Qualys Security Conference
With so many disparate tools to measure and manage risk these days, it’s harder than ever to quantify the impact of cyber risk on your businesses. Join us in person to find out how today’s security leaders are evolving from enumerating risk to eliminating it. You’ll hear from industry-leading thought leaders, Qualys customers, and product experts on the latest strategies and tactics being used to measure, communicate, and eliminate cyber risk to drive better business outcomes.
Join us for the QSC Americas 2024 Welcome Reception at Eventide at the Sheraton from 6:30PM - 8:30PM for an evening of delicious food, drinks and live music. Also, get your professional photo taken at our on-site portrait studio.
QSC at a Glance
7:30 AM – 9:00 AM Registration & Breakfast |
9:00 AM – 9:05 AM Welcome to Day 1 Dino DiMarino, Chief Revenue Officer, Qualys |
9:05 AM – 9:45 AM Risk and Resiliency Juliette Kayyem, CNN National Security Analyst, Former Assistant Secretary at DHS |
9:45 AM – 10:30 AM
If Everything Is Critical, Nothing Is: Unveiling a New Approach to Cyber Risk Management Sumedh Thakar, President and CEO, Qualys |
10:30 AM - 10:45 AM Break |
10:45 AM – 11:30 AM
A Look Under the Hood - Qualys Enterprise TruRisk Management Mayuresh Ektare, VP, Product Management, Enterprise TruRisk Management, Qualys Join us for an insightful session, where we'll delve into transforming your risk management strategies. Learn how the Qualys Enterprise TruRisk Platform can enhance your enterprise's approach to risk by providing a unified, comprehensive view. We’ll cover practical strategies for integrating and leveraging Qualys tools to streamline risk assessments, improve threat visibility, and strengthen your overall risk management framework. Whether you're looking to optimize your current risk management processes or seeking innovative solutions, this session offers valuable insights to help you effectively measure, communicate, and eliminate risk across your organization. |
11:30 AM – 11:45 AM
Panel: Risk Management as a Community Endeavor Sumedh Thakar, President and CEO, Qualys Sundhar Annamalai, President, LevelBlue Todd Waskelis, VP, Strategic Solutions, LevelBlue Hamesh Chawla, CEO, Mulberri Moderator: Richard Seiersen, Chief Risk Technology Officer, Qualys
Sumedh Thakar’s bio |
11:45 AM - 12:30 PM
Qualys Platform - A 25 Year Journey of Relentless Innovation Shailesh Athalye, Senior Vice President, Product Management, Qualys Unlock the full potential of your cybersecurity strategy. Join us to discover how the Qualys TruRisk Platform will transform your approach to managing assets, risks and remediations across the hybrid environment. In this session, you'll learn about upcoming innovations that will shift your current cyber strategy from simply managing assets, risk and remediations to a comprehensive approach. By aggregating these security findings and delivering actionable, enterprise-wide insights, Qualys empowers organizations to align cyber risk with business goals in a cost-effective, strategic manner. |
12:30 PM - 1:45 PM Lunch |
1:45 PM - 2:35 PM
VMDR for Multi-Cloud: A Single CNAPP Platform for VMDR, CSPM, CWPP, KCSS, CDR & SAASPM Kunal Modasiya, VP, Product Management, Asset, Web App and Cloud Security, Qualys JC Najera, SOC Manager, Syntax Managing risk in cloud environments is increasingly complex, with countless accounts, assets, and potential vulnerabilities spread across multiple platforms. Each asset carries unique risk factors—vulnerabilities, misconfigurations, network exposures, threats, and excessive permissions. Aggregating and analyzing this data to prioritize which assets require attention and why they are at risk within your cloud infrastructure can be daunting. TruRisk Insights simplifies this challenge by correlating key risk indicators to highlight the most urgent threats. Its attack path visualization feature goes further, illustrating how risks can propagate across your cloud infrastructure. This approach helps security teams, cloud operations, and developers focus on the most critical issues. For example, TruRisk Insights with attack path visualization can show the potential exploitation that enables lateral movement from a vulnerable, externally exposed asset with admin privileges. This visibility equips teams to prioritize mitigation efforts where they matter most. |
2:35 PM - 3:15 PM
VMDR: Putting the M Back in Vulnerability Management Joe Petrocelli, VP, Product Management and Partner Programs, Qualys Tyler C, Director, Cyber Security Application Security, American Express Global Business Travel Maher Al Awar, Cybersecurity Tools & Automation Manager, SLB In today's rapidly evolving threat landscape, traditional vulnerability management practices are no longer sufficient. Cybersecurity leaders must adopt a programmatic and disciplined approach to effectively manage risks across diverse environments. Join us for a dynamic session that will explore why it’s crucial to integrate comprehensive strategies into your vulnerability management program — across endpoints, networks, AI/LLMs, web applications, and cloud assets. This session will dive into how to:
|
3:15 PM - 3:25 PM
VMDR Treasure Hunt: Find the Hidden Treasures of VMDR Kevin O'Keefe, Senior Security Solutions Architect, Qualys |
3:25 PM - 3:40 PM
Break |
3:40 PM - 4:20 PM
Internal and External Attack Surface Management: Step Zero of Cyber Risk Management Kunal Modasiya, VP, Product Management, Asset, Web App and Cloud Security, Qualys Mike Orosz, Global Chief Information and Product Security Officer, Vertiv
Kunal Modasiya’s bio In today’s complex tech landscape, threats can arise from diverse sources—on-premises, multi-cloud, IoT/OT systems, and more. Yet, only 9% of organizations fully monitor their attack surface and understand their risk exposure. Join us to revolutionize your risk management approach. Discover how to:
Don’t miss this essential session to strengthen your attack surface management and de-risk your organization. |
4:20 PM - 5:00 PM
Patchless Patching: Enhance Cyber Resilience With Your IT Team Eran Livne, Sr. Director, Product Management, Qualys Corey Amsler, Director, Risk Management - EVM, GE Vernova In today’s cybersecurity landscape, prioritizing and addressing vulnerabilities is essential for every security professional, even if you aren’t deploying patches yourself. Join us to explore how Qualys TruRisk Eliminate can empower IT and security teams and transform your approach to risk management by automating patching and implementing mitigations even without a patch. Learn from real-world experiences as customers share why they selected Qualys Patch, their implementation strategies, and the impactful results they’ve achieved. This session will provide valuable insights into achieving significant risk reduction and enhancing your security posture through innovative solutions. |
5:00 PM - 5:05 PM
Day 1 Wrap up Dino DiMarino, Chief Revenue Officer, Qualys |
5:05 PM - 5:30 PM
Break |
5:30 PM - 6:30 PM
Risk Busters Crush Risks, Secure the Future: Join the Qualys Risk Buster Contest and Lead the Charge in Cyber Defense! |
Simply calculating the vulnerabilities that cyber risk poses to your business is no longer enough. See the latest strategies and innovations leading security experts are implementing to quantify the impact of cyber risk on their businesses so they can focus on the vulnerabilities that matter most.
Engage with Qualys’ customer-facing teams and your peers around best practices and user case studies for applying security automation to real-world challenges.
Two day of free training covers forward-looking strategies, best practices to improve effectiveness and productivity, and core and expanded product features to up-level your security program.
CIOs, CSOs and CTOs; directors and managers of network, security and cloud; developers and DevSecOps practitioners; Qualys partners and consultants; or any forward-thinking security professionals.
Qualys Security Conference will be held at the Sheraton San Diego Hotel & Marina.
1380 Harbor Island Drive,
San Diego, California, USA, 92101
T: 1 619-291-2900
Book Your Hotel
Now
Attendance at QSC is complimentary. This includes access to all general sessions, breakfast, lunch, breaks, and training.
Travel and hotel accommodations are not included with QSC or pre-conference training.
Qualys is committed to providing a safe and healthy experience for all QSC participants.
As part of our efforts to make QSC Americas a successful and productive event, Qualys is committed to providing a safe, professional and welcoming environment for all participants. To that end, we require everyone to follow our Code of Conduct.
If you have any questions, please read our FAQs. If you still have questions, please call us at 1 (650) 801 6100 or email us at [email protected]
Himanshu Kathpal is senior director of Product Management at Qualys. He has over 13 years of experience in cybersecurity and product management, with a specialization in vulnerability management, remediation, and next-generation endpoint security. Himanshu is passionate about developing security solutions that align with the company’s cybersecurity product strategy to meet customer needs, reduce the attack surface, and strengthen the organization’s security posture. He holds a master’s degree in engineering from D.Y.Patil University, Pune, as well as an MBA in International Business Management from NMIMS, Mumbai.
Todd Waskelis is the driving force behind the LevelBlue Cybersecurity Solutions, where he leads a dynamic team dedicated to delivering transformative solutions that enhance client defense and protection. As a key figure in ensuring high-quality, innovative service, Todd plays a crucial role in addressing and overcoming the most critical security challenges faced by clients today.
With over 20 years of expertise in the cybersecurity realm, Todd excels in guiding clients through the complexities of the modern cyber landscape. His comprehensive experience covers cyber risk management, threat intelligence, network security, incident response, attack surface management, privacy and data protection, and business resilience. Todd is a highly respected
leader, renowned for his extensive consulting and managed security services background, and is known for his ability to consistently achieve exceptional results across diverse business problems and industries.
Todd holds a B.S. in Management Information Technology and is a Certified Information Systems Security Professional (CISSP). His influence extends beyond the office as he frequently contributes to security conferences and advisory councils across various sectors, including healthcare and finance, and actively participates in industry forums. He also serves on the board
of the New Hampshire Chapter of the Information Systems Security Association (ISSA). In addition to his professional accomplishments, Todd has a rich background in media relations, encompassing radio, press, and television appearances.
In academia, the private sector, the government and the media, Professor Juliette Kayyem is an international leader in crisis management and homeland security. Juliette currently serves as the faculty chair of the Homeland Security, and Security and Global Health Projects at Harvard’s Kennedy School of Government.
She also serves as a Senior National Security Analyst for CNN, where she has been described as the network’s “go-to” for disasters.
A Pulitzer Prize finalist, she is now a contributing writer for The Atlantic and has a weekly security segment on NPR’s Boston station WGBH. Her most recent book, The Devil Never Sleeps:
Learning to Live in an Age of Disasters, was described in a New Yorker profile of her as an “engagingly urgent blueprint for rethinking our approach to disaster preparedness and response.”
In government, she most recently served as President Obama’s Assistant Secretary for Intergovernmental Affairs at the Department of Homeland Security. Previously, she was Massachusetts Governor Deval Patrick’s Homeland Security Advisor. She is the recipient of many government honors, including the Distinguished Public Service Award, the Coast Guard’s highest
medal awarded to a civilian.
She is a frequent advisor to major corporations and associations on national and homeland security, planning for a crisis, cybersecurity and resiliency efforts. From 2020-2022, she served as faculty for a joint effort with Bloomberg Philanthropies and Harvard University to train
mayors and city leaders for pandemic planning. She is a Senior Advisor to Teneo, a global consulting firm. Juliette was named Inc. magazine’s top 100 Female Founders in 2019 and received the Lifetime Achievement Pinnacle Award from the Greater Boston Chamber of Commerce in 2023.
Nayeem Islam is the Vice President of Product Management at Qualys for the TotalCloud initiative. Prior to joining he was founder and CEO of Blue Hexagon, a cloud security company that pioneered the use of AI to detect cloud threats. Blue Hexagon is now part of Qualys.
As President and CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. From 2014 to 2021, he served as Qualys’ Chief Product Officer, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.
Sumedh is a long-time proponent of SaaS and cloud computing. He previously worked at Intacct, a cloud-based financial and accounting software provider. He also worked at Northwest Airlines developing complex algorithms for its yield and revenue management reservation system. Sumedh has a bachelor’s degree in computer engineering with distinction from the University of Pune.
Sundhar Annamalai is President of LevelBlue, among the largest security service providers globally (previously the cybersecurity services division of AT&T). He brings more than 20 years of experience in technology services and strategic execution to his role, guiding LevelBlue in defining and implementing a strategy that drives product innovation, helps to solve difficult customer challenges, and accelerates revenue and profitability. Sundhar leads product management, engineering, customer operations, consulting, and professional services, focusing on delivering impactful customer outcomes through the development of industry-leading security orchestration and threat detection and response platforms.
As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.
Mike Orosz is Global Chief Information and Product Security Officer at Vertiv accountable for all aspects of global information and product security. He was previously Sr. Director Global Cyber and Physical Security at Citrix and Global compliance Officer for Citi. Mike also served in the US Army focusing on Intelligence, Security and Analytics. He holds a master’s degree in information sciences, cybersecurity from PennState University.
As the Chief Risk Technology Officer at Qualys, Richard helps customers and the broader security community measure, communicate, and eliminate risk. With over 10 years of experience as a CISO, he’s led and supported security strategy, operations, and governance across critical infrastructure and cloud-native organizations. Richard has published two books, “How To Measure Anything In Cybersecurity Risk” and “The Metrics Manifesto: Confronting Security With Data.” Each provides practical and innovative approaches to quantifying and reducing security risk. His first book is the main curriculum at the US Dept of Defense (DoD) CISO program at Carnegie Mellon University and numerous other institutions of higher education.
Mukesh Choudhary is the Principal SME for Remediation, CAR, and FIM at Qualys. He focuses on managing security solutions such as ‘Patch Management’, ‘File Integrity Monitoring’, and ‘Custom Assessment and Response’. Mukesh helps customers assess and improve risk reduction and conducts workshops on risk reduction and file integrity monitoring.
As Chief Revenue Officer (CRO), Dino is responsible for driving revenue generation including expanding the worldwide sales and partner organizations, continuing to deliver high levels of customer value, and furthering Qualys’ growth momentum.
Dino is a passionate and accomplished leader with over 20 years of experience leading go-to-market teams within cybersecurity and information technology companies. Most recently, Dino served as the CRO for Snyk, an industry leader in developer security, where he was responsible for all customer-facing go-to-market functions. Prior to Snyk, Dino held positions at Mimecast including CRO where he was part of the senior leadership team that scaled the company from $100M to $600M in annual recurring revenue over five years. Earlier in his career, Dino held various senior go-to-market leadership positions at EMC and RSA Security, spanning over 12 years. Dino has a bachelor’s degree in business administration from Wilfrid Laurier University in Waterloo, Canada.
Lavish Jhamb is Solution Architect for Compliance Solutions at Qualys, focused on building security solutions such as ‘Custom Assessment and Response’ and ‘File Integrity Monitoring’ and helping customers assess and improve their security and compliance posture. He has over 7 years of experience working on security solutions, regulatory standards, and cyber security frameworks, with thorough understanding of operating systems. Lavish holds a bachelor’s degree in computer engineering from the Kurukshetra University Institute of Engineering and Technology and a Post Graduate Diploma in IT Infrastructure, Systems and Security from CDAC Pune.
Eran Livne is Senior Director, Endpoint Remediation at Qualys, leading a team tasked with helping customers improve their security posture through cross-platform vulnerability remediation. He has more than 20-years of product management and computer science experience working in diverse IT and security markets. In 2014, Eran founded mobile security company, LetMobile, acquired by Ivanti. Following the acquisition, he drove Ivanti’s enterprise security and endpoint security and management solutions. Eran holds a bachelor’s degree in computer science from Tel Aviv University and an MBA in high-tech business administration from Technion - Israel Institute of Technology.
Kunal is currently VP of Product Management for the CyberSecurity Asset Attack Surface Management (CAASM), Web App and API Security product line at Qualys HQ in Foster City, CA. He is Qualys boomerang. He worked at Qualys for 3 years and incubated the XDR product line from inception. Kunal has spent 15 years working at startups, and big and mid-size companies in cybersecurity, networking, and application security in both product and engineering roles at Juniper Networks, Extreme Networks, Sun Microsystems and Infinera. Prior to re-joining Qualys, Kunal was heading products at Israeli startup in API security and bot management AppSec space.
Jonathan Trull is a longtime security practitioner and CISO & SVP Security Solution Architecture with over 18 years of experience in the cybersecurity industry and is currently the Senior Vice President of Customer Solutions Architecture and Engineering at Qualys. His career has spanned operational CISO and infosec roles with the State of Colorado, Qualys, Optiv, and Microsoft. While at Microsoft, Jonathan led the Microsoft Detection and Response Team (DART) whose mission was to respond to cyber security incidents around the globe ranging from cyber espionage initiated by nation-state actors to ransomware attacks and included the investigation of and response to the NOBELIUM threat actor campaign which leveraged the SolarWinds supply chain. Jonathan also serves as an advisor to several security startups and venture capital firms and supports the broader security community through his work with the Cloud Security Alliance, Center for Internet Security, and IANS. He is also an adjunct faculty member at Carnegie Mellon University where he mentors and coaches those attending the CISO Executive Education Program. Jonathan is a frequent speaker at industry conferences such as BlackHat, RSA, and SANS and holds several industry certifications including the CISSP, OSCP, CCSP, and GCFA. Jonathan is a veteran of the U.S. Navy finishing his career as a Lieutenant Commander supporting the Information Warfare Domain.
As Senior Director of Product Management, Sandeep Potdar leads product strategy and its execution for the Qualys VMDR product portfolio. He is an Engineer-turned-Architect-turned-PM, with close to 2 decades of experience in Enterprise Software and Cybersecurity domains and an extensive consulting experience in various Retail, Banking, Insurance, Travel, and Manufacturing Fortune 500 companies. Prior to joining Qualys, he led Platform and Product Management at Tenable. Before that, he led Product Management at WhiteHat Security and launched several Application Security products. Sandeep has a bachelor’s in computer science engineering from Visvesvaraya Technological University, India and a certificate of business excellence from Haas School of Business, University of California, Berkeley.