Qualys Policy Compliance Notification: Policy Library Update

2019-04-03T11:23:37
ID QUALYSBLOG:746BC530099F324C772A4DCE93B2877C
Type qualysblog
Reporter Pronamika Abraham
Modified 2019-04-03T11:23:37

Description

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The February release includes the following new policy and updates:

  • New Industry and Best Practice policies for Microsoft Windows Server 2019 and Oracle Database 18c
  • New DISA STIG policy for VMware vSphere ESXi 6.0, V1R5 and Google Chrome V1R15.
  • More than 40 updated policies

Qualys’ Certification Page at CIS has been updated.

New Industry and Best Practice Policies

  • Security Configuration and Compliance Policy for Windows Server 2019
  • Security Configuration and Compliance Policy for Oracle Database 18c

New DISA STIG Policies

  • Security Technical Implementation Guide (STIG) for VMware vSphere ESXi 6.0, V1R5
  • Security Technical Implementation Guide (STIG) for Google Chrome, V1R15

Updated Library Policies

  • Policy refresh for the following library policies:
    • DISA STIG Windows 2008 R2 V1R29, Domain Controller
    • DISA STIG Windows 2008 R2 V1R28, Member Server
    • DISA STIG Windows 2008 (non-R2) V6R42, Domain Controller
    • DISA STIG Windows 2008 (non-R2) V6R41, Member Server
    • DISA STIG Windows 2012 (non-R2) V2R15, Domain Controller
    • DISA STIG Windows 2012 (non-R2) V2R14, Member Server
    • DISA STIG Windows 2012 R2 V2R15, Domain Controller
    • DISA STIG Windows 2012 R2 V2R14, Member Server
    • DISA STIG Windows 2016 V1R7, Domain Controller
    • DISA STIG Windows 2016 V1R7, Member Server
    • DISA STIG Windows 10 V1R16
    • DISA STIG Red Hat Enterprise Linux 6 V1R21
    • DISA STIG Red Hat Enterprise Linux 7 V2R2
    • DISA STIG Internet Explorer 11 V1R16
  • Policy update to add support for IE-specific technology controls for Windows:
    • DISA STIG Policy for Internet Explorer 10 V1R15
  • Policy update for control configuration changes:
    • CIS Benchmark for Amazon Linux 2016 v2.0.0
    • CIS Benchmark for CentOS Linux 6 v2.1.0
    • CIS Benchmark for CentOS Linux 7 v2.2.0
    • CIS Benchmark for Oracle Linux 6 v1.1.0
    • CIS Benchmark for Oracle Linux 7 v2.1.0
    • CIS Benchmark for Red Hat Enterprise Linux 6 v2.1.0
    • CIS Benchmark for Red Hat Enterprise Linux 7 v2.2.0
    • CIS Benchmark for SUSE Linux Enterprise Server 11.x v2.1.0
    • CIS Benchmark for SUSE Linux Enterprise 12.x v2.1.0
    • CIS Benchmark for Ubuntu Linux 12.04, v1.1.0
    • CIS Benchmark for Ubuntu Linux 14.04 v2.1.0
    • CIS Benchmark for Ubuntu Linux 16.04 v1.1.0
    • CIS Benchmark for Debian Linux 7, v1.0.0
    • CIS Benchmark for Debian Linux 8, v1.0.0
    • CIS Benchmark for IBM AIX 6.1, v1.1.0
    • CIS Benchmark for IBM AIX 7.1, v1.1.0
    • CIS Benchmark for Oracle Solaris 10, v5.2.0
    • NIST 800-53 Rev 4 for Network Devices
    • HITRUST Cyber Security Framework (CSF) for Network devices, Version 8.1
    • Security Configuration and Compliance Policy for Amazon Linux 2017
    • Security Configuration and Compliance Policy for Debian 9
  • Policy update for Control ID changes
    • Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2008 R2 Member Server
    • Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2008 R2 Domain Controller
  • Policy update for Cover Page change
    • CIS Benchmark for HP-UX 11i, v1.5.0

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:

  • CIS Benchmark for Amazon Linux 2 v1.0.0
  • CIS Benchmark for Debian Linux 9 v1.0.0
  • CIS Benchmark for VMware ESXi 6.5 Benchmark v1.0.0
  • CIS Benchmark for Windows 10 Enterprise Release 1803 v1.5.0
  • Security Configuration and Compliance policy for Microsoft Windows 2019 Server
  • Security Configuration and Compliance policy for Microsoft Windows 10 Release 1809

If you have any questions, please contact your TAM or Technical Support. See all library updates.