Hi [[ session.user.profile.firstName ]]

Unpacking the CVEs in the FireEye Breach

Understanding the behaviors and attributes of the CVEs leveraged by stolen FireEye Red Team assessment tools is key to both attack prevention and response. In this webinar, Qualys research and product experts will analyze the riskiest CVEs. We will share insights into the CVE behaviors to help operational security teams build defensive actions against the complex attack vectors involved, and we will walk through the threat attributes to help threat hunting teams take defensive actions against adversaries.

Finally, we will show how Qualys solutions can help you develop a plan to reduce exposure from these CVEs.

In this workshop, we will discuss :

- Key CVEs used by the FireEye Red Team assessment tools
- How Qualys VMDR and EDR help organizations identify vulnerable assets
- The Qualys patch management solution to remediate vulnerabilities
- How to isolate compromised systems based on indicators of compromise
Recorded Feb 4 2021 56 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Qualys threat research and product experts Anand Paturi, Eran Livne and Travis Smith.
Presentation preview: Unpacking the CVEs in the FireEye Breach
  • Channel
  • Channel profile
  • Seamlessly Expand Vulnerability & Patch Management to Enterprise Mobile Devices Mar 10 2021 6:00 pm UTC 60 mins
    Swapnil Ahirrao, Product Manager, Mobile Security and Shailesh Athalye, VP, Compliance Solutions at Qualys.
    With organizations rapidly adopting mobile technology in nearly all business functions, mobile devices are not only storing critical data but also connecting to corporate networks to access internal assets, data and apps.

    This adoption is increasing the risk of:

    - Data exposure and exfiltration through unauthorized access
    - Attacks that penetrate organizations' internal networks via vulnerabilities & misconfigurations on Android & iOS devices.

    Traditional vulnerability management tools fail to provide security in this environment because they lack visibility off the network, i.e. to mobile devices. While a Mobile Device Management (MDM) approach provides ‘policy-based prevention’, it does not assess the latest vulnerabilities or correlate vulnerabilities to mobile app updates.

    In this webinar, we'll show how Qualys VMDR for Mobile Devices expands the FedRAMP-authorized Qualys Cloud Platform to provide security teams a single console to secure all Android, iOS and iPadOS devices across the enterprise.

    Mobile security experts will demonstrate:

    - Comprehensive visibility of mobile devices connecting inside your network, with critical data points such as device type, OS version, installed apps, EOL status, device location, CA certificates, and more
    - Continuous assessment of device, OS, app, and network vulnerabilities using the industry's most comprehensive signature database and automated correlation of vulnerabilities to app updates
    - Expansion of your vulnerability management program with continuous monitoring of critical mobile device configurations based on NSA guidelines.
    - Remote ‘over-the-air' actions such as locking the device, changing its passcode, de-enrolling the device or uninstalling risky apps, along with seamless patch orchestration to deploy the latest app versions from Google App store.
  • Speeding SaaS Cybersecurity Policy to Implementation Mar 3 2021 6:00 pm UTC 60 mins
    Adam Montville, Chief Product Architect, Center for Internet Security (CIS) & Shailesh Athalye, VP, Compliance Solutions
    As enterprises rapidly adopt SaaS applications, blind spots have developed as traditional security policies, controls guidance, and tools don't provide the benchmarks or visibility IT and security teams need to protect them. While some have looked at cloud access security broker (CASB) solutions to fill the need, these solutions only broker the access based on the perimeter and don't provide a continuous, holistic approach into risk and compliance.

    In this webinar, CIS will discuss the importance of SaaS security and the value provided by security guidelines like the CIS Benchmarks, consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more. Qualys will introduce SaaS Detection and Response (SaaSDR), which allows IT administrators to manage their critical SaaS security and validate policy against the CIS Benchmarks for Google Workspace, Microsoft Office 365, Salesforce.com, and Zoom.

    CIS experts will cover:

    - Balancing trust and risk when using SaaS applications
    - Securing critical workflows within an expanding boundary of responsibility
    - Creating policy assurance with consensus-based security best practices
    - How automated monitoring brings policy to life

    Qualys experts will demo how SaaSDR addresses:

    - User and device visibility
    - Data exposure monitoring
    - Application data insights for risk assessment
    - Continuous security posture & compliance monitoring
  • New Unauthenticated and Agent-Based Scan Merging Capabilities in Qualys VMDR Recorded: Feb 17 2021 49 mins
    Spencer Brown, Security Solutions Architect at Qualys
    While vulnerability scanning has evolved significantly over the past few decades, the fundamental goal remains the same: to identify vulnerabilities accurately, assess the risk, and prioritize and remediate them before they get exploited by an attacker.

    It is easier said than done. There are multiple ways to scan an asset, for example authenticated vs. unauthenticated scans or agent-based vs. agentless, each with its own advantages. With multiple approaches, it can be difficult to link the vulnerability detections back to the asset, even more so when the key identifiers for the asset, like IP address, network card, and so on, have changed over its lifecycle.

    To address this challenge, Qualys is introducing exciting new platform technology to provide customers with a single unified view of vulnerabilities prioritized by risk.

    Join us on this webcast as we cover:

    - Vulnerability Scanning Challenges
    - Asset Identification Challenges
    - Vulnerability Prioritization with VMDR
    - New Qualys Platform Solution
    - Demo
  • Getting a Handle on Your EOL Software; the Overlooked Aspect of Cybersecurity Recorded: Feb 9 2021 55 mins
    Edward Rossi, VP Product Management, Asset Inventory and Discovery at Qualys.
    In this world of cybersecurity challenges, End of Life (EOL) software running in your environment creates concerns around unpatched vulnerabilities. It also introduces compatibility issues and increases support costs and the potential for downtime of crucial business apps. In this session, we'll examine how to identify, prioritize and manage your software lifecycles, including EOL, to maintain a healthy and secure software ecosystem. Most importantly, we'll hear from Newburyport Bank about how they gained visibility to and reduced the risk of EOL software.

    Specifically, we'll cover:

    - Challenges and concerns related to EOL software
    - Importance of establishing and maintaining a comprehensive software and hardware inventory
    - Benefits of actively managing software through the EOL lens
    - Tips to identify, prioritize and mitigate EOL software in your environment
    - Newburyport Bank’s case study on managing their EOL software
  • Unpacking the CVEs in the FireEye Breach Recorded: Feb 4 2021 56 mins
    Qualys threat research and product experts Anand Paturi, Eran Livne and Travis Smith.
    Understanding the behaviors and attributes of the CVEs leveraged by stolen FireEye Red Team assessment tools is key to both attack prevention and response. In this webinar, Qualys research and product experts will analyze the riskiest CVEs. We will share insights into the CVE behaviors to help operational security teams build defensive actions against the complex attack vectors involved, and we will walk through the threat attributes to help threat hunting teams take defensive actions against adversaries.

    Finally, we will show how Qualys solutions can help you develop a plan to reduce exposure from these CVEs.

    In this workshop, we will discuss :

    - Key CVEs used by the FireEye Red Team assessment tools
    - How Qualys VMDR and EDR help organizations identify vulnerable assets
    - The Qualys patch management solution to remediate vulnerabilities
    - How to isolate compromised systems based on indicators of compromise
  • CISO perspective: How IT asset inventory can reduce security and compliance risk Recorded: Jan 29 2021 63 mins
    Bill Kleyman, Contributing Editor, ITPro Today, Edward Rossi, VP, Product Mgmt, Qualys and Ben Carr, CISO at Qualys
    From an executive perspective, security design and risk tolerance have taken on new meaning. Distributed IT, remote workforces, and emerging digital requirements have all forced CISOs to look at security and compliance in a new light—one that heavily focuses on visibility into both IT and business functions. In this webinar, we'll examine today's IT landscape from a CISO perspective, exploring topics such as corporate-wide configuration management, how CISOs view security, and best practices for risk and compliance.

    Specific topics include:

    - Top IT challenges CISOs face today
    - Understanding risk, compliance, and IT visibility
    - The business impacts of IT asset inventory
    - Key points around visibility, configuration management, and integration
    - Best practices and advice from the field
  • Want to Better Manage and Secure Your IT Assets? Start With IT Inventory Recorded: Jan 22 2021 57 mins
    Bill Kleyman, Contributing Editor, ITPro Today and Pablo Quiroga, Director, Product Management, IT Asset Management, Qualys
    Rapid digitalization has forced companies to rethink how to best manage their IT assets. Especially when those assets now include software, licensing, certificates, and even SaaS applications. Aside from better visibility, knowing what’s in your global IT environment is fundamental to security. With more people working remotely, questions arise such as how do you manage cloud instances? How do you control physical and logical asset inventory? And will you lose sight of IT management as your company grows?

    In this webinar, we'll dive into how IT visibility has shifted amid the pandemic, emerging challenges for both IT administrators and technology leaders, and how IT inventory can help. Specific topics include:

    - The changing IT asset landscape
    - Understanding the speed of change: SaaS, virtualization, IoT, and more
    - How to reduce pressure on IT with automation and better security
    - Final thoughts and best practices
  • Qualys Advisory Webcast: Mitigate Solorigate/SUNBURST and FireEye compromises Recorded: Dec 24 2020 52 mins
    Mehul Revankar, VP PM & Engg. for VMDR and Travis Smith, Dir., Malware Threat Research at Qualys
    Qualys invites you to join a webcast where the Qualys' Vulnerability and Malware Research Team will discuss the recent Solorigate/SUNBURST attack and outline steps organizations can take to identify vulnerable assets, isolate compromised systems, and remediate them with patching and mitigation actions.

    The webcast will cover:

    - The key elements of the Solorigate/SUNBURST attack chain and its impact
    - Key indicators of compromise
    - Analysis of the data from the Qualys Research Team
    - Steps organizations can take to immediately mitigate the risk
    - A live demo of best practices response using Qualys solutions
    - Free 60-day access to Qualys service to detect, prioritize, and remediate vulnerable and compromised assets
  • Continuous Security for Hybrid IT Environments Recorded: Dec 17 2020 60 mins
    CIS’ Adam Montville, Chief Product Architect, & Michelle Peterson, Benchmarks Owner and Hariom Singh Dir, Compliance, Qualys
    IT infrastructure is becoming increasingly hybrid, organizations not only have on-premises datacenter hosts and applications, but they also have cloud-based workloads and instances. IT DevOps teams are leveraging containerized environments and emerging technologies. To stay ahead of the changing threat landscape, security teams need to adapt their cybersecurity practices to shift left and build security in, and not bolt it on.

    In this webinar, CIS Chief Product Architect, Adam Montville, and CIS Benchmarks Product Owner, Michelle Peterson, from the Center for Internet Security, will focus on how CIS Benchmarks help organizations improve cybersecurity by implementing security controls and recommendations that are a foundation of security hygiene. Hariom Singh, Director, Product Management, Compliance Solutions for Qualys, will discuss how organizations can implement proactive best practices at scale for real-time inventory, security hygiene, and contextual prioritization of threats to ultimately reduce time to remediation.
  • Transitioning your SecureWorks VM Account to Qualys VMDR® Recorded: Nov 12 2020 61 mins
    Karun Malik, VP Strategic Alliances and Channel Development and Dragos Josanu, Director, Channel Sales at Qualys
    Thank you for being a valued Qualys customer. We are extending your subscription by two weeks to give you time to learn about our latest solutions, including Qualys VMDR and Multi-Vector EDR.

    We'd like to invite you to a live session highlighting these latest solutions on Thursday, Nov 12 at 9 am PST. The speakers – Karun Malik, Qualys VP of Strategic Alliances and Channel Development, and Dragos Josanu, Qualys Director of Channel Sales – will explain how:

    - Qualys VMDR helps you discover, assess, prioritize, and patch critical vulnerabilities in real time across your global hybrid-IT landscape — all from a single solution.
    - Qualys Multi-Vector EDR, our newest app, goes beyond traditional EDR solutions by providing prevention, detection and response across the entire attack lifecycle via a single agent.
  • Qualys Technical Series – Asset Inventory Tagging and Dashboards Recorded: Nov 12 2020 61 mins
    Kevin O'Keefe, Solution Architect at Qualys
    The November 2020 Qualys Tech Series walks you through best practices for managing asset tags and dashboards in Global IT Asset Inventory. We will also cover the migration from AssetView to Asset Inventory and how to ensure a smooth transition.

    This session will cover:

    - AssetView to Asset Inventory migration
    - Tagging vs. Asset Groups - best practices
    - Dynamic tagging - what are the possibilities?
    - Creating and editing dashboards for various use cases

    The Qualys Tech Series is a monthly technical discussion focusing on useful topics and best practices with Qualys. Each session includes a live Q&A – please post your questions during the session and we will do our best to answer them all.
  • Remediation in Practice – Closing the gap with Patch Management Recorded: Oct 27 2020 32 mins
    Giorgio Gheri, Chief Technical Security Officer and Predashen Nair, Group Manager, Infrastructure Services at SPAR Group.
    Securing IT requires a complete remediation cycle that goes beyond vulnerability management to include patch deployment as well. Qualys patch management functionality automatically proposes the appropriate patches and deploys them in one click.

    Qualys invites you to join a webcast with Predashen Nair, Group Manager, Infrastructure Services at SPAR Group, the world’s largest food retail chain to discuss Qualys’ effective patch management solution, available stand-alone or as part of Qualys VMDR.

    Predashen will discuss how the integrated patch management functionality in Qualys simplifies operations, reduces cost, and enhances overall IT security.

    The webcast will cover:

    - How the integrated patch management functionality streamlines and accelerates vulnerability remediation
    - How Qualys proactive patch management, covering security and non-security patches, seamlessly fits into the SPAR environment
    - SPAR’s journey from selection of Qualys to implementation and results
  • Qualys Technical Series - Scanning Best Practices Recorded: Oct 15 2020 64 mins
    Joash Herbrink, Security Solution Architect at Qualys.
    Are you sure you're scanning all of your assets? Join the Technical Series with a Qualys Security Solution Architect to learn how vulnerability scans work and how to get the most out of them for your environment.

    This session will cover:

    - The anatomy of a Vulnerability Scan - The scan process (host discovery, port discovery, service discovery, vulnerability scan) and option profiles.
    - How to set up, use and troubleshoot Authentication Records.
    - Scanning strategies - Light Inventory vs Map, full-range vs targeted scanning, scanning cloud agent assets.
    - Scanning best practices - Firewalls, the natural enemy of vulnerability scanning, VLAN trunking, seamless scaling for scanner appliances.
  • Operationalize your CMDB with continuous, up-to-date Global IT Asset Inventory Recorded: Oct 6 2020 59 mins
    Qualys and ServiceNow
    Do you rely on manual discovery and asset classification? Is your CMDB inaccurate, incomplete or outdated?

    Asset management, service impact analysis, IT security and compliance are all at risk without accurate configuration data.

    In today’s digital environment, it is impossible to sustain those initiatives without a system in place to help monitor the underlying infrastructure, continuously assess risks and enable users to deliver business value.

    In this webinar:

    - Learn how to build a global IT asset inventory that is always up-to-date, automatically categorized and enriched in real time.
    - Discover the importance of continuously collecting rich telemetry for hardware and software configurations across on-premises, cloud, containers, remote endpoints, and even IoT.
    - Hear guest panelists share use cases and discuss how the integration helps them achieve business objectives.
    - Review the benefits of the certified Service Graph Connector program and get your questions answered.
  • From Discovery to Remediation with Qualys VMDR® - It's What Your Company Needs. Recorded: Sep 24 2020 57 mins
    Marco Rottigni, Chief Technical Security Officer at Qualys.
    Nordics/Benelux users take your Vulnerability Management to the next level.

    With the rise of hybrid infrastructure, the vulnerability management landscape is rapidly changing. Misaligned workflows and disparate toolsets and processes often hinder security and IT teams from remediating the right set of vulnerabilities to reduce cybersecurity risk.

    Marco Rottigni - Chief Technical Security Officer EMEA - will discuss these challenges and illustrate through a live demo why Qualys Vulnerability Management, Detection, and Response (VMDR®) represents an effective solution to augment visibility, empower prioritization and accelerate remediation at the speed of business, all through a single integrated solution.

    In the webinar, you will learn to:

    - Detect all assets across a hybrid network
    - Identify vulnerabilities and misconfigurations in real time
    - Automatically prioritize the riskiest vulnerabilities using advanced correlation and machine learning
    - Deploy the most relevant patches to instantly mitigate risk from critical vulnerabilities
  • Qualys Technical Series - Global IT Asset Inventory Recorded: Sep 10 2020 58 mins
    Ruben Franco, Security Solution Architect at Qualys
    Can you find all the assets on your network, both those you know about and those you don’t? And once you do, can you see the details of each asset such as their security and compliance posture? Qualys Global IT Asset Inventory offers this and much more. It reduces the asset management effort and provides a solid foundation for IT Security and Risk Management, because you can’t secure what you can’t see.

    During this webinar, we will explore how to:

    - Perform an accurate IT asset inventory in a complex hybrid environment
    - Use Qualys sensors as your ‘eyes on the network’
    - Continuously control and manage the inventory process through customizable dashboards
    - Leverage Qualys Global IT Asset Inventory to build an effective Vulnerability Management program

    Join us for this Qualys Technical Session and learn more about the free Global IT Asset Inventory app.
  • QRadar users, take your VM program to the next level with real-time visibility Recorded: Aug 26 2020 56 mins
    Mehul Revankar, VP, Product Management & Engineering for VMDR at Qualys.
    Qualys invites you to join a webcast with IBM to discuss Qualys’ Vulnerability Management, Detection and Response (VMDR®) integration with IBM QRadar.

    This integration provides you with the ability to automatically create your global IT asset inventory, detect and prioritize vulnerabilities and misconfigurations as well as handling remediation all without leaving the SIEM. The native integration brings the visibility necessary to better handle security and compliance incidents thus maximizing your investment in QRadar.

    The webcast will cover:

    The key elements of a Modern Vulnerability Management program.
    The simplicity of deploying, at scale, Qualys VMDR including how it:
    - Enriches QRadar with Qualys Asset Inventory, vulnerability and security telemetry to provide you with 360° visibility from within QRadar.
    - Delivers an all-in-one Vulnerability Management, Detection, and Response solution fully integrated with QRadar.
    Provides syncing and storing of all vulnerability detections directly against the assets in QRadar.
    The value of the Qualys IBM X-Force Red partnership.
  • Qualys Technical Series - Certificate Monitoring and Mgmt in the 21st Century Recorded: Aug 20 2020 44 mins
    Joash Herbrink, Security Solution's Architect at Qualys
    Managing certificates still remains one of the biggest challenges modern organizations face. This is especially worrying given the dependency on digital certificates continues to grow at a rapid pace.

    Getting insight into ALL your digital certificates in a single place (not a spreadsheet) would be a massive gain for most organizations.

    Qualys has you covered here, and provides extensive inventory, monitoring and vulnerability assessments of all certificates inside your organizations, using all the Qualys sensors you have already deployed.

    Join us for this short but insightful web session to see what we can do for you today.

    See how to:

    - Create the inventory
    - Assess the spread of certificates inside and outside
    - Identify weak certificates
    - Renew certificates
  • EDR Live: Bringing the Unifying Power of the Qualys Cloud Platform to EDR Recorded: Jul 29 2020 90 mins
    Philippe Courtot, Sumedh Thakar, Ben Carr and Vishal Salvi
    It is our pleasure to invite you to EDR Live – the unveiling of our new Multi-Vector EDR solution that brings the unifying power of our cloud platform to EDR. As you will see and hear, our multi-vector approach to EDR not only allows for the reduction of false positives but also makes it easier to automate the response and greatly reduce the response time and costs.


    11:00 - Introduction by Philippe Courtot, Chairman & CEO
    11:05 - Bringing the Unifying Power of the Qualys Cloud Platform to EDR, by Sumedh Thakar,
    President and Chief Product Officer
    - The Unifying Power of the Qualys Cloud Platform
    - Introducing Qualys Multi-Vector EDR Overview and Threat Hunting Demo
    - XDR the Next Frontier
    12:00 - Live Q&A with Philippe Courtot, Chairman and CEO, Sumedh Thakar, President and Chief Product Officer, Ben Carr, Chief Information Security Officer, Vishal Salvi, CISO and Head of Cybersecurity Practice, Infosys Ltd.

    As an app built natively on the Qualys Cloud Platform, Qualys Multi-Vector EDR leverages its power, scale and accuracy to provide unprecedented visibility and telemetry by collecting security data from endpoints, adding context and correlating billions of global events with threat intelligence, analytics and machine learning. Qualys Multi-Vector EDR not only stops sophisticated multi-vector attacks, but it also automatically orchestrates the appropriate response for faster and effective protection.
  • Qualys Technical Series: Principles of Cloud Security Automation Recorded: Jul 9 2020 36 mins
    Ian Glennon, Security Architect at Qualys
    Cloud computing has changed the dynamic of how assets and workloads are designed, implemented and provisioned. It also brings new security challenges including an increased focus on DevOps and rapid deployment cycles.

    This webinar will:

    - Demonstrate how to leverage existing automation tools to integrate Qualys into your EC2 pipelines
    - Review cloud computing security challenges
    - Show how Qualys APIs can be used to automate key tasks
    - Help you discover scripts, cloud formation templates and other automation resources on the Qualys Github
IT Security Best Practices and Resources
Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.

Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Unpacking the CVEs in the FireEye Breach
  • Live at: Feb 4 2021 6:00 pm
  • Presented by: Qualys threat research and product experts Anand Paturi, Eran Livne and Travis Smith.
  • From:
Your email has been sent.
or close