Name: Implementing an Attack Surface Management Program
Start: 2022-08-10T17:30:00Z
End: 2022-08-10T17:30:33.000Z
Location: BrightTALK
Rating: 4.3

Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.
 
Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on December 12, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of November 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, November 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, December 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on November 14, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of October 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, October 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, November 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on October 10, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of September 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, September 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, October 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on September 12, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of August 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, August 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, September 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on August 15, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of July 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, July 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, August 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on July 11, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of June 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, June 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, July 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on June 13, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of May 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, May 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, June 2024

Do you underscore your Written Information Security Plan (WISP) with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)? NIST just released version 2.0, the first major upgrade in a decade, that includes several new requirements. For example, a new GOVERN function requires CISOs and CHROs to be in sync on people risks. How will the new requirements impact security and HR teams to avoid security breaches, audit failures, and litigation?

Join security and compliance experts from USAA and Qualys for an informative webinar on Tuesday, May 29 at 8 AM PT as they discuss details about the new NIST CSF 2.0 requirements and how to avoid serious consequences. Here’s what you’ll learn from two Qualys FIM technical experts:

• How do NIST CSF 2.0 requirements differ from CSF 1.0?
• What is the new GOVERN function and how is HR now involved?
• How can you avoid people mistakes that lead to 99% of cloud security breaches?
• What are the four levels of CSF maturity, and how can you attain the top level?
• How can you implement solutions to meet all requirements and lower costs?

How Will NIST CSF 2.0 Impact Security and HR Teams?

A recent cybersecurity report predicted that the cost of cybercrime would reach $9.5 trillion in 2024 and exceed $10.5 trillion in 2025. This statistic highlights the crucial need to integrate cybersecurity into ITSM practices. This webinar, designed for I&O leaders, underscores the critical need for strategic alignment between IT and security teams to optimize resilience and minimize security risks across organizations. 
 
Key Takeaways: 

• Strategic Integration: Learn how to proactively incorporate cybersecurity practices within ITSM to bolster your organization’s defense mechanisms against emerging threats. 
• Collaboration and Communication: Discover strategies to bridge the communication and collaboration gaps between IT and security teams, ensuring a unified approach towards common goals. 
• Resource Optimization: Understand how to effectively manage and allocate resources, including manpower and technological tools, to enhance your security posture without compromising operational efficiency. 
• Risk Management: Explore continuous vulnerability risk management strategies to align IT operations with stringent security objectives, making your systems robust and less prone to attacks. 
 
Who Should Attend: IT and security leaders, I&O professionals, risk management officers, and anyone interested in learning about integrating cybersecurity practices into ITSM frameworks to achieve superior organizational resilience. 
 
Join us on May 28th to transform your ITSM practices by integrating cutting-edge cybersecurity measures, ensuring your organization stays one step ahead of cyber threats.

Craft a Unified Cybersecurity and ITSM Strategy

Unknown assets are hiding throughout the modern attack surface, and too many cybersecurity teams rely on disparate scanners and point solutions to find them. One for external scans. One that relies on API-connectors. And a CMDB that’s constantly missing asset records.

Join us for the introduction of CyberSecurity Asset Management 3.0—the ultimate consolidation of asset discovery and cyber risk assessment. Kunal Modasiya (VP of Product Management at Qualys) will demonstrate the power of versatile discovery and risk assessment beyond vulnerabilities, including:

• Consolidating internal and external discovery to include EASM attribution, built-in passive sensing for unmanaged devices on the network, and 3rd-party connectors to compliment Qualys sensors
• Isolating external attack surface risks with patent pending scanning technology to reduce false positives up to 60%
• Prioritizing risk beyond vulnerabilities to include end-of-support (EoS) software, risky open ports, and missing security controls
• Transforming the CMDB from out-of-date to up-to-date by syncing all assets (including external and IoT) to streamline IT-Security workflow and reduce MTTR by half

Eliminate the risk from unknown assets in your organization. Register today!

Eliminate the Risk of Unknown Assets with CyberSecurity Asset Management 3.0

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on May 16, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of April 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, April 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, May 2024

De-risk your IaaS and SaaS environments with one prioritised view so you can fix what matters most. 

Cybercriminals have sophisticated and targeted attack methods with ransomware, supply chain attacks, and zero-day exploits. Security teams struggle to keep up with these evolving threats and have conveyed the need for a unified Cloud Native Application Protection Platform (CNAPP), to address the challenges in converging and prioritising threat indicators from diverse sources such as Vulnerabilities, Misconfigurations, Malware detections and other prominent stages of the cyber kill chain. 

Join our cloud security specialists to learn how you can gain complete visibility to your environment, including: 

• Cloud Risk Insights: Fine-tuned approach to gain actionable insights and focus on the imminent risk, and effectively narrowing down on the most exploitable systems
• Real time threat detection and response using a well-trained Deep Learning AI 
• Cloud Workload Protection with Agent & Agentless techniques to detect vulnerabilities for OS and open-source software
• Detect and Remediate Cloud Misconfiguration from Build to Runtime 
 
Empower your security team to measure, communicate, and help eliminate risk across your multi-cloud environments through a unified platform approach.

Connecting the Dots, Correlating Security Risks for Smarter Defense

Unlock CMDB’s hidden potential for cybersecurity

Traditionally viewed as an IT operations tool, the CMDB has long been associated with tasks like tracking hardware and software assets, managing configuration changes, and facilitating IT service management. However, its potential as a security asset often goes overlooked.

Don’t miss this unique opportunity to learn why the CMDB deserves a prime spot in your cybersecurity strategy. You’ll hear industry experts offer their best advice on what security leaders need to know to protect their entire attack surface from growing threats and navigate beyond the traditional limitations of the CMDB.

Key topics:
- Beware Your EoL/EoS Tech Debt
- De-risking Your External Attack Surface
- Bringing ITOps & Security Together
- Asset Inventory Risk

Cyber Risk Series: Navigating the Broken CMDB

This webinar, aligning with the UK's National Cyber Security Centre (NCSC) guidelines, emphasizes the critical importance of collaboration between IT operations and security teams to protect organisations from cyber threats through effective vulnerability management by focusing on asset management, remediation strategies, and swift action within NCSC's recommended timelines of 5-7 days for remediation. 
 
Leveraging the Qualys platform, the session will demonstrate how integrating SecOps and IT operations can simplify the establishment of effective, timely update policies, fostering a unified approach that enhances an organization's cybersecurity posture by adhering to, and surpassing, recommended remediation schedules.
 
Join Kevin O’Keefe, Senior Security Solutions Architect at Qualys alongside Murat Dilek, Enterprise Network & Cybersecurity Team Leader at Falkirk Council, on April 30th as they discuss: 

•  Insights into the NCSC's five principles for effective vulnerability management 
•  Strategies for bridging the gap between IT operations and security teams 
•  Best practices for asset management, remediation, and policy updates 
•  An overview of Qualys' capabilities in automating and optimising VM processes 
•  Practical tips for implementing a comprehensive, unified VM program 

Don't miss this opportunity to elevate your organisation's vulnerability management strategy and achieve a more secure and resilient IT infrastructure. 
 
Register now to secure your spot.

Mastering NCSC Guidelines

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on April 11, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of March 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, March 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, April 2024

69% of organizations said they experienced at least one cyberattack resulting from an exploit of an unknown or unmanaged asset such as software, cloud-based workloads user accounts, and connected Internet of Things (IoT) devices. Most of these attacks stem from a lack of real-time visibility for assets connecting to the network. 

In this webinar, you’ll learn how Qualys CyberSecurity Asset Management (CSAM) uses built-in passive sensing to help customers: 

1. Discover up to 34% more devices on their internal networks in real time for VM and compliance scanning 
2. Lay the foundation for Zero Trust Security Architecture by identifying untrusted devices with cyber risk assessment 
3. Turbocharge CMDB accuracy, enabling IT with comprehensive visibility required to manage asset inventory lifecycle and remediate cyber risk 

Register and learn how to de-risk your business from rogue and unauthorized devices.

Identify and De-risk Unauthorized Devices with Cybersecurity Asset Management

69% of organizations said they experienced at least one cyberattack resulting from an exploit of an unknown or unmanaged asset such as software, cloud-based workloads user accounts, and connected Internet of Things (IoT) devices. Most of these attacks stem from a lack of real-time visibility for assets connecting to the network.

In this webinar, you’ll learn how Qualys CyberSecurity Asset Management (CSAM) uses built-in passive sensing to help customers:

1. Discover up to 34% more devices on their internal networks in real time for VM and compliance scanning
2. Lay the foundation for Zero Trust Security Architecture by identifying untrusted devices with cyber risk assessment
3. Turbocharge CMDB accuracy, enabling IT with comprehensive visibility required to manage asset inventory lifecycle and remediate cyber risk

Register and learn how to de-risk your business from rogue and unauthorized devices.

File Integrity Monitoring (FIM) is a required cybersecurity and compliance solution used by almost every organization, especially for PCI DSS 4.0, with the March 31 deadline looming. However, not all FIM solutions are created equal. Critical capabilities, including File Access Management and Agentless Network Support, are required to prevent security breaches, audit failures, and litigation. 
 
Join experts from Qualys for a live ‘AMA’ (Ask-Me-Anything) session on Wednesday, March 27 at 9 AM PT as they discuss industry trends and new attack vectors, as well as why customers are switching to Qualys FIM from other solutions, such as Tripwire. Here’s what you’ll learn from two Qualys FIM technical experts: 
 
• Which PCI DSS 4.0 requirements relate to FIM and FAM 
• Why noise cancellation can reduce false alerts and IT costs by 90%+ and ensure PCI compliance 
• How File Access Monitoring, missing from other solutions, can alert on critical host file access 
• Why support for non-agent network devices is needed for PCI DSS 4.0 
• Why file reputation and trust status are critical for FIM effectiveness 
• How scalability and adequate Linux support are inadequate with most other solutions

Does your FIM support FAM and agentless networks?

Cybersecurity teams must move faster than attackers when vulnerabilities are disclosed. This is only possible if the attack surface is mapped out continuously. This Fireside conversation explores attack service management, tools that infosec professionals can use to manage risks before attackers discover them, and what threat intelligence indicates about the likelihood of exploitation. Register now and gain insights to help you better mitigate threats.

Implementing an Attack Surface Management Program

IT Security

Cyber Security

Cyber Attacks

Threat Detection

Threat Assessment

Information Security

Service Management

Cyber Crime

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Implementing an Attack Surface Management Program

Presented by

About this talk

More from this channel