Name: Beyond the Top 10: Advanced Security Strategies for Web Applications & APIs
Start: 2024-10-23T18:00:00Z
End: 2024-10-23T18:01:00.000Z
Location: BrightTALK
Rating: 0

Join us for this informative technology series for insights into emerging security trends that every IT professional should know. These brief sessions will give you an opportunity to discover best practices from market leaders as well as hands-on advice from industry experts on a variety of security and compliance topics.
 
Let Qualys help keep you up-to-date with cost-effective and efficient technology trends. Choose the topic that interests you or plan to attend the entire series to make sure you stay ahead of the curve.

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on December 12, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of November 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, November 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, December 2024

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on November 14, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of October 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, October 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, November 2024

In the 2023 Qualys TruRisk Report, the Qualys Threat Research Unit revealed that adversaries are weaponizing vulnerabilities 11.5 days than the average organization can apply the necessary patches. A Mandiant report published at the end of 2023 evaluated time-to-exploit trends from 2021-2022. That report revealed that 62% of Vulnerabilities are exploited as zero day vulnerabilities, and the number of vulnerabilities continue to increase while the time to exploit continues to decrease.

CISA BOD-22-01 took major steps towards helping organizations prioritize risk remediation by mandating the discovery and remediation of Known Exploitable Vulnerabilities (KEV) within 2 weeks of being added to the CISA KEV database. As reflected in the last 12 months of FISMA OIG reports, many Federal organizations continue to struggle with risk prioritization and remediation, and several are finding meeting KEV remediation deadlines to be a challenge.

Vulnerability remediation plays a critical role in helping organizations reduce risk and improve cyber security resilience, yet it’s an area where nearly 85% of Agencies continue to struggle.

Join Qualys, for: Accelerating Patch Remediation and Meeting BOD-22-01 webinar where we will discuss:

<ul><li>Breaking down Vulnerability Discover and Remediation Siloes</li>
<li>How to Leverage Automation to Reduce High Risk Vulnerabilities</li>
<li>In-depth coverage for KEV discovery and Remediation Tracking</li>
<li>Building Successful workflows for patch management</li>
<li>Simplifying patching of third party software</li></ul>

Accelerating Patch Remediation and Meeting BOD-22-01

As AI technologies become deeply embedded in our digital infrastructures, they also become prime targets for sophisticated cyber threats. Recognizing the urgent need for specialized security measures, Qualys is excited to introduce TotalAI, a comprehensive security solution designed specifically for the complexities of Generative AI and LLMs.

Join us on Thursday, October 17, 2024 at 11 am PST for our webinar where we will unveil Qualys TotalAI for comprehensive protection for AI-driven applications and infrastructures. This session will cover the intricate landscape of AI threats, the specific vulnerabilities of LLMs and AI-Infrastructure, and how TotalAI addresses these challenges with a live demonstration.

Key Highlights:

- Explore the unique challenges associated with AI technologies and the potential risks they pose. 
- Learn about the features and capabilities of Qualys TotalAI and how it stands out from conventional security solutions. 
- See how TotalAI tackles your real-world AI security challenges in a live demonstration. 
- Engage with our experts to ask questions and discuss how TotalAI can be tailored to meet the specific needs of your organization. 

This webinar is essential for CISOs, IT security professionals, compliance officers, and anyone involved in managing and securing AI infrastructures. Whether your organization is already using AI technologies or planning to implement them, understanding the security measures necessary to protect these innovations is crucial.

Securing Generative AI and LLMs with Qualys TotalAI

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on October 10, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of September 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, September 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, October 2024

There are several crucial developments in the cybersecurity landscape in 2024, including a significant rise in reported CVEs and the need for advanced defensive strategies. This webinar will highlight emerging risks and provide insights into the best practices and strategies for effectively addressing them.

Key highlights include:

• 10 Exploited Vulnerabilities You Should Be Tracking in 2024
• A 30% increase in CVEs from 2023 underscores a growing security imperative.
• Analysis of the 204 vulnerabilities that have been weaponized Examination of vulnerabilities that exploit public-facing applications and utilize remote services for network breaches.

Learn how cutting-edge security solutions can help you stay ahead of emerging risks. Equip yourself with the knowledge to fortify your defences against the dynamic threats of today's digital environment. [SA1] [CM2] [CM3]

Exploited CVE Insights: Navigating the Storm of New Threats

For nearly 20 years, Federal agencies have been attempting to quantify, prioritize and respond to vulnerabilities and misconfigurations using largely the same set of core technologies. These technologies have consistently led to inconsistent FISMA configuration management findings for many Agencies, commonly resulting in deficiencies in timely vulnerability detection and remediation, due to slow scanning architectures and siloed processes.  FISMA M-24-04 introduces additional requirements, beyond traditional IT, to identify and quantify risk associated with IoT and Operational technologies.

The Qualys TruRisk Platform brings a fresh perspective to helping organizations achieve FISMA compliance. By integrating attack surface management, continuous vulnerability discovery, and integrated remediation customers are able to more effectively facilitate compliance with Federal outcomes, and to lay the foundation for Zero Trust.

Join Qualys public sector experts as we discuss Federal directives and mandates, challenges and strategies for achieving compliance outcomes. You’ll learn:
<ul>
<li>How to achieve comprehensive asset visibility across your entire attack surface, including IT, IoT, OT, and external assets.</li>
<li>Strategies for risk-based vulnerability management and prioritizing remediation efforts to protect your High Value Assets (HVAs).</li>
<li>Best practices for implementing continuous monitoring and automation to stay ahead of emerging threats and maintain a robust security posture. </li>
<li>Ways to support Zero Trust Architecture principles and establish granular access controls to minimize the risk of unauthorized access and data breaches.</li>
</ul>
Don't miss this opportunity to gain valuable insights and practical guidance on aligning your cybersecurity program with the latest directives and better securing your organization's attack surface.

Improving FISMA Outcomes with Qualys

Cloud security is more than just vulnerability management—it is about recognizing and neutralizing toxic combinations that can leave your assets exposed. In this must-attend webinar, we will explore how Qualys TotalCloud CNAPP, powered by TruRisk Insights, uncovers hidden risks in your cloud environment and provides the tools to eliminate them before they become a threat. 

Key Takeaways: 

- Break down silos: Remove organization silos, drive consistent visibility across the DevOps lifecycle, and drive security as a key part of each stage of that journey.  

- Spot the Risks: Learn how TruRisk Insights identifies and prioritizes toxic combinations that elevate your cloud’s risk profile, enabling targeted and effective remediation. 

- Automate and Secure: Discover how automated workflows in TotalCloud CNAPP help you neutralize risks, streamline your security operations, and maintain continuous protection across your cloud infrastructure. 

- Understand Cloud Infrastructure and Entitlement Management’s role in enabling overall risk reduction.  

Why Attend? 

Do not just manage cloud security—master it. Join us to discover how TruRisk Insights can transform your approach to cloud security, enabling you to proactively identify and neutralize the threats lurking in your environment. Join us on September 18th to understand how you can drive a fundamental change in cloud security with Qualys TotalCloud CNAPP.

Breaking down silos and creating an integrated view of risk in the cloud with Qualys TotalCloud CNAPP

Cloud security is more than just vulnerability management—it is about recognizing and neutralizing toxic combinations that can leave your assets exposed. In this must-attend webinar, we will explore how Qualys TotalCloud CNAPP, powered by TruRisk Insights, uncovers hidden risks in your cloud environment and provides the tools to eliminate them before they become a threat. 

Key Takeaways: 

- Break down silos: Remove organization silos, drive consistent visibility across the DevOps lifecycle, and drive security as a key part of each stage of that journey.  

- Spot the Risks: Learn how TruRisk Insights identifies and prioritizes toxic combinations that elevate your cloud’s risk profile, enabling targeted and effective remediation. 

- Automate and Secure: Discover how automated workflows in TotalCloud CNAPP help you neutralize risks, streamline your security operations, and maintain continuous protection across your cloud infrastructure. 

- Understand Cloud Infrastructure and Entitlement Management’s role in enabling overall risk reduction.  

Why Attend? 

Do not just manage cloud security—master it. Join us to discover how TruRisk Insights can transform your approach to cloud security, enabling you to proactively identify and neutralize the threats lurking in your environment. Join us September 17th to understand how you can drive a fundamental change in cloud security with Qualys TotalCloud CNAPP.

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on September 12, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of August 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, August 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, September 2024

Many requirements for PCI DSS 4.0 went into effect in March 2024, with the balance going into effect by March 2025. Are you audit -ready? There are 64 new requirements, including internal authenticated vulnerability scans, the ability to discover assets such as databases and middleware, file access management, web application vulnerabilities, and agentless network support. These and many other critical capabilities are now required to prevent security breaches, audit failures, and litigation. The expanding PCI requirements increase the complexity of achieving PCI compliance and command a streamlined and centralized platform approach. 

Join guest speakers Elie Abouzeid, AVP Information Security at DentaQuest and PCI Internal Security Assessor (ISA), and Adam Bush from Schellman along with technical experts from Qualys, for an informative webinar event on Tuesday, August 20, 8 AM PT as they discuss industry trends and new attack vectors, as well as why customers are switching to Qualys from other solutions. 

Here’s what you will learn:

• What the latest PCI changes are and how they impact security teams
• What are the challenges many organizations face with the new requirements
• How organizations achieve PCI Compliance without adding too much complexity
• How to effectively discover misconfigurations and middleware
• What the new requirements are for internal versus external vulnerability scanning
• What is required to reduce alert fatigue and streamline IT costs
• The importance of  file reputation and trust status for PCI effectivness
• The role that web applicatation scanning will have in achieving PCI DSS 4.0 Compliance

PCI DSS 4.0: Are You Ready for the New Requirements?

Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on August 15, 2024.

We will discuss this month's high-impact vulnerabilities, including those that are part of July 2024 Patch Tuesday. We will walk you through the steps to address the key vulnerabilities using Qualys VMDR and Patch Management.

We will cover:

• The significant vulnerabilities published this month:
• Microsoft Patch Tuesday, July 2024 
• Other Significant Vulnerabilities

An action plan to quickly identify and remediate vulnerabilities:

• Learn how to use Qualys Patch Management to remediate vulnerabilities.

This Month in Vulnerabilities and Patches, August 2024

Join us as we share best practices on how organizations of every size can significantly reduce risk.

This session will cover:

Discover the steps needed to improve your communication with IT and ensure that you haven’t deployed one patch too many that resulted in unnecessary downtime
Learn how to automate patch management where it makes sense
Attendees gain actionable insights and practical strategies for aligning IT and security teams, optimizing resilience, and minimizing security risks across your organization.

Proactive Risk Mitigation Through IT and Security Alignment

Understanding and mitigating cybersecurity risks is crucial for patient and organizational security in the healthcare sector. Join Derek Fisher as he explores the concept of exploitability and its impact on healthcare organizations. Learn how to identify and prioritize vulnerabilities by focusing on their actual risk to your organization. This session will cover:

Balancing risk by using exploitability to determine which vulnerabilities need immediate attention.
Building efficient workflows for remediation, ensuring critical vulnerabilities are addressed promptly.
Overcoming challenges in healthcare, such as limited budgets, legacy systems, and low-tech adoption.
Discover how a strategic patch management approach can enhance healthcare security and operational efficiency.

Mitigating Risks in Healthcare: The Role of Exploitability in Patch Management

Learn how this leader in the private aviation space has strengthened its defenses, eliminated 100,000 vulnerabilities, and achieved a 35% reduction in cyber insurance costs while boosting operational efficiency.

Key Takeaways:

Automation in Cybersecurity: Discover how we utilize automation tools for efficient vulnerability detection and management, enhancing overall security processes
Vulnerability Reduction Strategies: Gain insights into the advanced scanning tools, integrated security platforms, and predictive analytics that have significantly decreased our vulnerabilities
Cost Reduction Methods: Understand the correlation between improved security measures and reduced cyber insurance costs through proactive risk management
Register now to explore this proactive cybersecurity approach and learn how to enhance your organization’s security posture in an ever-evolving threat landscape.

Building A Culture of Communication and Resilience

Traditional EPP often fall short as cyber threats evolve. Join industry expert Adam Gray from Novacoast to explore critical cybersecurity challenges modern organizations face and discover how advanced solutions can strengthen your defenses.

The financial impact of cybercrime, comprehensive data collection for threat detection, and browser and endpoint security.
The effectiveness of AV/EDR solutions, supply chain vulnerabilities, and essential data for improving security posture.
Learn how to transform your cybersecurity strategy for robust protection and enhance your organization’s resilience.

Your Tools Are Failing: Navigating the Fine Line Between Success and Vulnerability

Hybrid workplaces are now the norm, presenting new daily cybersecurity challenges. Managing 300,000 endpoints and 20,000 services globally, one organization ensures their data and brand remain secure amid rising malware and ransomware attacks. Join us for a fireside chat between Satish Machaiah, Associate Practice Manager, and Jonathan Trull, CISO & SVP Customer Solutions Strategy at Qualys, to explore how defenses have been fortified, vulnerabilities eliminated, and cyber insurance costs reduced through strategic automation and seamless IT-security collaboration.

Key Takeaways:

Integrated Security Strategies: Gain insights into aligning IT and security teams, fostering a unified approach to reducing vulnerabilities.
Building a Security Culture: Learn how to cultivate a robust security culture, enhancing overall resilience.
Automation in Cybersecurity: Discover how leveraging patch management can remediate 80 to 85% of critical security updates within 4 to 5 days.
Cost Reduction Methods: Understand how proactive risk management and enhanced security measures can significantly reduce cyber insurance costs.
Join us to explore a forward-thinking cybersecurity approach, the journey in building a cohesive security culture, and how your organization can enhance its security posture in an evolving threat landscape.

Scaling Security: Managing 300,000 Endpoints and Remediating 85% of Threats in 5 Days

Join us on October 23, 2024 at 11 AM PST as we discuss the evolving landscape of web application security, moving beyond the foundational OWASP Top 10 to explore advanced defensive strategies tailored for the complex threat environment of 2024. As we consolidate all web app and API risk findings into Qualys Web Application Scanning (WAS), you will gain a robust understanding of how a unified platform can be leveraged to detect and mitigate emerging vulnerabilities.

Join us to stay ahead in a dynamically changing threat landscape, providing actionable insights that go beyond conventional wisdom. 

Register now

Beyond the Top 10: Advanced Security Strategies for Web Applications & APIs

OWASP Top 10

OWASP

DAST

Web App Security

API Security

AppSec

ASPM

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Beyond the Top 10: Advanced Security Strategies for Web Applications & APIs

Presented by

About this talk

More from this channel