Qualys Security Conference
Replay QSC USA 2020 and QSC EMEA 2021 for insights on where the security industry is headed, Qualys’ future roadmap, customer best practice and use case presentations.
As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures. Philippe received the SC Magazine Editor's Award in 2004 for bringing on demand technology to the network security industry. He was also named the 2011 CEO of the Year by SC Magazine Awards Europe. He was previously Chairman and CEO of Signio until its acquisition by VeriSign. He is also a member of the Board of Directors of StopBadware, a non-profit, anti-malware organization.
As President and Chief Product Officer at Qualys, Sumedh oversees worldwide field operations as well as all things product including engineering, development, product management, cloud operations, DevOps, and customer support. He is responsible for the design, development, delivery and support of all product lines. He has also built up multiple Qualys sites resulting in a global 24x7 follow-the-sun product team. Sumedh has been with Qualys since 2003 and was most recently vice president of engineering. He has a bachelor’s degree in computer engineering with distinction from the University of Pune.
Shailesh Athalye (CISA, CRISC, CEH, ISO 27001 LA) drives product management and engineering for Qualys' line of compliance products including Policy Compliance, File Integrity Monitoring, Security Assessment Questionnaire. With over 15 years of experience in the fields of IT GRC and information security, he has been a driving force for creating innovative ways to streamline risk, configuration and compliance management use cases.
Dave Ferguson is Director of Product Management for Web Application Security at Qualys. After writing code and developing applications for over a decade, Dave transitioned to focus on application security. Prior to Qualys, he led the global application security program at Sabre Corporation and worked as a Principal Consultant at FishNet Security (now Optiv). Dave is author of the OWASP Forgot Password Cheat Sheet and holds CISSP and CSSLP certifications.
Badri Raghunathan is a director of product management at Qualys, responsible for spearheading Qualys’ product initiatives around cloud-native infrastructure (containers, serverless). A technology entrepreneur at heart, Badri thrives on understanding customer problems, building differentiated products, and taking them to market. Badri has worked in product and engineering management roles in a variety of industries, including security, networking and consumer electronics. Most recently, Badri was a founder at an early stage cloud DevSecOps startup, and prior to that, he led cloud-based security and networking products at companies like Symantec and Cisco. Badri holds 9 U.S. patents and has several more applications in the pipeline. He holds an MBA from the University of California Berkeley, and M.S. and B.S. degrees in electrical engineering from Oklahoma State University and the University of Madras, respectively.
Ed Rossi is an experienced product management leader with over 20 years in the IT Asset Management and Software Asset Management space. He recently joined Qualys as Vice President, Product Management, focused on Asset Inventory & Discovery. Ed spent six years at Flexera Software, leading the product team driving their ITAM & SAM offerings and concentrating on helping clients manage their technology investment from on-premises hardware and software to SaaS & Cloud Infrastructure. Previously, Ed was with IBM, where he focused on IT Asset Management, Discovery & Service Management products across several roles. Ed is passionate about the need for strong visibility across the IT ecosystem to support a strong IT Security program and to manage assets more effectively in an increasingly complex technological world.
With a 20-year background in product management and computer science, Eran has had experience in diverse IT and security markets, and has a broad security perspective. Eran is currently Director of Product Management for Qualys Endpoint Remediation.
Travis is the Director of Malware Threat Research at Qualys. He has spent the past 15 years in the security industry with a focus on digital forensics and incident response. He holds a wide array of certifications ranging from GIAC Certified Penetration Tester to the CISSP, as well as an MBA with a concentration in information security. Travis has presented his research at conferences worldwide at venues such as BlackHat, RSA, and SecTor.
Kunal joined Qualys in 2018 as Director of Product Management for XDR - Security Analytics. He is responsible for vision, strategy, and execution of Security Analytics, UEBA, SOAR, Threat Hunting, and Data Lake products from inception. He was previously responsible for building and launching multiple security and networking software products at Extreme Networks and Juniper Networks in product and engineering roles. Kunal has been with Qualys for more than two years.
Alex Mandernack is a Security Solution Architect at Qualys, focusing on Cloud and Container Security from an engineering and architecture perspective. Alex is a liaison between customers and product teams and provides a hands-on, real-world perspective. Before joining Qualys in 2018, Alex held leadership positions in various organizations from startups to MSPs and publicly traded companies.
Sean has served in the IT and security industry throughout his career. He has held leadership positions within various technology organizations, ranging from startups, SMBs, to publicly traded companies. He has spent the last six years focusing on public cloud security in an engineering and architecture role. As a security solution architect for Qualys, Sean has focused on helping customers of all sizes with security automation and integration for their public cloud deployments with the Enterprise TruRisk Platform.
Hariom Singh, CISSP, is the Director of Product Management for Compliance Solutions at Qualys. With over 16 years of experience in cybersecurity and IT GRC, he helps shape compliance products and leads client efforts to secure their cyber infrastructure while exceeding their IT-GRC goals. Prior to Qualys, he worked as the technical lead for Creative Breakthroughs, a technical consultancy, and as a senior consultant for Symantec, building his vast experience designing and building effective security and compliance programs for large enterprises in the healthcare, energy, financial and telecommunications industries.
Ed Arnold is a Security Solution Architect with Qualys, focusing on web application and API security testing. He formerly held positions of Senior Security Engineer, Technical Architect and Principal Security Consultant over a 13 year security career. Ed is focused on automating security testing and enabling developers to proactively address security issues.
John Delaroderie is a Security Solution Architect and Subject Matter Expert for Web Application Scanning. He has been with Qualys since early 2018, and priot to that he worked for a variety of government agencies and private organizations in the fields of cyber security, incident response, digital forensics, and systems integrations.
Dharmesh Ghelani is Principal Product Manager at Qualys, focused on industrial cybersecurity. He has 15 years of experience spanning R&D, engineering and product management, working on various domains like virtualization, cloud computing and cybersecurity. He has contributed to developing multiple products at Symantec, VMware, IBM Software Labs and BMC Software. Dharmesh holds VCP & ITIL certifications and has a master's degree in computer networks, a master's in business administration, and a bachelor's degree in information technology.
Mayuresh is Manager of Threat Research at Qualys. During his 15+ year career, he has gained expertise in many areas of information security, including vulnerability assessments, penetration testing, application security, reverse engineering, and purple teaming. He is passionate about all things inter-networked and possesses an intellectual curiosity in secure computing and emerging technologies. Mayuresh has been with Qualys since 2012 and was one of the first technical hires in the Pune, India office.
Swapnil Ahirrao is a Product Manager for Mobile Security at Qualys. He leads Qualys product initiatives around mobile security. He has 7+ years of experience in Mobile Security, Mobile Device Management (MDM), and Enterprise Mobility Management (EMM). Prior to Qualys, Swapnil worked at 1Mobility (acquired by Qualys) as a Sr. Business Analyst, working with customers and designing solutions to manage and secure corporate and employee-owned mobile devices and the associated data across the enterprise.
Santosh Mukkawar is a Senior Product Manager for Cloud Security at Qualys. He leads Qualys product initiatives for cloud workload and infrastructure security. He is a seasoned professional with 15+ years of experience in DevOps, public cloud (AWS, Azure, GCP), and virtualization technologies. Before joining Qualys, Santosh spent a decade at Symantec working on data center security solutions.
Aditi Sahasrabudhe is a Product Manager for Compliance Solutions at Qualys and spearheads the research on new features in its Policy Compliance solution. She has also devised out-of-band configuration assessment capability for assessing critical assets in the customer environment. Before joining Qualys, she has worked in development and research roles at Symantec Corporation and KPIT infosystem’s CREST R&D labs. She holds a master's in technology from IIT Roorkee and CISSP certification. She is an author of CIS benchmarks.
Kaustubh Kumbhar is Director of Product Management, Compliance Solutions at Qualys with 20+ years of engineering and product management experience. He has worked for startups and enterprise organizations to deliver Managed Security-As-A-Services (MSS), Database Activity Monitoring (DAM), and e2e security services. Currently, Kaustubh engages with large global customers to meet their security and compliance needs using Qualys File Integrity Monitoring and the Qualys platform.
Deepak is the CTO for SaaS Security at Qualys. He was previously Founder and CEO of cloud security company, Adya, which was acquired by Qualys in January 2019. Before founding Adya, Deepak was the head of Product Management (Server Backup) at Druva. He has extensive product management, marketing and engineering expertise at enterprise companies such as Riverbed Technologies, Spirent Communications, Sun Microsystems, AOL and Netscape. He has over 20 years of work experience in enterprise SaaS, application, security, networking and storage experience.
Rémi Le Mer is the Director of Product Management for the Qualys Web Application Firewall (WAF). He is an experienced network and security specialist whose professional career began in 1999. Prior to joining Qualys in 2015, Rémi worked as a network and security engineer for the past ten years for the French industry and finance markets, implementing numerous appsec oriented projects using a mix of vendor and opensource-based solutions. In 2009, Rémi dove into building WAF policies, and in 2013, he participated in authoring WAF operational programs.
Hiep Dang is Vice President of Product Management, EDR at Qualys. He is passionate about building innovative cybersecurity solutions to protect users and corporations from the evolving threat landscape. Almost 20 years ago, Hiep turned a casual curiosity in computer forensics and computer viruses into a full-time cybersecurity career. His journey has given him a spectrum of experiences from burgeoning startups to Fortune 500 companies and the opportunity to solve a range of problems from deeply technical to abstract business. He's found his sweet spot in product management at the intersection of product strategy and technical execution. Before joining Qualys, Hiep launched several enterprise and consumer products for Cylance (acquired by BlackBerry), McAfee (acquired by Intel), and Aluria (acquired by EarthLink). Hiep has also served as the Director of Anti-Malware Research for McAfee, where he oversaw a globally distributed 24x7 organization responsible for researching and responding to complex malware threats.
Chris Ong is the manager of Jabil’s Information Security Solution Engineering team and has been with Jabil for five years. He lives in St. Petersburg Florida, and has 20 years of overall IT experience with the last 15 years focused on information security and assurance. His versatile work experience includes protecting and securing assets in the pharmaceutical, department of defense, and manufacturing fields. He holds a bachelor’s degree in Technical Management as well as vendor neutral cybersecurity certifications. When he isn’t working in cybersecurity, he has a huge passion for international travel and world history.
Deepak Naik is Vice President of Platform Security Engineering and Operations, Qualys. With over 17 years of IT infrastructure and information security experience, he drives internal security transformation and product enhancement initiatives at Qualys. Previously, he held technology and security product and project management roles in the banking industry. Deepak actively participates in the ISAC chapters with stints on the technical committee of FS-ISAC (Asia) and the technical committee of IT-ISAC. He holds an executive MBA from the Indian Institute of Management Rohtak and B.E. degree in electronics and telecommunication engineering from Mumbai University.
During the past 15+ years, Steve Ocepek has received five patents in the field of network security, as well as launched various successful security projects, including founding Wholepoint Corporation which focused on threat intelligence, malware analysis and other security domains. He also launched Trustwave’s SpiderLabs Research division. Today, as a member of the X-Force Red team, his primary responsibilities include managing and delivering security services to X-Force Red’s global client base. Steve’s experience spans both attack and defense, with extensive experience in both penetration testing and network defense. Trusted as an experienced investigator, Steve has led cyber response activities across dozens of high-profile breaches. As Manager of Incident Response for Fidelity Information Services, Steve worked with specialists across the private sector and federal law enforcement to create a unified state-of-the-art team of responders within the organization. Steve has provided numerous open source contributions to the field of information security including both attack and defense tools. Speaking engagements include Black Hat (US/EU), DEF CON, RSA, BSides, and OWASP AppSec.
Surendra Nemani is the Sr. Manager and Head of Security Engineering at Infosys. He has been deeply involved in Information Security for over 12+ years, and has managed teams covering Security engineering, Incident management and response, Security Infrastructure, Vulnerability management, Security automation, Audits, Security Operations, Governance and Compliance. He is driving force in enabling the security controls at Infosys to mitigate & minimize the cyber security risks.
Matthew Rogers joined Syntax as the company’s Chief Information Security Officer of the Americas in August 2020. In this role, Rogers has a dual focus of working with Syntax’s Global Product Management team to develop innovative security products for Syntax’s global customers. He also leads Syntax’s Security Operations team for the Americas region. Matthew’s passion is to simplify complex problems through technology. He has designed, implemented, and staff cybersecurity programs and strategies for almost 15 years. Rogers previously worked at Allscripts, a global leader in healthcare IT, where he managed cyber security for multiple data centers and applications. He also gained valuable security experience with Duke Energy Corporation, where he focused on cybersecurity within the Nuclear Power business. Matthew has spoken at numerous cybersecurity conferences and has published many articles about cybersecurity. He is a certified information security systems security professional (CISSP). He is also certified with Microsoft and Elastic Stack, a computer software company that makes data usable. He holds a Bachelor of Science degree in Computer Information Systems from Thomas College in Waterville, Maine.
Currently the Head of Security Operations at Zoom Video Communications. Most recently, Barr served as CISO at Topia, overseeing security for the company’s global cloud-based platform. As the former CISO at Aryaka Networks, Saba, the Talent Development company, Barr created the company's global security program from the ground up, including policy creation, logical and technical controls, vulnerability assessment and a mechanism for weaving security review into the product development lifecycle. Prior to Saba, Barr held chief security and IT management positions at leading cloud companies including ServiceSource, Qualys, Yodlee and WebEx Communications.
Oleksandr has been the Vulnerability Management program leader at EPAM Systems, Inc. for the last two years focused on Public Cloud and Container Security vulnerability management. He has been in the Information Technology field since 2007 with seven plus years within Information Security field. Oleksandr has successfully integrated more than ten projects in several security domains such as DLP, EDR, SCADA security, PAM in various business sectors like Financial, Telecom, Insurance, etc.
Kasturi is a Senior DevSecOps Engineer working with the Cloud Security Engineering team at Informatica. She has been on the team for the past 3.5 years working on Threat Detection and Vulnerability Management, and building automations to integrate various security tools within Informatica's DevOps pipeline.
Jeremy is a security architect at a large Midwestern financial institution and is responsible for vulnerability management, operating system security standards/compliance, and file integrity monitoring.
Mike presently serves as the Chief Information Security Officer for Grand Canyon Education, responsible for leading the security team and formulating the vision and strategy for protecting students, staff and information assets across the enterprise. Previous experiences include serving as a threat prevention expert for Check Point and working as a consultant and analyst for other large enterprise customers. He is also a co-author/contributor for the joint book project, Understanding New Security Threats published by Routledge in 2019. When not exploring the implications of the rapidly evolving threat landscape or the convergence between cognitive psychology and machine learning, he spends time playing video games with his kids, practicing martial arts and cooking.
Bassel Assah (MSc., MBA, CISSP) is the Head of InfoSec and Business Continuity at Bankmed Group. He is a passionate Information Security and Business Continuity expert with more than 15 years of experience. Throughout his career, he has been driven by his love for learning, technology, and innovation. Bassel is a strong advocate of providing the best user experience for both customers and employees, without jeopardizing security.
Paul is an experienced Information Security professional in the Private Equity / FinTech Sector with 17 years of experience in both UK and US regulatory environments. Joined Uphold (a company aimed at Global everything-in-one wallet and democratizing investment and financial services) in 2018 because of an interest in the emerging field of cryptocurrency and enjoying the (r)evolution!
Guido is an engineer and Information Technology expert graduated from Politecnico di Milano. He started his career as a consultant and acquired specific skills in the finance and telecommunications sectors. He has been working at Infostrada and in then in Wind from 1998, where he has held various positions including CMR, DWH and ERP Development Manager as well as IT Governance Manager. His experience as Security Compliance Manager in the early days of GDPR gives him a unique expertise. Since 2017, in WINDTRE, he has held the position of Head of Cyber Intelligence and Defense unit and leads the team in charge of Threat Intelligence.
Diligent, reliable and focused business professional with 14+ years broad-based IT-experiences in leading and engineering. Self-motivated with a good entrepreneurial spirit. Profound knowledge of IT governance, security and business continuity. A goal-oriented leader with strong interpersonal abilities who supports the needs of his team and therefore provides a good working environment.
Giuseppe Brizio is a seasoned Business Technology professional who joined Qualys on July 1, 2020 as Chief Information Security Officer EMEA. He previously worked at Nestlé (Food & Beverage world leader) in executive leadership roles in various Business areas (e.g. Information Systems, Security and Compliance, Business Services, Supply Chain, Mergers and Acquisitions etc.). Giuseppe’s Business Technology knowledge and experience contributes to further develop Qualys leadership position and strengthen its sustainable and profitable growth. Giuseppe main responsibilities at Qualys are (a) to develop customer relationship at a strategic level and identify new business opportunities (b) to convey “voice of the customer” to Product Management, Marketing and Engineering teams and (c) to represent Qualys at conferences, seminars and forums. The values which best define Giuseppe’s leadership and management style, are: excellence, innovation, customer success and teamwork. His preferred guiding principle is “alone you go faster, together you go farther!”.
AXA is one of the largest global insurer with 160k Employees in 57 countries delivering services for 108 million clients. AXA purpose is to act for human progress by protecting what matters. Bruno is an IT professional working for AXA for more than 30 years. He had the opportunity to take over different responsibilities in architecture, network, IT operations and cyber security and had developed his professional career in various roles from Expert until Chief Executive. As the Head of Cyber Defense, he is reporting to the AXA Group CIO. Cyber Defense takes care of all IT security projects and products and all IT security operations. His challenge is to provide a robust/strong execution capability enabling AXA to actively defend against and respond to cyber threats that impact the AXA brand, their entities and customers.
Alain was nominated Chief Information Security Officer on April 1st, 2013. In his role, he is responsible for overall information security in Amadeus including policies, standards, procedures, architecture and guidelines for all Amadeus businesses. Alain ‘s priority is to establish an information security function to ensure Amadeus information assets are well protected and mitigations are adequately implemented. Alain also manages the ongoing execution of the security operation in all of Amadeus' information technology areas such as applications, data protection, data communications systems as well as all information systems.
Jared is the CISO for CRH plc, the worlds leading building materials business, with revenue of over $30 billion (2019). Jared is responsible for securing and improving the security posture of CRH, spanning 30 countries, covering 80,000 employees and more than 3000 operating locations. Before joining CRH, Jared previously led cyber services for a Big 4 consulting firm. Internationally, he has led successful projects across the Americas, EMEA, and APAC regions. He has spoken at more than 100 international events internationally including Gartner, RSA, InfoSecWorld, and others. Jared is passionate about making a difference in business, technology, and information security improvements – with a clear focus on people and high-performance. He published a book in the early years of Cloud Computing, focusing on security and risk in cloud environments – listing as a Top 50 Technology seller on Amazon. Jared also serves on several advisory boards, has assisted in the developement MSc degree programs, along with multiple training programs, and industry-leading courses and certifications over the past 15 years.