Threat Management - Qualys
Threat ManagementContinuous Security November 2018Peeyush PatelVP Information Security1
Breadth, novelty, and accuracy ofdata combined with analytic skills informed and trusted decisionsCredit history data onnearly 1 billionindividuals worldwideWe verified over9 billiontransactions and eventsover last12 monthsLifestyle segmentationdata on over 2.3 billionconsumers in 24countries2
The JourneyCalm Before the StormDay 0Initial ResponseJump the CurveLessons Learned3
August 2017 - One Month BeforeSecurityFirst - 4 Year Program UnderwayKey drivers: Speed to Market and AgilityMaturing Three Line of Defense FrameworkRisk Discovery & Mgmt Initiatives in ProgressCulture Shift to DevOpsSaw spikes in traffic being prevented by WAF and IPSIncreased scans of Experian environment4
September 7, 2017 – Breach Publicly Announced60 Minutes before publicationExperian CIO is notifiedCrisis Protocol Initiated – All Hands on Deck5
One Week LaterBoard and SeniorExecutivesCustomers3rd Party AuditorsFormerly Aggressive TimelinesNow Seem too SlowCISOVendorsEngineeringMedia6CIOSales and Marketing
100 Day Challenge7
Experian Reality100 DayChallengeComplexNetworksNeedSpeed gThreats
Experian Goal100 DayChallengeExecute RapidlyComplexNetworksDynamicAssetsDevOpsBoost AgilityConsolidate ToolsNeedSpeed toMarketBuild Security In9Automate lysisParalysisHybridCloudOngoingThreatsMeasure & Refine
Security at the Speed of atePlanTestMonitorQualys Cloud PlatformFlexible · Scalable · ComprehensiveWAS10PCVMIOCCATPFIM
One Year LaterSecurity is everyone’s responsibilityThree Layers of Defense well defined andunderstoodRegional Security Risk Management committeesstrengthened and meeting with greater frequencyC-Suite focus on securityBusiness sees security as a differentiator11
Lessons LearnedDon’t WasteanOpportunityAct QuicklyOpportunity toJump theCurve Build relationships with Peers Plan for the breach of a competitor Measure yourself against the industryBuild the Right Partnerships with Vendors12 Pay attention and trust the signs
Questions? 2018 Experian Information Solutions, Inc. All rights reserved. Experian and the Experian marks used herein are trademarksor registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are thetrademarks of their respective owners. No part of this copyrighted work may be reproduced, modified, or distributed in anyform or manner without the prior written permission of Experian.Experian [Public. Confidential. Internal. Restricted. – please choose the appropriate category]
Experian by the numbersUS 4.7bnrevenue62c. 845mreinvested in data,software, and other assetsCredit data on:petabytesTotal global storage capacity 100,000Diverse mix of clients2.3 billioncredit reports deliveredevery year14USRevenue byclient segment 1bn & oyee volunteer hoursRevenue byregionFinancial tomotiveSoftware / professionalservices8%5%5%Telecoms and utilitiesInsuranceMedia and technologyPublic sector/education4%4%3%2%Other13%5%North America57%Latin America17%UK and Ireland18%EMEA / ASIA PAC8%
A market leader against largest competitorswith unparalleled global reach and range4,65715,000Global revenue US %*9%91%FICOAcxiom0ExperianNorth America1 Year ended 31 March 20182Year ended 31 December 2017EquifaxTransUnionOther regions3 Year ended 30 September 2017D&B*US only.Source: Latest full year revenue, company SEC filingsThis analysis covers traditional competitors that are publicly listed. It does not include companies where a single division competes against Experian.15
Global revenue FY18EMEA /Asia Pacific8%ByregionUK andIrelandBy customer18%Financial services57%LatinAmerica17%3% 2%4%4%NorthAmericaDirect to ySoftware and professionalservices8%ConsumerServicesRetailTelco and utilities13%20%17%InsuranceMedia technology55%25%DataPublic sector/educationBusiness-to-Business 80%OtherDecisioning16Diverse portfolio by region, business activity and customer
2018 Experian Information Solutions, Inc. All rights reserved. Experian and the Experian marks used herein are trademarksor registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are thetrademarks of their respective owners. No part of this copyrighted work may be reproduced, modified, or distributed in anyform or manner without the prior written permission of Experian.Experian [Public. Confidential. Internal. Restricted. – please choose the appropriate category]
12 months Credit history data on nearly 1 billion individuals worldwide . Analysis Paralysis Ongoing Threats Need Speed to Market Dynamic Assets Boost Agility Execute Rapidly . form or manner without the prior written permission of Experi
About this Guide About Qualys 5 About this Guide Welcome to Qualys Patch Management! We’ll help you get acquainted with the Qualys solutions for patching your systems using the Qualys Cloud Security Platform. About Qualys Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading p
Qualys Gateway Service (QGS) is a packaged virtual appliance developed by Qualys that provides proxy services for Qualys Cloud Agent deployments that require proxy connectivity to connect agents to the Qualys Clo
Qualys Continuous Monitoring is a SaaS-based add-on purchase used with Qualys Vulnerability Management. Qualys CM provides powerful configuration options that scale to custom requirements of large enterprises. Three themes guide the configuration strategy for effective use of Qua
About this Guide About Qualys About this Guide Thank you for your interest in our revolutionary new Qualys Cloud Agent Platform. This new platform extends the Qualys Cloud Platform to continuously assess global IT infrastructure and applications using lightweight agents. All you have to do is install agents on your IT assets.
May 08, 2020 · the Qualys Cloud Agent, these systems can be easily enabled to deploy patches via the Qualys Cloud Platform, without the need to touch the client systems. Alternatively, a lightweight Qualys agent is deployed to the remote computers. Philippe Courtot, chairman and CEO, Qualys, said, “Than
Active Directory login and password. 3) Upon successful authentication, the web browser should be redirected to Qualys and a valid session should be opened with the expected user identity. 4) When logging out of Qualys, the web browser should be redirected to https://www.qualys.com or a custom logout URL provided by the customer.
Shared third-party threat information via the Cyber Threat Alliance further enriches this knowledge base. The Cyber Threat Alliance is a consortium of 174 different threat intelligence and threat feed providers that crowdsource and share threat intelligence. Cyber Threat Alliance processes more than 500,000 file samples and 350,000 URLs daily.
Qualys Threat Protection is a cloud service that correlates external threat indicators against your internal vulnerabilities and IT asset data — letting you control evolving threats and identify what to remediate first. Between 30% and 40% of disclosed vulnerabilities, amounting to thousands p
