Black Hat CISO Summit

Cylance® is the first company to apply artificial intelligence and machine learning to cybersecurity, improving the way companies, governments, and end-users proactively solve the world's most difficult security problems. Cylance quickly and accurately identifies what is safe and what is a threat, not just what is in a blacklist or whitelist.

By coupling sophisticated technology with a unique understanding of an attacker's mentality, Cylance provides the products and services to be truly predictive and preventive against advanced threats.

Cylance's award-winning product, CylancePROTECT®, provides enterprise endpoint security without a cloud connection or frequent updates and uses a fraction of the system resources associated with legacy solutions.

Complementing CylancePROTECT, CylanceOPTICS™ is an AI driven endpoint detection and response (EDR) solution designed to extend prevention through root cause analysis, scalable threat hunting, and immediate response with consistent visibility into threats against endpoints.

Visit www.cylance.com or call +1-877-973-3336 for more information.

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 10,300 customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

Philippe Courtot

Chairman and CEO

Demonstrating a unique mix of technical vision, marketing and business acumen, Philippe Courtot has repeatedly built innovative companies into industry leaders. As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures.

Before joining Qualys, Philippe was the Chairman and CEO of Signio, an electronic payment start-up that he repositioned to become a significant e-commerce player. In February 2000, VeriSign acquired Signio for more than a billion dollars. Prior to Signio, Philippe was President and CEO of Verity, where he re-engineered the company to become the leader in enterprise knowledge retrieval solutions.

Philippe served on the Board of Trustees for The Internet Society, an international non-profit organization that fosters global cooperation and coordination on the development of the Internet. French and Basque born, he holds a master's degree in physics from the University of Paris.

Sumedh Thakar

Chief Product Officer

As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform.

A long time advocate of the SaaS model and cloud computing, Sumedh worked at Intacct, a cloud-based financial and accounting software provider, before working at Qualys. Previous to Intacct, Sumedh worked at Northwest Airlines to develop complex algorithms for yield and revenue management for their backend reservation system.

Sumedh is active in the PCI and security community working closely with the PCI Council on the development and enhancement of PCI DSS. He co-authored “PCI Compliance for Dummies,” an easy-to-read guide designed to educate merchant organizations about PCI. Sumedh has a bachelor's degree in computer engineering with distinction from the University of Pune.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber-attacks. FireEye has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.

Steven Booth

Vice President and Chief Security Officer

As Chief Security Officer, Steven Booth is in charge of leading and overseeing all aspects of IT security at FireEye. This includes the ongoing development and execution of enterprise-wide security architecture and monitoring programs, as well as technology risk and compliance. Steven directs the implementation of security controls, standards, policies and procedures to ensure protection of information systems and physical property while compliance is maintained against both corporate security policies and industry standards. Prior to FireEye, Steven was the AVP of Information Security and CISO at Manulife/John Hancock, Cybersecurity Architect at Microsoft, and ran security operations for VeriSign's MSSP.

David Kell

Director, Security Architecture & Engineering

As Director, Security Architecture & Engineering, David leads a blue team of security experts charged with design and implementation of technical security controls across the company's infrastructure. Prior to joining FireEye, David was the VP of Information Security and CISO at FBR, a mid-market investment bank, where he had responsibility for the bank's information security management program.

David has 20 years of experience in the information security profession and has previously held roles managing information security programs in the telecommunications, financial, and government sectors. David has served on various U.S. DHS and private working groups addressing Internet disruption. David is also a past member of the Network Security Information Exchange (NSIE) representing the telecommunications sector. David holds a Master's degree in Information Assurance from Norwich University.

StrozFriedberg, an Aon company, is a specialized risk management firm built to help clients solve the complex challenges prevalent in today's digital, connected, and regulated business world. Our focus is on cybersecurity, with leading experts in digital forensics, incident response, and security science; investigation; eDiscovery; intellectual property; and due diligence. Stroz Friedberg works to maximize the health of an organization, ensuring its longevity, protection, and resilience. Founded in 2000 and acquired by Aon in 2016, Stroz Friedberg has thirteen offices across nine U.S. cities, London, Zurich, Dubai, and Hong Kong. Stroz Friedberg serves Fortune 100 companies, 80% of the AmLaw 100, and the Top 20 UK law firms. Learn more at www.strozfriedberg.com.

Rocco Grillo

Cyber Resilience Leader

Rocco Grillo is Stroz Friedberg's Cyber Resilience Leader and a member of the firm's executive management team. His cyber resilience team, which includes the company's incident responders and security scientists who deliver the firm's proactive and reactive cybersecurity capabilities, has successfully triaged some of the largest data breaches recorded in the last decade. Previously in his career, Mr. Grillo led Protiviti's Global Incident Response and Forensics Investigations, helped develop RedSiren Technologies (a leading managed security service provider and full services security firm that evolved out of Carnegie Mellon), and held management positions with Lucent Technologies and Bell Atlantic. Mr. Grillo is a CISSP, CRMA, PCI-QSA, and a Certified Third Party Risk Assessor. He is an affiliate board advisor for FS-ISAC and NH-ISAC, a member of the Shared Assessments Program Steering Committee board, and the CLM Cyber Liability Council. Rocco is also a Distinguished Fellow of Ponemon Institute.

Jibran Ilyas

Managing Director

Jibran Ilyas is a Managing Director in the Stroz Friedberg's Incident Response practice. Jibran has over 15 years of experience in the field of Information Security, with 10 years specializing in the areas of incident response, digital forensics and threat intelligence. He has led investigations for some of the world's largest data breaches in the financial, technology and defense sectors. This included working closely with law enforcement agencies to track and ultimately arrest major threat actor groups. As a thought leader, Jibran has presented at several global security conferences including DEFCON, Black Hat, Thotcon, Microsoft Digital Crimes Conference, and Department of Homeland Security's ATTE conference. Furthermore, he has conducted forensics training for United States Secret Service (USSS). Jibran is an adjunct lecturer at Northwestern University for the Digital Forensics course. In 2017, he was honored as “40 under 40” by Crain's Chicago Business Magazine for his contributions in cybersecurity.

Cybereason gives your company the upper hand by taking an entirely new approach to cybersecurity - EDR, next-gen antivirus, anti-ransomware, fileless malware protection, and security services, all powered by a purpose-built in-memory graph database. Gain unmatched visibility and collapse your security stack with Cybereason's cybersecurity data analytics platform. Learn more at cybereason.com.

Rapid7 powers the practice of SecOps by delivering shared visibility, analytics, and automation that unites security, IT, and DevOps teams. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response, and log management for more than 7,000 organizations across more than 120 countries, including 52% of the Fortune 100.

Cofense, formerly known as PhishMe®, is the leading provider of human-driven phishing defense solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches.  Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise. For more information on Cofense solutions, please visit www.cofense.com.

Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more. We enable this digital transformation on a foundation and capability for cybersecurity with products and services that have security built in from the start. Our unique approach combines a comprehensive, agile platform together with unparalleled intelligence and strategic partnerships in order to better protect your endpoints, move faster to detect threats, and respond to security breaches across even the largest of organizations. www.microsoft.com

Johnnie Konstantas

Sr. Director of Marketing Communication
Enterprise Cybersecurity Group

Johnnie is a veteran cybersecurity executive, bringing more than 19 years of security industry experience. Most recently she was the Sr. Director of Security Marketing and Business Development at Gigamon, responsible for driving strategy and relationships with technology partners and leading security campaigns, messaging development and distribution for field sales and channel enablement.

Prior to Gigamon, Johnnie was the Vice President of Marketing of machine learning platform Dato (acquired by Apple) where she led awareness, adoption and lead generation programs. While Senior Director of Cloud Security Sales at Juniper Networks, Johnnie managed accounts in Commercial and F1000 in the Pacific Northwest and Mid-West regions. As Vice President of Marketing at Altor Networks (acquired by Juniper), she successfully branded Altor as cloud security's leading innovator. Other posts include marketing, product management and engineering leadership roles at Varonis (VRNS), RedSeal Systems, Neoteris (acquired by Juniper), Check Point Software, Certicom and Motorola where she was a Lead Systems Engineer.

Johnnie received her B.S. in Electrical Engineering from University of Maryland.

Jonathan C. Trull

Global Chief Cybersecurity Advisor
Enterprise Cybersecurity Group

As Global Chief Security Advisor for the Microsoft Enterprise Cybersecurity Group, Jonathan leads Microsoft's team of worldwide Chief Security Advisors to provide thought leadership, strategic direction on the development of Microsoft security products and services, and deep customer and partner engagement around the globe.

Jonathan joined Microsoft in 2016 bringing more than 15 years of experience. Trull was Vice President and CISO with Optiv, responsible for developing and executing the company's information security strategy and program. Prior to Optiv, Trull was the CISO for Qualys where he was responsible for securing infrastructure and products, bringing security best practices to customers, providing strategic direction on the development of the QualysGuard Security Platform, researching real world threats and providing guidance on how to address them. Trull has established himself as an innovative security leader and was recently named by the SANS Institute as one of the "People Who Made a Difference in Cybersecurity."

Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world's largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 411,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus, endpoint detection and response (EDR), and a 24/7 managed hunting service - all delivered via a single lightweight agent. The CrowdStrike Falcon™ platform, certified to replace legacy antivirus, has reinvented how endpoint security is delivered with its industry-leading, cloud native architecture.

CyberArk, the #1 provider of privileged access security, provides a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world's leading organizations, including more than 50% of the Fortune 100, to protect against external attackers and malicious insiders, and address audit and compliance requirements. CyberArk is the only public company 100% focused on privileged access security, delivering innovative solutions to stay one step ahead of attackers.

Splunk Inc. (NASDAQ: SPLK) turns machine data into answers. Organizations use market-leading Splunk solutions with machine learning to discover their "aha" moments with machine data and solve their security challenges, including risk mitigation, incident response and compliance. Use Splunk software in the cloud and on-premises to improve the detection of insider and advanced threats, fraud and ransomware. Join millions of passionate users by trying Splunk software for free: www.splunk.com/free-trials.

Veracode, now part of CA Technologies, enables the secure development and deployment of the software that powers the application economy. With its combination of automation, process and speed, CA Veracode becomes a seamless part of the software lifecycle, eliminating the friction that arises when security is detached from the development and deployment process. As a result, enterprises are able to fully realize the advantages of DevOps environments while ensuring secure code is synonymous with high-quality code. CA Veracode serves more than 1,600 customers worldwide across a wide range of industries. The CA Veracode Platform has assessed more than 6 trillion lines of code and helped companies fix more than 30 million security flaws.

Your enterprise needs to move faster, but lack of process and legacy tools hold you back. The ServiceNow System of ActionTM replaces unstructured work patterns of the past with intelligent workflows of the future. ServiceNow's Security solutions are part of the System of Action. ServiceNow Security Operations bring incident data from security tools into a structured enterprise security response engine. Workflows, automation, and a deep connection with IT help prioritize and resolve real threats fast. ServiceNow Governance, Risk, and Compliance (GRC) drives unified GRC programs. It transforms processes by continuously monitoring, prioritizing, and automatically responding to real risks in real-time. Learn more: www.servicenow.com/sec-ops