Name: What 2025 Taught Us About Patching – and How to Do It Right in 2026
Start: 2026-02-11T05:30:00Z
End: 2026-02-11T05:31:00.000Z
Location: BrightTALK

Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.
 
Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Patch Tuesday Webinar: This Month in Vulnerabilities and Patches

Join us for a critical breakdown of the threat landscape for March. Our Qualys Threat Research (TRU) experts will analyze high-impact vulnerabilities—including a deep dive into the Microsoft Patch Tuesday cycle—and demonstrate how to secure your infrastructure immediately.

What We Will Cover:
- The Threat Landscape: A review of the most significant vulnerabilities released this month.
- Microsoft Patch Tuesday: Detailed analysis of the critical updates from March 2026.
- Beyond Microsoft: Identification of other significant 3rd-party vulnerabilities affecting your stack.
- Practical response options from Qualys Research—patches first, then alternative fixes if no patch exists, and Qualys-provided mitigations (compensating controls) when patching risk is too high until a patch can be deployed

Patch Tuesday Webinar March 2026: This Month in Vulnerabilities and Patches

Recent research from Qualys and IDC reveals a critical disconnect while enterprises rapidly adopt cloud and AI; their security and compliance maturity is dangerously low. Traditional, manual approaches to security and compliance are failing to keep pace with evolving mandates like CMMC 2.0 and NIST CSF 2.0, sophisticated AI-generated attacks, and the complexity of modern cloud environments. This gap creates unknown risks and leaves your organization exposed.

Join Qualys experts Bill Reed and Abhinav Mishra for a 45-minute fireside chat that dissects this challenge. We will provide a data-driven look into the compliance gaps most organizations are missing and present an actionable framework for building a resilient, automated, and audit-ready security program. Move beyond theoretical discussions and gain the strategic insights needed to secure your organization with precision and confidence.

In this webinar, you will learn how to:

- Identify hidden security and compliance gaps in your cloud and application security posture based on new industry research.

- Automate security workflows to ensure continuous compliance with NIST, PCI DSS 4.0, ISO 27001, and other key mandates.

- Implement a risk-based strategy to prioritize threats and streamline remediation in complex cloud and container environments.

- Strengthen your security posture against sophisticated, AI-generated cyber threats.

- Build an efficient, unified security program that provides clear, audit-ready reporting for GRC and leadership.

Navigating Cloud Security and Compliance Maturity Gaps in 2026

Patch Tuesday Webinar: This Month in Vulnerabilities and Patches

Join us for a critical breakdown of the threat landscape for February. Our Qualys Threat Research (TRU) experts will analyze high-impact vulnerabilities—including a deep dive into the Microsoft Patch Tuesday cycle—and demonstrate how to secure your infrastructure immediately.

What We Will Cover:
- The Threat Landscape: A review of the most significant vulnerabilities released this month.
- Microsoft Patch Tuesday: Detailed analysis of the critical updates from February 2026.
- Beyond Microsoft: Identification of other significant 3rd-party vulnerabilities affecting your stack.
- Practical response options from Qualys Research—patches first, then alternative fixes if no patch exists, and Qualys-provided mitigations (compensating controls) when patching risk is too high until a patch can be deployed

Patch Tuesday Webinar February 2026: This Month in Vulnerabilities and Patches

The gap between detection and remediation leaves your organization exposed. It's time to move from manual analysis to autonomous action.

Join us for "Expose and Eliminate: Mastering Agent Sara and Agent Nova" webinar to discover how Qualys' new Agentic AI capabilities can transform your cyber risk management program. Learn how to operationalize a continuous threat exposure management (CTEM) framework and automate risk elimination with two powerful AI agents.

In this webinar, you will see how to:

- Leverage Agent Nova to autonomously discover and prioritize external exposures with a hacker's-eye view, turning complex data into clear, actionable insights. 

- Deploy Agent Sara to automate the entire Patch Tuesday lifecycle, drastically reducing Mean Time to Remediation (MTTR) with intelligent prioritization and remediation plans. 

- Transform your security operations from reactive to proactive, freeing up teams to focus on strategic initiatives instead of manual risk analysis.

Register now to learn how to expose your most critical risks and eliminate them at machine speed with Agentic AI.

Expose and Eliminate: Mastering Agent Sara and Agent Nova

In 2026, cybersecurity leaders will face a decisive shift from reactive defense to risk-driven operations. In a lively discussion featuring two Qualys cybersecurity experts, Richard Seiersen, Chief Risk Technology Officer and Alex Kreilein, Vice President of Product Security & Public Sector Solutions, this webinar will explore our top predictions for the changing landscape and illuminate how CISOs can tackle their biggest challenges in 2026. Richard and Alex will examine the evolving AI risk surface, the convergence of cyber, AI, and federal policy, and how organizations need to prioritize and mitigate cyber risk.

Join us to gain practical insight into cutting through security noise, aligning investments to business impact, and building resilience through transparency, automation, and executive-level risk decision-making.

Cybersecurity Predictions for 2026: Embracing the Risk-First Era

The UK's new Cyber Security & Resilience (CSR) Bill represents the most significant overhaul of national cyber regulation since 2018 , introducing sweeping new duties for MSPs, Data Centers, Operators of Essential Services, and their critical suppliers. With 24-hour incident reporting, board-level accountability, aggressive enforcement, and expanded supply-chain oversight, organisations can no longer rely on siloed tools, manual processes, or reactive security. 
 
 
Join Ivan Milenkovic, Vice President, Cyber Risk Technology at Qualys, on 29 January at 1pm (London) for a practical, strategic session unpacking the bill’s new requirements and how organisations can meet them through a unified platform approach.
 
This webinar will explore:

- The four major shifts introduced by the CSR Bill including Managed Service Provider regulation, Data Centre obligations, and the Designated Critical Supplier regime.
- Why the 24/72-hour reporting mandate makes fragmented detection and manual investigation operationally impossible.
- How the Qualys Enterprise TruRisk Platform delivers continuous asset visibility, proactive risk reduction, audit-ready compliance evidence, and rapid incident investigation.
- How to turn compliance into competitive advantage, especially for MSPs and critical suppliers now facing mandatory customer-notification requirements.

You’ll leave with a clear blueprint for achieving continuous compliance, accelerating incident readiness, and reducing organisational cyber risk under the UK's new regulatory framework.

Mastering the UK Cyber Security & Resilience Bill: How to Build a Unified, Audit-Ready Security Program

Patch Tuesday Webinar: This Month in Vulnerabilities and Patches

Join us for a critical breakdown of the threat landscape for January. Our Qualys Threat Research (TRU) experts will analyze high-impact vulnerabilities—including a deep dive into the Microsoft Patch Tuesday cycle—and demonstrate how to secure your infrastructure immediately.

What We Will Cover:
- The Threat Landscape: A review of the most significant vulnerabilities released this month.
- Microsoft Patch Tuesday: Detailed analysis of the critical updates from December 2025.
- Beyond Microsoft: Identification of other significant 3rd-party vulnerabilities affecting your stack.
- Practical response options from Qualys Research—patches first, then alternative fixes if no patch exists, and Qualys-provided mitigations (compensating controls) when patching risk is too high until a patch can be deployed

Patch Tuesday Webinar January 2026: This Month in Vulnerabilities and Patches

With 74% of breaches involving credential misuse, identity has become the most exploited and least quantified attack surface. Yet most tools treat identity risk separately from asset risk, leaving security teams to stitch together fragmented visibility and incomplete risk signals.

Join us on Dec 16, 2025, at 10 AM PT for this exclusive session introducing Qualys ETM Identity — the newest capability within Qualys Enterprise TruRisk™ Management (ETM) — designed to make identity risk measured, communicated, and eliminated within the same platform you already use for vulnerability, compliance, and asset risk.

In this webinar, we'll learn how to extend your Risk Operations Center (ROC) to the identity perimeter and reduce your identity-driven attack surface faster by:

- Learning why identity can’t be a separate swim lane in 2025.
- Bringing identity posture and exposure directly into ETM with consolidated identity and asset risk
- Finding and prioritizing the most exploitable routes with Attack Path Analysis and Domain Trust Mapping.
- Executing closed-loop remediation with risk response orchestration workflows, validation and auto-rescoring.
- Reporting with audit-ready dashboards aligned to DISA/CIS and more along with continuous integrity monitoring for “who changed what, when, where."

Extending Your Risk Operations Center with Qualys ETM Identity

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on December 11, 2025.

We will discuss this month's high-impact vulnerabilities, including those that are part of November 2025 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, November 2025 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

Patch Tuesday Webinar December 2025: This Month in Vulnerabilities and Patches

How Agentic AI is transforming cloud security from code to cloud.

Cloud environments have become intelligent, fast-moving ecosystems — where code, infrastructure, and AI workloads evolve daily. Defending them requires more than detection; it demands systems that can see, reason, and act across every layer.
In this Cyber Risk Series edition, we’ll explore how Agentic AI is redefining cloud defense — unifying visibility, risk, and response across code, apps, and multi-cloud environments.

We’ll be joined by leading voices in cybersecurity who will explore how organizations can unify visibility, prioritization, and response across the digital ecosystem — rethinking how we manage risk, threats, and emerging AI-driven operations.

Cyber Risk Series: Cloud-Native to AI-Native Edition

Couldn’t make it to ROCon Mumbai? No stress - we got you. 
 
The Risk Operations Conference (ROCon25) brought together top CISOs, security leaders, and practitioners to unpack the most urgent challenges shaping today’s cybersecurity landscape. And now, we’re bringing the biggest moments and hard-hitting insights straight to your screen. 

In this exclusive online recap, we’ll break down the core themes, announcements, live demos, and mind-bending insights from ROCon25 - including how organizations are shifting from managing sprawling attack surfaces to mastering a risk-first security strategy that actually moves the needle. 

From Active Directory exploits and cloud blind spot to identity compromise, patch precision, and cyber-risk quantification - this recap distills everything you need to stay ahead in 2025. 

What You’ll Learn
- Why “risk surface” is the new security battleground
- How Enterprise TruRisk™ Management powers the ROC
- Cyber Risk Quantification that actually aligns with finance
- Identity is the #1 exploited surface 
- TotalCloud CNAPP Deep Dive
- Patch fatigue to patch precision

This recap delivers the most important takeaways so you can strengthen resilience, minimize exposure, and align security with leadership priorities. 

Why Attend
- Catch the biggest takeaways from Mumbai, without the travel 
- Learn what the world’s top practitioners are prioritizing for 2025 
- Get actionable strategies to modernize your RiskOps program 
- Understand how attack paths, identity risk, cloud exposure, and patching precision fit into one unified TruRisk™ model 
- Build alignment with IT, DevOps, and leadership through data-driven insights 
- Win exciting prizes at the end of webinar

ROCon25 Recap - The Future of Risk Operations

Cyber Risk Series: Cloud-Native to AI-Native Edition - APAC

How Agentic AI is transforming cloud security from code to cloud.

Cloud environments have become intelligent, fast-moving ecosystems — where code, infrastructure, and AI workloads evolve daily. Defending them requires more than detection; it demands systems that can see, reason, and act across every layer.

In this Cyber Risk Series edition, we’ll explore how Agentic AI is redefining cloud defense — unifying visibility, risk, and response across code, apps, and multi-cloud environments.

We’ll be joined by leading voices in cybersecurity who will explore how organizations can unify visibility, prioritization, and response across the digital ecosystem — rethinking how we manage risk, threats, and emerging AI-driven operations.

Learn How to Automate Cloud Security & Compliance
A Fireside Chat with Qualys and ServiceNow 

Cloud misconfigurations cause over 80% of breaches, and with ephemeral resources, evolving policies, and expanding attack surfaces, manual triage can't be maintained.

Join Qualys cloud experts for a fireside chat webinar on November 20 at 11 AM PT | 2 PM ET to learn how you can continuously monitor cloud risks, prioritize business impact, and accelerate remediation with automated workflows.

 What you’ll learn:
- How to discover all cloud assets (including shadow IT, serverless, and containers) with API-driven visibility
- Why real-time configuration monitoring is essential for compliance with 40+ global frameworks
- How contextual prioritization reduces noise and focuses teams on the most impactful risks
- Ways automated ServiceNow workflows speed remediation and ensure audit-ready compliance

 You’ll also learn about the new Qualys TotalCloud CSPM integration with ServiceNow Configuration Compliance

 Featured Speakers:
• Maanas Saran, Senior Staff Outbound Product Manager, ServiceNow
• Shrikant Dhanawade, Director, Product Management, Cloud Security, Qualys, Inc.

Automate Cloud Security & Compliance with Qualys and ServiceNow

Security leaders are no longer simply managing vulnerabilities or even identifying exposures. The next generation of cybersecurity is focused on quantifying and addressing risks based on business context and financial impact. 

Many organizations are already taking steps to tackle these challenges but bridging the gap between understanding risks and effectively addressing them can feel overwhelming. Rest assured, with the right approach and tools, you can confidently turn these challenges into opportunities for stronger, smarter security. 

Discover how leading organizations are building Risk Operations Centers that deliver measurable business impact and executive confidence. 

Why Attend:
- See how Qualys Enterprise TruRisk Management provides unified visibility, prioritization, and orchestration across cloud, on-premises, and hybrid environments 

- Discover Qualys agents that enrich threat intelligence, discover hidden assets, identify risk factors, and take action to secure your environments 

- Learn about proven methodologies to measure and communicate cyber risk in financial terms to board-level stakeholders 

- Explore how ImagineX's expert-led services accelerate deployment and maximize platform value from day one 

 Register now to secure your spot and take the first step towards a stronger, more resilient security posture.

Power Your Risk Operations Center with Qualys + ImagineX

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on November 13, 2025.

We will discuss this month's high-impact vulnerabilities, including those that are part of October 2025 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, October 2025 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

Patch Tuesday Webinar November 2025: This Month in Vulnerabilities and Patches

Containers and Kubernetes have become a a critical component of modern cloud-native environments and a new way to approach software delivery, but they also introduce new layers of complexity.

Tailored for vulnerability management teams, this session will explore the unique risks containers introduce, how to secure them throughout the CI/CD pipeline, and how to gain visibility into container vulnerabilities at runtime.


Join us to learn how to integrate container security seamlessly into your existing vulnerability management program, ensuring scalable and consistent protection across dynamic cloud workloads.

What you’ll learn:

 - The fundamentals of container security: why it involves securing images, runtimes, environment settings, orchestration layers and networks.
 - Why container security is challenging due to increased attack surface and lack of visibility, and how specialised tools provide insight into container activity.
 - How DevSecOps embeds security into CI/CD pipelines, enabling early detection of vulnerabilities and fostering crossfunctional collaboration.
 - Best practices for collaborative container security, such as enforcing least privilege, using trusted images, continuously monitoring every layer and establishing automated security testing.
 - The rising importance of Kubernetes Security Posture Management (KSPM) as Kubernetes displaces cloud native solutions.

Episode 3 – Containerisation in Practice: The Developer/Security Relationship

2025 didn’t just increase vulnerability volume; it exposed a broken patching model. 

With 1,130+ CVEs, escalating zero-day attacks, and elevation-of-privilege vulnerabilities dominating breach paths, security and IT teams learned the hard way that patch-first doesn’t always mean risk-reduced. 

In this session, experts from Qualys break down what failed in 2025, and why 2026 demands a risk-driven, remediation-first approach. 

You’ll see how TruRisk Eliminate helps organizations handle what traditional patching can’t: 

- Zero-day vulnerabilities 
- End-of-life software 
- Business-critical systems that can’t tolerate downtime 
- Configuration-based and non-patchable vulnerabilities 

We’ll contrast the old, panic-driven patching model with a modern approach built on precision, automation, and engineered resilience, so you’re not repeating the same outages this year. 

What You’ll Learn:-

1. Why non-patchable vulnerabilities are becoming the biggest blind spot, and how to address them with permanent fix strategies 
2. How to handle critical vulnerabilities that can’t be patched immediately using mitigation-first approaches 
3. How to reduce patch failures with risk-aware testing and patch reliability strategies 
4. The mindset shift from: 
   - Security-driven panic → Risk-driven precision
   - One-time mass deployments → Content & ring-based rollouts
   - Hero-based recovery → Automated, engineered resilience 
5. What a 2026-ready patching and remediation model actually looks like in production.

What 2025 Taught Us About Patching – and How to Do It Right in 2026

Vulnerability Management

Patch Management

Zero-Day Vulnerabilities

Risk-Based Remediation

Non-Patchable Vulnerabilities

Cybersecurity Strategy

Security Operations

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

What 2025 Taught Us About Patching – and How to Do It Right in 2026

Presented by

About this talk

Qualys

Related topics