Policy Compliance Library Updates, January 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.Policy Library

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The January release includes 5 CIS Benchmark policies, 4 Qualys Security Configuration and Compliance policies, and 1 DISA STIG policy. Apart from adding a new technology support, it also provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

New Technology

  • Fortinet firewalls

New CIS Benchmark Policies

CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to providing broad coverage of the CIS Benchmarks with regular releases of CIS certified policies in Policy Compliance and also by contributing to the development of new benchmarks through the CIS Community.

This release contains the following new CIS Benchmark policies:

  • CIS Benchmark for Apache Tomcat 8 v1.1.0
  • CIS Benchmark for Apache Tomcat 9 v1.0.0
  • CIS Benchmark for Oracle MySQL Community Edition 5.7 v1.0.0
  • CIS Benchmark for Red Hat Enterprise Linux 8 v1.0.0
  • CIS Benchmark for VMware ESXI 6.7 v1.0.0

New Industry and Best Practice Policies

  • Qualys Security Configuration and Compliance Policy for Cisco FTD 6.x
  • Qualys Security Configuration and Compliance Policy for Cisco WLC 8.x
  • Qualys Security Configuration and Compliance Policy for Fortinet Firewall
  • Qualys Security Configuration and Compliance Policy for Mac OS X 10.15

New DISA STIG Policies

  • DISA Security Technical Implementation Guide (STIG) policy for Microsoft SQL Server 2012 Ver 1 Rel 18

Updated Library Policies

Policy re-release:

  • The following policy is re-released to replace existing PC policy for CIS Microsoft SQL Server 2008 R2 Benchmark v1.5.0:
    • CIS Benchmark for Microsoft SQL Server 2008 R2 v1.6.0
  • The following policy is re-released for Control ID changes and also include “Not Scored” controls:
    • CIS Benchmark for VMware ESXI 6.5, v1.0.0
      • Not Scored Controls: 1129,6094,6097,14808,14805,16227,9023,16180,8978,8999,10118,8980,8979,8990,10014,8988,9109
      • Control Config Change Controls: 6078,8959,5877,8958,6079,8961,9016,16180,9399
  • The following policies are re-released for Control ID changes (6918,9924,9925) and replace Control ID 4718 with 17059:
    • CIS Benchmark for Microsoft SQL Server 2017, v1.0.0
    • CIS Benchmark for Microsoft SQL Server 2016, v1.1.0
    • CIS Benchmark for Microsoft SQL Server 2014, v1.4.0
    • CIS Benchmark for Microsoft SQL Server 2012, v1.5.0

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:

  • CIS Benchmark for CentOS Linux 8 v1.0.0
  • CIS Benchmark for Fedora 28 Family Linux v1.0.0
  • CIS Benchmark for Juniper OS v2.0.0
  • CIS Benchmark for MongoDB 3.6 v1.0.0
  • CIS Benchmark for Mozilla Firefox 38 ESR v1.0.0
  • CIS Benchmark for Oracle Linux 8 v1.0.0
  • CIS Benchmark for Oracle Solaris 11.2 v1.1.0
  • CIS Benchmark for Oracle Solaris 11.4 v1.0.0
  • CIS Benchmark for PostgreSQL12 v1.0.0
  • CIS Benchmark for Ubuntu Linux 18.04 LTS v2.0.1
  • CIS Benchmark for Windows 10 Enterprise Release 1903 v1.7.0
  • CIS Benchmark for Windows 10 Enterprise Release 1909 v1.8.0
  • Qualys Security Configuration and Compliance Policy for IBM HTTP Server 9
  • Qualys Security Configuration and Compliance Policy for Windows Embedded OS

 

If you have any questions, please contact your TAM or Technical Support.  See all library updates.

Leave a Reply