Hi [[ session.user.profile.firstName ]]

Continuous Security for Hybrid IT Environments

IT infrastructure is becoming increasingly hybrid, organizations not only have on-premises datacenter hosts and applications, but they also have cloud-based workloads and instances. IT DevOps teams are leveraging containerized environments and emerging technologies. To stay ahead of the changing threat landscape, security teams need to adapt their cybersecurity practices to shift left and build security in, and not bolt it on.

In this webinar, CIS Chief Product Architect, Adam Montville, and CIS Benchmarks Product Owner, Michelle Peterson, from the Center for Internet Security, will focus on how CIS Benchmarks help organizations improve cybersecurity by implementing security controls and recommendations that are a foundation of security hygiene. Hariom Singh, Director, Product Management, Compliance Solutions for Qualys, will discuss how organizations can implement proactive best practices at scale for real-time inventory, security hygiene, and contextual prioritization of threats to ultimately reduce time to remediation.
Recorded May 19 2020 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
CIS’ Adam Montville, Chief Product Architect, & Michelle Peterson, Benchmarks Owner and Hariom Singh Dir, Compliance, Qualys
Presentation preview: Continuous Security for Hybrid IT Environments
  • Channel
  • Channel profile
  • Preventing Ransomware Attacks in the Age of Covid-19 Apr 20 2021 5:00 pm UTC 58 mins
    Mehul Revankar, Qualys VP Product Mgmt and Eng, VMDR. Guest speaker, Brian Kime, Security & Risk Senior Analyst at Forrester
    News of ransomware attacks hits the headlines on a near-daily basis, so it is no surprise that ransomware attacks increased over the past year. They’ve also become more dangerous as attackers target and encrypt growing amounts of data, and ransom demands skyrocket. Yet, despite the visibility, risks and increasing costs, organizations aren’t taking some of the basic precautions to protect themselves from attacks, such as remediating key known vulnerabilities.

    Speakers Brian Kime, Security and Risk Senior Analyst at Forrester and Mehul Revankar, VP of Product Management and Engineering at Qualys will discuss the current state of ransomware and prevention techniques including:

    - Latest threat vectors with an emphasis on ransomware attack vectors
    - Examples of ransomware attacks that exploited specific vulnerabilities
    - How to harden systems as temporary risk mitigation where immediate patching is not possible

    Mehul will also address how to discover, assess and patch critical vulnerabilities with Qualys VMDR.
  • This Month in Patches Recorded: Apr 15 2021 51 mins
    Eran Livne, Dir, Product Mgmt, Endpoint Remediation & Anand Paturi, Principal Research Analyst, Threat Prioritization
    Join Qualys' Research and Product Team for a discussion of this month's high-impact vulnerabilities, including those that were part of April's Microsoft Patch Tuesday. We will walk you through the steps to quickly identify vulnerable assets and remediate them with Qualys Patch Management.

    We will cover:

    - The significant vulnerabilities published this month
    - Qualys Research Team's analysis of the most critical vulnerabilities
    - An action plan for quickly identifying and remediating vulnerabilities
  • Qualys Technical Series – Reaching Maximum Efficiency with VM Scans Recorded: Apr 8 2021 51 mins
    Ian Glennon, Security Architect at Qualys
    Are your scans working at maximum efficiency? Join our Senior Security Architect to learn the arts of effective scanning with Qualys VMDR. We’ll show you how it works and how to make scans more productive in your environment.

    This session with cover:

    - How to set up, use and troubleshoot authentication records and password vaults
    - Authenticated scanning – privileges, root delegation and executed commands
    - Scanning through a firewall and why it is not recommended
    - Scanning vs. Endpoint Agent – should you use both?
  • Mitigate the Risk of Microsoft Exchange ProxyLogon Vulnerabilities Recorded: Mar 12 2021 30 mins
    Qualys threat research and product experts Anand Paturi and Eran Livne
    As authorities have issued emergency directives to mitigate the ‘widespread domestic and international exploitation of Microsoft Exchange Server vulnerabilities’, Qualys invites you to join a webcast where the Qualys Vulnerability Research Team will discuss the impact of the ProxyLogon vulnerability in Microsoft Exchange servers around the globe. We will outline the steps organizations need to take immediately to assess and address these high-priority vulnerabilities.

    The webinar will cover:

    - The key elements of the ProxyLogon zero-day vulnerability in Microsoft Exchange servers and its impact
    - How to identify vulnerable Exchange environments, track them for missing patches, and remediate them with patching
    - How to harden them as temporary risk mitigation where immediate patching is not possible
    - Key indicators of compromise and how to detect and respond to them
    - Analysis of the data from the Qualys Vulnerability Research Team

    The Qualys team will also talk about the new free 60-day service to detect, prioritize, and patch vulnerable Exchange servers, and to detect environments missing compensating controls.
  • Seamlessly Expand Vulnerability & Patch Management to Enterprise Mobile Devices Recorded: Mar 10 2021 40 mins
    Swapnil Ahirrao, Product Manager, Mobile Security and Shailesh Athalye, VP, Compliance Solutions at Qualys.
    With organizations rapidly adopting mobile technology in nearly all business functions, mobile devices are not only storing critical data but also connecting to corporate networks to access internal assets, data and apps.

    This adoption is increasing the risk of:

    - Data exposure and exfiltration through unauthorized access
    - Attacks that penetrate organizations' internal networks via vulnerabilities & misconfigurations on Android & iOS devices.

    Traditional vulnerability management tools fail to provide security in this environment because they lack visibility off the network, i.e. to mobile devices. While a Mobile Device Management (MDM) approach provides ‘policy-based prevention’, it does not assess the latest vulnerabilities or correlate vulnerabilities to mobile app updates.

    In this webinar, we'll show how Qualys VMDR for Mobile Devices expands the FedRAMP-authorized Qualys Cloud Platform to provide security teams a single console to secure all Android, iOS and iPadOS devices across the enterprise.

    Mobile security experts will demonstrate:

    - Comprehensive visibility of mobile devices connecting inside your network, with critical data points such as device type, OS version, installed apps, EOL status, device location, CA certificates, and more
    - Continuous assessment of device, OS, app, and network vulnerabilities using the industry's most comprehensive signature database and automated correlation of vulnerabilities to app updates
    - Expansion of your vulnerability management program with continuous monitoring of critical mobile device configurations based on NSA guidelines.
    - Remote ‘over-the-air' actions such as locking the device, changing its passcode, de-enrolling the device or uninstalling risky apps, along with seamless patch orchestration to deploy the latest app versions from Google App store.
  • Speeding SaaS Cybersecurity Policy to Implementation Recorded: Mar 3 2021 61 mins
    Adam Montville, Chief Product Architect, Center for Internet Security (CIS) & Shailesh Athalye, VP, Compliance Solutions
    As enterprises rapidly adopt SaaS applications, blind spots have developed as traditional security policies, controls guidance, and tools don't provide the benchmarks or visibility IT and security teams need to protect them. While some have looked at cloud access security broker (CASB) solutions to fill the need, these solutions only broker the access based on the perimeter and don't provide a continuous, holistic approach into risk and compliance.

    In this webinar, CIS will discuss the importance of SaaS security and the value provided by security guidelines like the CIS Benchmarks, consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more. Qualys will introduce SaaS Detection and Response (SaaSDR), which allows IT administrators to manage their critical SaaS security and validate policy against the CIS Benchmarks for Google Workspace, Microsoft Office 365, Salesforce.com, and Zoom.

    CIS experts will cover:

    - Balancing trust and risk when using SaaS applications
    - Securing critical workflows within an expanding boundary of responsibility
    - Creating policy assurance with consensus-based security best practices
    - How automated monitoring brings policy to life

    Qualys experts will demo how SaaSDR addresses:

    - User and device visibility
    - Data exposure monitoring
    - Application data insights for risk assessment
    - Continuous security posture & compliance monitoring
  • New Unauthenticated and Agent-Based Scan Merging Capabilities in Qualys VMDR Recorded: Feb 17 2021 49 mins
    Spencer Brown, Security Solutions Architect at Qualys
    While vulnerability scanning has evolved significantly over the past few decades, the fundamental goal remains the same: to identify vulnerabilities accurately, assess the risk, and prioritize and remediate them before they get exploited by an attacker.

    It is easier said than done. There are multiple ways to scan an asset, for example authenticated vs. unauthenticated scans or agent-based vs. agentless, each with its own advantages. With multiple approaches, it can be difficult to link the vulnerability detections back to the asset, even more so when the key identifiers for the asset, like IP address, network card, and so on, have changed over its lifecycle.

    To address this challenge, Qualys is introducing exciting new platform technology to provide customers with a single unified view of vulnerabilities prioritized by risk.

    Join us on this webcast as we cover:

    - Vulnerability Scanning Challenges
    - Asset Identification Challenges
    - Vulnerability Prioritization with VMDR
    - New Qualys Platform Solution
    - Demo
  • Getting a Handle on Your EOL Software; the Overlooked Aspect of Cybersecurity Recorded: Feb 9 2021 55 mins
    Edward Rossi, VP Product Management, Asset Inventory and Discovery at Qualys.
    In this world of cybersecurity challenges, End of Life (EOL) software running in your environment creates concerns around unpatched vulnerabilities. It also introduces compatibility issues and increases support costs and the potential for downtime of crucial business apps. In this session, we'll examine how to identify, prioritize and manage your software lifecycles, including EOL, to maintain a healthy and secure software ecosystem. Most importantly, we'll hear from Newburyport Bank about how they gained visibility to and reduced the risk of EOL software.


    Specifically, we'll cover:

    - Challenges and concerns related to EOL software
    - Importance of establishing and maintaining a comprehensive software and hardware inventory
    - Benefits of actively managing software through the EOL lens
    - Tips to identify, prioritize and mitigate EOL software in your environment
    - Newburyport Bank’s case study on managing their EOL software
  • Unpacking the CVEs in the FireEye Breach Recorded: Feb 4 2021 56 mins
    Qualys threat research and product experts Anand Paturi, Eran Livne and Travis Smith.
    Understanding the behaviors and attributes of the CVEs leveraged by stolen FireEye Red Team assessment tools is key to both attack prevention and response. In this webinar, Qualys research and product experts will analyze the riskiest CVEs. We will share insights into the CVE behaviors to help operational security teams build defensive actions against the complex attack vectors involved, and we will walk through the threat attributes to help threat hunting teams take defensive actions against adversaries.

    Finally, we will show how Qualys solutions can help you develop a plan to reduce exposure from these CVEs.

    In this workshop, we will discuss :

    - Key CVEs used by the FireEye Red Team assessment tools
    - How Qualys VMDR and EDR help organizations identify vulnerable assets
    - The Qualys patch management solution to remediate vulnerabilities
    - How to isolate compromised systems based on indicators of compromise
  • CISO perspective: How IT asset inventory can reduce security and compliance risk Recorded: Jan 29 2021 63 mins
    Bill Kleyman, Contributing Editor, ITPro Today, Edward Rossi, VP, Product Mgmt, Qualys and Ben Carr, CISO at Qualys
    From an executive perspective, security design and risk tolerance have taken on new meaning. Distributed IT, remote workforces, and emerging digital requirements have all forced CISOs to look at security and compliance in a new light—one that heavily focuses on visibility into both IT and business functions. In this webinar, we'll examine today's IT landscape from a CISO perspective, exploring topics such as corporate-wide configuration management, how CISOs view security, and best practices for risk and compliance.

    Specific topics include:

    - Top IT challenges CISOs face today
    - Understanding risk, compliance, and IT visibility
    - The business impacts of IT asset inventory
    - Key points around visibility, configuration management, and integration
    - Best practices and advice from the field
  • Want to Better Manage and Secure Your IT Assets? Start With IT Inventory Recorded: Jan 22 2021 57 mins
    Bill Kleyman, Contributing Editor, ITPro Today and Pablo Quiroga, Director, Product Management, IT Asset Management, Qualys
    Rapid digitalization has forced companies to rethink how to best manage their IT assets. Especially when those assets now include software, licensing, certificates, and even SaaS applications. Aside from better visibility, knowing what’s in your global IT environment is fundamental to security. With more people working remotely, questions arise such as how do you manage cloud instances? How do you control physical and logical asset inventory? And will you lose sight of IT management as your company grows?

    In this webinar, we'll dive into how IT visibility has shifted amid the pandemic, emerging challenges for both IT administrators and technology leaders, and how IT inventory can help. Specific topics include:

    - The changing IT asset landscape
    - Understanding the speed of change: SaaS, virtualization, IoT, and more
    - How to reduce pressure on IT with automation and better security
    - Final thoughts and best practices
  • Qualys Advisory Webcast: Mitigate Solorigate/SUNBURST and FireEye compromises Recorded: Dec 24 2020 52 mins
    Mehul Revankar, VP PM & Engg. for VMDR and Travis Smith, Dir., Malware Threat Research at Qualys
    Qualys invites you to join a webcast where the Qualys' Vulnerability and Malware Research Team will discuss the recent Solorigate/SUNBURST attack and outline steps organizations can take to identify vulnerable assets, isolate compromised systems, and remediate them with patching and mitigation actions.

    The webcast will cover:

    - The key elements of the Solorigate/SUNBURST attack chain and its impact
    - Key indicators of compromise
    - Analysis of the data from the Qualys Research Team
    - Steps organizations can take to immediately mitigate the risk
    - A live demo of best practices response using Qualys solutions
    - Free 60-day access to Qualys service to detect, prioritize, and remediate vulnerable and compromised assets
  • Continuous Security for Hybrid IT Environments Recorded: Dec 17 2020 60 mins
    CIS’ Adam Montville, Chief Product Architect, & Michelle Peterson, Benchmarks Owner and Hariom Singh Dir, Compliance, Qualys
    IT infrastructure is becoming increasingly hybrid, organizations not only have on-premises datacenter hosts and applications, but they also have cloud-based workloads and instances. IT DevOps teams are leveraging containerized environments and emerging technologies. To stay ahead of the changing threat landscape, security teams need to adapt their cybersecurity practices to shift left and build security in, and not bolt it on.

    In this webinar, CIS Chief Product Architect, Adam Montville, and CIS Benchmarks Product Owner, Michelle Peterson, from the Center for Internet Security, will focus on how CIS Benchmarks help organizations improve cybersecurity by implementing security controls and recommendations that are a foundation of security hygiene. Hariom Singh, Director, Product Management, Compliance Solutions for Qualys, will discuss how organizations can implement proactive best practices at scale for real-time inventory, security hygiene, and contextual prioritization of threats to ultimately reduce time to remediation.
  • Transitioning your SecureWorks VM Account to Qualys VMDR® Recorded: Nov 12 2020 61 mins
    Karun Malik, VP Strategic Alliances and Channel Development and Dragos Josanu, Director, Channel Sales at Qualys
    Thank you for being a valued Qualys customer. We are extending your subscription by two weeks to give you time to learn about our latest solutions, including Qualys VMDR and Multi-Vector EDR.

    We'd like to invite you to a live session highlighting these latest solutions on Thursday, Nov 12 at 9 am PST. The speakers – Karun Malik, Qualys VP of Strategic Alliances and Channel Development, and Dragos Josanu, Qualys Director of Channel Sales – will explain how:

    - Qualys VMDR helps you discover, assess, prioritize, and patch critical vulnerabilities in real time across your global hybrid-IT landscape — all from a single solution.
    - Qualys Multi-Vector EDR, our newest app, goes beyond traditional EDR solutions by providing prevention, detection and response across the entire attack lifecycle via a single agent.
  • Qualys Technical Series – Asset Inventory Tagging and Dashboards Recorded: Nov 12 2020 61 mins
    Kevin O'Keefe, Solution Architect at Qualys
    The November 2020 Qualys Technical Series walks you through best practices for managing asset tags and dashboards in Global IT Asset Inventory. We will also cover the migration from AssetView to Asset Inventory and how to ensure a smooth transition.

    This session will cover:

    - AssetView to Asset Inventory migration
    - Tagging vs. Asset Groups - best practices
    - Dynamic tagging - what are the possibilities?
    - Creating and editing dashboards for various use cases

    The Qualys Tech Series is a monthly technical discussion focusing on useful topics and best practices with Qualys. Each session includes a live Q&A – please post your questions during the session and we will do our best to answer them all.
  • Remediation in Practice – Closing the gap with Patch Management Recorded: Oct 27 2020 32 mins
    Giorgio Gheri, Chief Technical Security Officer and Predashen Nair, Group Manager, Infrastructure Services at SPAR Group.
    Securing IT requires a complete remediation cycle that goes beyond vulnerability management to include patch deployment as well. Qualys patch management functionality automatically proposes the appropriate patches and deploys them in one click.

    Qualys invites you to join a webcast with Predashen Nair, Group Manager, Infrastructure Services at SPAR Group, the world’s largest food retail chain to discuss Qualys’ effective patch management solution, available stand-alone or as part of Qualys VMDR.

    Predashen will discuss how the integrated patch management functionality in Qualys simplifies operations, reduces cost, and enhances overall IT security.

    The webcast will cover:

    - How the integrated patch management functionality streamlines and accelerates vulnerability remediation
    - How Qualys proactive patch management, covering security and non-security patches, seamlessly fits into the SPAR environment
    - SPAR’s journey from selection of Qualys to implementation and results
  • Qualys Technical Series - Scanning Best Practices Recorded: Oct 15 2020 64 mins
    Joash Herbrink, Security Solution Architect at Qualys.
    Are you sure you're scanning all of your assets? Join the Technical Series with a Qualys Security Solution Architect to learn how vulnerability scans work and how to get the most out of them for your environment.

    This session will cover:

    - The anatomy of a Vulnerability Scan - The scan process (host discovery, port discovery, service discovery, vulnerability scan) and option profiles.
    - How to set up, use and troubleshoot Authentication Records.
    - Scanning strategies - Light Inventory vs Map, full-range vs targeted scanning, scanning cloud agent assets.
    - Scanning best practices - Firewalls, the natural enemy of vulnerability scanning, VLAN trunking, seamless scaling for scanner appliances.
  • Operationalize your CMDB with continuous, up-to-date Global IT Asset Inventory Recorded: Oct 6 2020 59 mins
    Qualys and ServiceNow
    Do you rely on manual discovery and asset classification? Is your CMDB inaccurate, incomplete or outdated?

    Asset management, service impact analysis, IT security and compliance are all at risk without accurate configuration data.

    In today’s digital environment, it is impossible to sustain those initiatives without a system in place to help monitor the underlying infrastructure, continuously assess risks and enable users to deliver business value.

    In this webinar:

    - Learn how to build a global IT asset inventory that is always up-to-date, automatically categorized and enriched in real time.
    - Discover the importance of continuously collecting rich telemetry for hardware and software configurations across on-premises, cloud, containers, remote endpoints, and even IoT.
    - Hear guest panelists share use cases and discuss how the integration helps them achieve business objectives.
    - Review the benefits of the certified Service Graph Connector program and get your questions answered.
  • From Discovery to Remediation with Qualys VMDR® - It's What Your Company Needs. Recorded: Sep 24 2020 57 mins
    Marco Rottigni, Chief Technical Security Officer at Qualys.
    Nordics/Benelux users take your Vulnerability Management to the next level.

    With the rise of hybrid infrastructure, the vulnerability management landscape is rapidly changing. Misaligned workflows and disparate toolsets and processes often hinder security and IT teams from remediating the right set of vulnerabilities to reduce cybersecurity risk.

    Marco Rottigni - Chief Technical Security Officer EMEA - will discuss these challenges and illustrate through a live demo why Qualys Vulnerability Management, Detection, and Response (VMDR®) represents an effective solution to augment visibility, empower prioritization and accelerate remediation at the speed of business, all through a single integrated solution.

    In the webinar, you will learn to:

    - Detect all assets across a hybrid network
    - Identify vulnerabilities and misconfigurations in real time
    - Automatically prioritize the riskiest vulnerabilities using advanced correlation and machine learning
    - Deploy the most relevant patches to instantly mitigate risk from critical vulnerabilities
  • Qualys Technical Series - Global IT Asset Inventory Recorded: Sep 10 2020 58 mins
    Ruben Franco, Security Solution Architect at Qualys
    Can you find all the assets on your network, both those you know about and those you don’t? And once you do, can you see the details of each asset such as their security and compliance posture? Qualys Global IT Asset Inventory offers this and much more. It reduces the asset management effort and provides a solid foundation for IT Security and Risk Management, because you can’t secure what you can’t see.

    During this webinar, we will explore how to:

    - Perform an accurate IT asset inventory in a complex hybrid environment
    - Use Qualys sensors as your ‘eyes on the network’
    - Continuously control and manage the inventory process through customizable dashboards
    - Leverage Qualys Global IT Asset Inventory to build an effective Vulnerability Management program

    Join us for this Qualys Technical Session and learn more about the free Global IT Asset Inventory app.
IT Security Best Practices and Resources
Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.

Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Continuous Security for Hybrid IT Environments
  • Live at: May 19 2020 5:00 pm
  • Presented by: CIS’ Adam Montville, Chief Product Architect, & Michelle Peterson, Benchmarks Owner and Hariom Singh Dir, Compliance, Qualys
  • From:
Your email has been sent.
or close