A critical vulnerability has been found in Apache Struts 2, and it is being actively attacked in the wild, as hackers jump at the chance to hit high-profile targets by exploiting this critical bug.


Apache has issued an emergency security alert, classifying this as a high-risk vulnerability. If left unaddressed, organizations are at risk of remote code execution attacks, which could lead to complete system compromise.


During this webcast, Qualys Product Management Directors Vikas Phonsa (Web Application Firewall) and Frank Catucci (Web Application Scanning) show you how Qualys' complete, end-to-end security solutions can detect and patch the vulnerability so that you can keep your business-critical information safe from attackers.


With Qualys Vulnerability Management, Web Application Scanning, and Web Application Firewall, you can find Struts in your environment quickly, comprehensively, and at scale, as well as shield your organization from Struts attacks while you identify and patch vulnerable systems.


This webcast will include a live demo and Q&A session.


Watch On-Demand »


About the Speakers


Vikas Phonsa is Director of Product Management for the Web Application Firewall at Qualys. He has over 14 years of experience in Software Engineering, Security and Product Management across multiple business domains including e-commerce, insurance, automobile industry, healthcare, enterprise security, and content delivery. Prior to joining Qualys, Vikas held product management positions at Symantec and Verizon where he helped launch and manage cloud-based message archiving and security services.




Frank Catucci is the Director of Product Management for the Web Application Scanning at Qualys. He has over 15 years experience in the Information Technology and Security field that spans enterprise, financial services, university/higher education, government, healthcare, legal, start-up businesses, public and private industries. Aside from his daily Web Application Scanning and Application Security duties, Frank also conducts security research, freelance penetration testing, and often speaks at information security conferences and events such as BSides, OWASP, ISSA, etc.