Back to qualys.com
All posts tagged with cis
24 posts

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys News, Qualys Technology on January 30, 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on January 22, 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The September and October releases include the following new policies and updates:

  • New CIS Benchmark for Palo Alto Firewall 8, IBM DB2 9.x, IBM DB2 10.x, and Oracle 12c
  • New Industry and Best Practices policies for IBM DB2 11.x, MariaDB 10.x, Microsoft Windows, and Microsoft SQL Server 2017
  • Updates to several existing library policies

Qualys’ Certification Page at CIS has been updated.

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on September 10, 2018

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

  • New CIS Benchmarks for MySQL and updates to latest versions of Windows, SUSE, and Ubuntu benchmarks
  • New best practice and industry policies for NIST 800.53, Amazon Linux, and Juniper JunOS
  • New DISA STIG Policies for Windows 8.1, Windows Server 2008/2012 Domain Controllers and several existing DISA STIGs updated to latest version
  • Updates to several existing library policies

Qualys’ Certification Page at CIS has been updated. Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on August 2, 2018

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policy and updates:

  • New policies for Apple OS X, Splunk, and Windows 10 1709
  • New versions of already supported CIS Benchmarks and DISA STIGs
  • Updates to controls and technology coverage in existing library policies

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on May 24, 2018

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policy and updates:

  • CID 3777 and 3781 will be removed in 30 days and have newer replacement controls.
  • CIS Benchmark coverage for Network Devices including Cisco Firewall ASA, Palo Alto Firewall, Cisco NX-OS, JunOS 12/13
  • CIS for Oracle 11gR2, 12c, and Microsoft Windows 10 r1607/r1703
  • Adobe Common Controls Framework for Google Chrome and Microsoft Internet Explorer
  • Refresh of several DISA STIG and CIS Benchmarks to latest versions
  • Updated control settings in mandate-based policies

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on March 14, 2018

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

  • New CIS policy for Palo Alto Firewall 7 and Microsoft Windows 10 Enterprise Release 1607
  • New mandate-based policies Adobe Common Controls Framework for Microsoft Windows, and HITRUST for VMware & Network Devices
  • Several updates to existing library policies

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on January 15, 2018

Policy LibraryQualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

  • New CIS policies for Internet Explorer and Chrome on Windows, Apache Tomcat, RHEL, Windows 10, Sybase ASE, and MongoDB
  • New DISA STIG policies for Internet Explorer 10 and 11
  • New Best Practice & Mandate Policies for SAP ASE 16 and HiTRUST CSF on Linux
  • Several updates to existing library policies

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on November 30, 2017

The Qualys library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

  • New CIS benchmarks for Docker
  • New policies for USGCB for Microsoft Windows
  • New best practice controls for reducing risk related to malware/ransomware
  • Several updates to existing Mandate-based, CIS and DISA STIG Policies

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Posted by in Qualys Technology on October 18, 2017

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

  • New CIS Benchmarks for Amazon Linux, Apple OS X, Microsoft SQL Server, Microsoft Windows, and Ubuntu Linux
  • New DISA STIG policy for Windows Server 2016
  • New Best Practice Policies for Amazon Linux, PostGRE SQL, and HITRUST CSF
  • Several updates to existing CIS Certified benchmarks

Continue reading …

Achieve Continuous Security and Compliance with the CIS Critical Security Controls

Posted by in Qualys News, Qualys Technology on September 26, 2017

For InfoSec pros, it’s easy to get overwhelmed by the constant noise from cybersecurity industry players — vendors, research firms, consultants, industry groups, government regulators and media outlets. A good antidote for this hyperactive chatter is to refocus on foundational InfoSec practices. That’s what SANS Institute Senior Analyst John Pescatore and I will do this week: An immersion into the Center for Internet Security’s Critical Security Controls (CSCs).

During an hour-long webcast on Sept. 28, we’ll be discussing the benefits of implementing these 20 recommended controls. Initially published in 2008, these information security best practices have been endorsed by many leading organizations and successfully adopted by thousands of InfoSec teams over the years. Now on version 6.1, the CIS CSCs map effectively to most security control frameworks, as well as regulatory and industry mandates, and are more relevant and useful than ever.

Continue reading …

RSS feed of recent blog posts tagged with cis