Qualys Policy Compliance Notification: Policy Library Updates (June)

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The June release includes the following new policies and updates:

  • 5 new technologies
  • 4 new Industry and Best Practice policies
  • 4 updated policies

Qualys’ Certification Page at CIS has been updated.

New Technologies

  • SUSE 15
  • Open SUSE 15
  • PostgreSQL 11
  • Red Hat Fedora
  • IBM WebSphere (added support for SUSE and Solaris technologies)

New Industry and Best Practice Policies

  • Qualys Security Configuration and Compliance Policy for MongoDB 4.x
  • Qualys Security Configuration and Compliance Policy for SELinux in PC library
  • Qualys Security Configuration and Compliance Policy for Brocade Fabric 7.x and 8.0
  • Qualys Security Configuration and Compliance Policy for Data Domain OS 5

Updated Library Policies

Policy update for control configuration changes:

  • CIS Benchmark for CentOS Linux 6, v2.1.0
  • CIS Benchmark for CentOS Linux 7, v2.2.0
  • CIS Benchmark for Ubuntu 12.04 LTS Server, v1.1.0
  • CIS Benchmark for Ubuntu Linux 14.04 LTS, v2.1.0

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:
  • CIS Benchmark for Microsoft Exchange Server 2016 v1.0.0
  • CIS Benchmark for Microsoft Exchange Server 2013 v1.1.0
  • DISA STIG Policy for Windows 2019 Server Ver 1 Rel 1
  • DISA STIG Policy for IBM WebSphere Traditional 9.x Ver 1 Rel 1
  • DISA STIG Policy for Oracle Database 11g Ver 8 Rel 20
  • DISA STIG Policy for Oracle Database 11.2g Ver 1 Rel 14
  • DISA STIG Policy for Oracle Database 12c Ver 1 Rel 12
  • DISA STIG Policy for Firefox Ver 4 Rel 25
  • Qualys Security Configuration and Compliance Policy for Fedora 28 and 29
Updates:
  • CIS Benchmark for Debian Linux 8 v2.0.0

If you have any questions, please contact your TAM or Technical Support. See all library updates.

Leave a Reply