational strategies of India’s financial institutions. But the number, frequency, and impact of cyber attacks on Indian financial institutions have increased substantially, underlining the urgent need for banks to develop robust cyber security measures, and assess their security posture on a continuous basis.

    The RBI Guidelines for Cyber Security assist financial institutions to achieve this through a new-era preventative security baseline.

    During this webcast, Shailesh Athalye, Qualys Senior Manager, Compliance Research and Analysis, will discuss how financial institutions can easily address both the technical & procedural elements of the RBI Guidelines for Cyber Security in an automated manner using the highly scalable Qualys Cloud Platform.

    This webcast will include a live Q&A session.
  • Detect and Block Apache Struts Bug Across Your Enterprise Recorded: Mar 22 2017 62 mins
    Vikas Phonsa Director Product Management Web App Firewall and Frank Catucci Director Product Management Web App Scanning
    A critical vulnerability has been found in Apache Struts 2, and it is being actively attacked in the wild, as hackers jump at the chance to hit high-profile targets by exploiting this critical bug.

    Apache has issued an emergency security alert, classifying this as a high-risk vulnerability. If left unaddressed, organizations are at risk of remote code execution attacks, which could lead to complete system compromise.

    During this webcast, Qualys Product Management Directors Vikas Phonsa (Web Application Firewall) and Frank Catucci (Web Application Scanning) will show you how Qualys' complete, end-to-end security solutions can detect and patch the vulnerability so that you can keep your business-critical information safe from attackers.

    With Qualys Vulnerability Management, Web Application Scanning, and Web Application Firewall, you can find Struts in your environment quickly, comprehensively, and at scale, as well as shield your organization from Struts attacks while you identify and patch vulnerable systems.

    This webcast will include a live demo and Q&A session.
  • Aligning Web Application Security with DevOps and IoT Trends Recorded: Feb 7 2017 54 mins
    Amy DeMartine, Principal Analyst, Forrester. Jason Kent, VP Web App Security, Qualys
    For organizations around the world, attacks on web applications are quickly becoming the main source of data loss. As the proliferation of IoT devices complicates the web app security landscape, security teams must engage with key app development counterparts to better secure apps across new types of devices, without slowing rapid DevOps methods or adding InfoSec strain.

    During this webcast, guest speakers Amy DeMartine, Principal Analyst at Forrester, and Jason Kent, VP of Web Application Security at Qualys will cover how you can:

    - Secure apps at the speed of DevOps
    - Utilize web security and infrastructure security assessment practices in the age of IoT
    - Mitigate the risk presented by the new IoT attack surface with the help of automated testing tools and DevSecOps collaboration

    This webcast will include a Q&A session with our speakers.
  • Securing Your Web Apps in Today's Complex Cloud Environment Recorded: Nov 1 2016 58 mins
    Alex Jones, Security Engineer, Gainsight & Dave Ferguson, Solution Architect, Qualys
    Today, securing web applications has become more complex as organizations increasingly deploy and manage their web applications in the cloud. Modern web technologies such as sophisticated JavaScript frameworks and SPAs present increasing challenges to web application scanning, as crawling has become more difficult to manage.

    During this webcast Alex Jones from Gainsight and Dave Ferguson from Qualys will discuss how Qualys has helped Gainsight to:

    - Scan, discover, catalog applications on multiple cloud environments for vulnerabilities and website misconfigurations.

    - Adapt to increasingly complex and new web application technologies.

    - Build an easy-to-use, accurate and scalable scanning program across web application and network infrastructure.
  • Overcome Outdated Processes and Automate IT Risk & Compliance Recorded: Oct 6 2016 58 mins
    Nick Hayes, Analyst at Forrester, Josh Hankins, Information Security Solutions Manager at 84.51°
    Companies across a wide gamut of industries and regions all strive to effectively manage risk and compliance, but too few actually achieve it. As IT, business, and regulatory environments grow increasingly complex, risk and compliance pros must move past outdated processes and legacy systems to innovate and find ways to achieve higher degrees of efficiency and oversight.

    During this webcast, guest speakers Nick Hayes, Analyst at Forrester, and Josh Hankins, Information Security Solutions Manager at 84.51° will cover how you can:

    · Move up the maturity curve through better program coordination and technology integration.
    · Establish the right metrics to build the business case and showcase continual progress.
    · Bolster future success by prioritizing business agility and data mastery as top strategic objectives.

    This Webcast will have a Live Q&A
  • Excel at Your Security Assessments Without EXCEL Spreadsheets Recorded: Sep 13 2016 61 mins
    Tim White, Director of Product Management, Qualys and Hariom Singh, Subject Matter Expert, Qualys
    Third-parties, partners and vendors with access to your networks and data make your organization vulnerable to breaches. Clearly, your business needs to work with third parties, but you don’t want your company to fall victim to data theft, brand damage, and possible government fines as a result, so you have to take third-party and vendor assessment very seriously.

    With Qualys Security Assessment Questionnaire (SAQ) you can expand the scope of risk and compliance data beyond technical vulnerabilities to verify that third-party vendors are in compliance with emerging regulatory requirements. By automating a traditionally manual process, Qualys SAQ frees you from unreliable and labor-intensive approaches such as email and spreadsheets.

    Join our complimentary webcast to learn how Qualys SAQ can help with:

    * Third-Party risk assessment
    * Internal Audit Management
    * Security Training and Awareness
    * End-to-End security compliance

    This webcast includes a live demo and a Q&A.
  • Improving on "Whack-a-Mole" Vulnerability Management Recorded: Aug 18 2016 50 mins
    Joseph Blankenship Senior Analyst, Forrester & Jimmy Graham Director, Product Management, Qualys
    The need to prioritize vulnerability management (VM) is greater than ever as IT security teams become overwhelmed with trying to protect against every threat that pops up. Organizations that understand the varying risks across vulnerabilities can focus on resolving dangerous exploitation, and avoid wasting crucial time addressing insignificant ones.

    We invite you to attend the “Improving on 'Whack-a-Mole' Vulnerability Management” webcast featuring guest speaker Joseph Blankenship, Senior Analyst at Forrester, and Jimmy Graham, Director of Product Management at Qualys.

    The following topics will be discussed during the webcast:

    * Forrester data trends and insights from real-world client scenarios

    * Why vulnerability management needs to be prioritized and elevated

    * How Qualys ThreatPROTECT shows you what to remediate first (led by Qualys)

    This webcast includes a live Q&A.
  • Prioritize and Remediate your Vulnerabilities with Qualys ThreatPROTECT Recorded: Jun 23 2016 61 mins
    Wolfgang Kandek, CTO, Qualys and Tim White Director, Product Management, Qualys
    Dealing with a large number of IT vulnerabilities is an issue for most organizations. Only 10 Common Vulnerabilities and Exposures (CVEs) account for 97% of the exploits*. Clearly, it is vital for you to identify which of your vulnerabilities are the most critical to address first with fast, effective remediation.

    Qualys’ newest solution ThreatPROTECT correlates vulnerability data with a Live Threat Intelligence Feed from multiple industry sources, providing customers with an easy-to-understand dashboard that provides clear insight into which vulnerabilities to fix first.

    During this webcast presenters Wolfgang Kandek, and Tim White, will show you how you can use ThreatPROTECT to:

    * Quickly identify your most important assets and critical vulnerabilities

    * Prioritize remediation efforts so you know which vulnerabilities to tackle first

    * Eliminate the guesswork with real-time correlation of active threats

    This webcast includes a live demo and a Q&A.
  • Vulnerability Detection in Today's Mobile Workforce Recorded: May 17 2016 60 mins
    Corey Reed, Sr. Information Security Analyst, Synovus Bank and Wolfgang Kandek, CTO, Qualys
    As a security professional, getting to know your current vulnerability data from your mobile workforce is a difficult task. If the mobile devices are not on the network at the time of your scan, or if you do not schedule a scan for the devices specifically, your data could become out of date by weeks or even months.

    During this webcast, Corey Reed from Synovus Bank and Wolfgang Kandek from Qualys will discuss how Qualys Cloud Agent has helped Synovus Bank to:

    * Perform frequent vulnerability scans for all internal and external assets.

    * Receive faster notification and remediation for zero day and critical threats.

    * Improve their vulnerability analysis and security patching programs by providing data that can be used to prioritize patch distribution.
  • Detect All Your IT Assets in SECONDS Recorded: Apr 5 2016 59 mins
    Wolfgang Kandek, CTO, Qualys
    The foundation of security is control. But how do you control what you can't search?

    A huge hurdle to protecting your network is knowing exactly what devices are connected. It’s increasingly difficult for organizations to know what IT assets exist in their environment, where they’re located, who manages them and their associated security risks.

    Learn how Qualys AssetView quickly gives your IT and security teams a complete, accurate view of all IT assets in your environment via your favorite web browser.

    Reserve your seat for this webcast so you can discover how to:

    * Run instant queries that return results in seconds
    * Search for OS and App configuration information on all your assets for fast, accurate and actionable data
    * Get a unified view of your IT and Security data
  • Visibility and Actionable Data Across Millions of IT Assets in Seconds Recorded: Feb 23 2016 59 mins
    Wolfgang Kandek, CTO, Qualys and Tim White, Director of Product Management, Qualys
    Knowing what IT assets you have and how to protect them is increasingly a challenge as globalization, virtualization and mobile assets create new endpoints and new opportunities for hackers to infiltrate. Now you can move beyond traditional scanner-based approaches to strengthen endpoint security with a free solution from Qualys.

    Discover how the Qualys AssetView gives you a fast, actionable view of all IT assets while helping to:

    > Gain comprehensive, scalable and always up-to-date view of endpoints — with continuously updated inventory of asset details, scaling to millions of assets

    > Deliver fast, accurate and actionable data — with a new layer of intelligence into the current state of endpoints, including details about services, file systems and registries as well as information to manage and secure systems

    > Minimize impact on systems and networks — by keeping itself lightweight and up-to-date to eliminate the need to reboot

    > Handle virtualized environments with ease — by keeping track of the constant proliferation of images inside and outside of the environment
  • Mastering Vulnerability Management with A Risk-based Approach Recorded: Jan 27 2016 63 mins
    John Haberland Dir. Strategic Alliances, Qualys and Syed Abdur Rahman Sr. Product Manager, Brinqa
    To effectively prioritize and remediate the most critical vulnerabilities threatening your organization, you need to combine internal asset risk evaluation with external real-time exploit and threat intelligence to create the most accurate picture of incidence and impact.

    Join this webcast to learn how Qualys and Brinqa provide all the tools you need to dramatically improve the effectiveness and performance of your vulnerability management program, including :

    * Leveraging asset risk and context during vulnerability prioritization

    * Effective remediation through automated, risk-centric remediation policies

    * Business risk and exposure reporting for primary stakeholders
IT Security Best Practices and Resources
Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.

Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Applying Actionable Threat Intelligence to your Vulnerability Management Program
  • Live at: Sep 24 2015 1:00 pm
  • Presented by: Damian O'Hara from Qualys, David French from Kenna Security
  • From:
Your email has been sent.
or close