Patch release of Qualys Cloud Platform, version 8.15.2, includes new support for Apache instance auto-discovery in Qualys Policy Compliance.
Policy Compliance
Apache Instance Auto-Discovery – This new feature in Qualys PC enables automatic discovery of Apache during compliance scans. Once one or more apache instances are discovered, the required authentication records are automatically created. We’ve also simplified authentication records for Apache allowing multiple instances to share a single authentication record. In cases where multiple Apache instances are found, users no longer need to provide separate authentication records for each instance.
Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.
In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.
This release includes the following new policies and updates:
New CIS Benchmarks for MySQL and updates to latest versions of Windows, SUSE, and Ubuntu benchmarks
New best practice and industry policies for NIST 800.53, Amazon Linux, and Juniper JunOS
New DISA STIG Policies for Windows 8.1, Windows Server 2008/2012 Domain Controllers and several existing DISA STIGs updated to latest version
This new patch release of the Qualys Cloud Platform, version 8.15.1, includes updates to Qualys Vulnerability Management.
Vulnerability Management
IP Update Handling for Agents – External IP address for Agents will no longer overwrite previous internal IP address when an internal address is not available during inventory data collection. The previous internal IP will remain as the Agent’s IP until the Agent recollects inventory data.
For more details about the above feature – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Cloud Platform Release Notes page.
Platform release dates will be published on the Qualys Status page when available.
This new release of the Qualys Cloud Platform (VM, SCA, PC), version 8.15, includes several new improvements across the VM, PC, and SCA Apps including new IPv6 configuration options for the scanner, improvements to several VM reports including ability to display EC2 metadata, a new Policy Compliance report, and expanded platform support for VM, PC, and SCA.
This new release of the Qualys Cloud Platform (VM, SCA, PC), version 8.14, includes several new feature improvements across the apps such as Wallix AdminBastion support, EC2 scan improvements, VM reporting improvements, ESX/ESXi PC support for vCenter, PC STIG Report, and expanded technology support for Qualys Policy Compliance.
In this latest post of our series on the EU’s General Data Protection Regulation, we’ll explain how file integrity monitoring (FIM) can be crucial in helping organizations comply with this severe regulation.
GDPR, which went into effect in May and applies to organizations worldwide that handle EU residents’ personal data, provides few details of specific security technologies and processes organizations should adopt.
However, it’s clear from the GDPR text that the regulators expect organizations to demonstrate that they’re doing all they can to protect their EU customers’ personal data from malicious and accidental misuse. For InfoSec teams this means providing a rock-solid security foundation that gives their organizations superior data breach prevention and detection.
File integrity monitoring (FIM) specifically provides security controls in three key areas for GDPR:
Ensuring integrity of data stored in filesystems
Protecting confidentiality of data by detecting changes to filesystem access controls
In prior installments of this GDPR compliance blog series, we’ve discussed the importance of key security practices such as IT asset inventory and vulnerability management. Today, we’ll focus on another core component for GDPR: policy compliance.
As we’ve stated before, to comply with the EU’s General Data Protection Regulation (GDPR), organizations must show they’re doing all they can to protect their EU customers’ personal data. Thus, InfoSec teams must provide a rock-solid security foundation that gives organizations superior data breach prevention and detection.
With a strong IT policy compliance program, organizations can deploy and manage their IT environment according to applicable government regulations, industry standards and internal requirements.
For organizations, it’s critical to establish a lifecycle for managing assets and controls to protect the data they contain. One must continuously: identify IT assets and scope, define control objectives, automate control assessment, prioritize fixes, and ultimately remediate the security configuration problems.
To be effective, this entire process must be trackable by auditors and must maintain the proper reports and dashboards necessary to drive continuous improvement. Organizations must have this knowledge not only to properly protect their EU customers’ personal data — the regulation’s core goal — but also to comply with other GDPR requirements.
After gaining complete visibility into their IT assets, organizations can create data maps and decide which technical controls it needs to secure EU residents’ personal data in a way that meets GDPR’s considerable expectations and strict requirements.
Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.
In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.
This release includes the following new policy and updates:
CID 3777 and 3781 will be removed in 30 days and have newer replacement controls.
CIS Benchmark coverage for Network Devices including Cisco Firewall ASA, Palo Alto Firewall, Cisco NX-OS, JunOS 12/13
CIS for Oracle 11gR2, 12c, and Microsoft Windows 10 r1607/r1703
Adobe Common Controls Framework for Google Chrome and Microsoft Internet Explorer
Refresh of several DISA STIG and CIS Benchmarks to latest versions
Updated control settings in mandate-based policies
File integrity monitoring, like other foundational security practices such as vulnerability management, helps organizations comply with the EU’s General Data Protection Regulation (GDPR). FIM specifically provides security controls in three key areas for GDPR:
Ensuring integrity of data stored in filesystems
Protecting confidentiality of data by detecting changes to filesystem access controls
Detecting breaches
Qualys File Integrity Monitoring’s ability to quickly detect changes in all of these cases makes it a critical tool that helps you meet general security requirements of GDPR. This regulation goes into effect in late May and applies to any organization worldwide that handles personal data of EU residents.
What is FIM, anyway?
File integrity monitoring systems can help you to promptly detect a variety of changes stemming from normal IT activities, compliance and change control violations, or malicious acts such as malware attacks and configuration tampering. FIM systems use snapshot data and real time detection on the endpoints to identify when files on a system are changed, and when necessary, log the file changes so system administrators, compliance teams, and incident response teams can verify the events and determine if the activity was normal, a policy violation, or a sign of compromise.
Aside from compliance and breach detection use cases, FIM can be invaluable in making sure scripts used for automation and critical application configurations are not changed without proper change control and approval. That way, organizations can prevent downtime and enable fast recovery, both key to ensuring availability of critical applications.
This new release of the Qualys Cloud Platform (VM, PC), version 8.13, includes several new feature improvements across the apps such as the ability to test authentication records, as well as improvements to UDC’s and report options in Qualys Policy Compliance.
Patch release of Qualys Cloud Platform, version 8.15.2, includes new support for Apache instance auto-discovery in Qualys Policy Compliance.
