File integrity monitoring, like other foundational security practices such as vulnerability management, helps organizations comply with the EU’s General Data Protection Regulation (GDPR). FIM specifically provides security controls in three key areas for GDPR:

• Ensuring integrity of data stored in filesystems
• Protecting confidentiality of data by detecting changes to filesystem access controls
• Detecting breaches  

Qualys File Integrity Monitoring’s ability to quickly detect changes in all of these cases makes it a critical tool that helps you meet general security requirements of GDPR. This regulation goes into effect in late May and applies to any organization worldwide that handles personal data of EU residents.

What is FIM, anyway?

File integrity monitoring systems can help you to promptly detect a variety of changes stemming from normal IT activities, compliance and change control violations, or malicious acts such as malware attacks and configuration tampering.  FIM systems use snapshot data and real time detection on the endpoints to identify when files on a system are changed, and when necessary, log the file changes so system administrators, compliance teams, and incident response teams can verify the events and determine if the activity was normal, a policy violation, or a sign of compromise.

Aside from compliance and breach detection use cases, FIM can be invaluable in making sure scripts used for automation and critical application configurations are not changed without proper change control and approval. That way, organizations can prevent downtime and enable fast recovery, both key to ensuring availability of critical applications.

Continue reading …

This new release of the Qualys Cloud Platform (VM, PC), version 8.13, includes several new feature improvements across the apps such as the ability to test authentication records, as well as improvements to UDC’s and report options in Qualys Policy Compliance.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

• New CIS policy for Palo Alto Firewall 7 and Microsoft Windows 10 Enterprise Release 1607
• New mandate-based policies Adobe Common Controls Framework for Microsoft Windows, and HITRUST for VMware & Network Devices
• Several updates to existing library policies

Continue reading …

You’ll be hard pressed to find file integrity monitoring on any list of cool, emerging, cutting-edge cybersecurity technologies. But if you choose to ignore this mature, foundational technology, it’ll be at great risk.

File integrity monitoring, or FIM, plays a key role in critical security and compliance scenarios. An effective FIM system can help you to promptly detect a variety of changes stemming from normal IT activity, compliance and change control violations, or malicious acts such as ransomware/malware attacks and configuration tampering. FIM can be your last line of detection for complex and evasive rootkits or mobile code. It is also invaluable in making sure validated scripts and configurations are not changed by insiders, malicious or not.

In this blog series, we’ll address the major uses for FIM, starting with regulatory compliance, and specifically the PCI DSS (Payment Card Industry Data Security Standard) mandate.

While FIM is an implicitly required control in many regulations for ensuring information integrity, it is explicitly mentioned in PCI DSS for any system handling personally identifiable information.  The best practices and insights from those monitoring systems with FIM for PCI compliance are just as applicable to other regulations and mandates, such as HIPAA, GDPR and Sarbanes-Oxley.

Continue reading …

This new release of the Qualys Cloud Suite, version 8.12 adds new reporting options for the PC Report, allowing you to include new summaries in the remediation section of the report for control failures.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

• New CIS policies for Internet Explorer and Chrome on Windows, Apache Tomcat, RHEL, Windows 10, Sybase ASE, and MongoDB
• New DISA STIG policies for Internet Explorer 10 and 11
• New Best Practice & Mandate Policies for SAP ASE 16 and HiTRUST CSF on Linux
• Several updates to existing library policies

Continue reading …

The Qualys library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

• New CIS benchmarks for Docker
• New policies for USGCB for Microsoft Windows
• New best practice controls for reducing risk related to malware/ransomware
• Several updates to existing Mandate-based, CIS and DISA STIG Policies

Continue reading …

This new patch release of the Qualys Cloud Platform, version 8.11.2, includes updates to shared platform features, Qualys Vulnerability Management and Qualys Policy Compliance SCAP scanning.

Update 12/1/2017: New Vulnerability Management feature added below.

Continue reading …

This new release of the Qualys Cloud Suite, version 8.11, adds several new major features including:

• Customizable Login Banners
• New VM features including QID Changelog View, PCAP Scanning in Express Lite subscriptions, Scanning Options, and Timestamps on IG QID’s.
• PC improvements to File Monitoring UDC as well as Policy Compliance Reporting Options.
• Expanded Policy Compliance platform support including Palo Alto Firewall, MongoDB, and Apache Tomcat on Windows.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

• New CIS Benchmarks for Amazon Linux, Apple OS X, Microsoft SQL Server, Microsoft Windows, and Ubuntu Linux
• New DISA STIG policy for Windows Server 2016
• New Best Practice Policies for Amazon Linux, PostGRE SQL, and HITRUST CSF
• Several updates to existing CIS Certified benchmarks

Continue reading …