Qualys Blog

www.qualys.com
47 posts

Qualys Cloud Suite 8.10.1 New Features

This new patch release of the Qualys Cloud Suite, version 8.10.1, includes updates to password management, user roles & permissions, and User Defined Control improvements in Qualys Policy Compliance (PC).

Continue reading …

Qualys Cloud Suite 8.10 New Features

This new release of the Qualys Cloud Suite, version 8.10, includes new capabilities and improvements to for VM, PC and shared platform improvements:

  • Authentication Vault integration with BeyondTrust
  • Mandate-Based reporting for Policy Compliance to simplify reporting against multiple mandates and audit frameworks.
  • Expanded support & features for scanning Cloud Environments such as Amazon EC2, Azure, and Google GCE.
  • VM Scanning, Reporting, and SSL Labs Improvements
  • Ability to export/import UDC definitions with Policy XML and Qualys Library Content
  • Policy Compliance support for PostGRE SQL and UDC Support for Amazon Linux 2016

See Also:

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library monthly.

This release includes new policies and updates covering:

  • Initial coverage for DISA STIG on Windows
  • SCM for Windows Server 2016
  • New CIS versions for CentOS, Windows Server 2008 R2/2012 R2
  • Several updates to minor versions for Vendor Recommended and CIS policies.

Continue reading …

Qualys Support for Reserve Bank of India (RBI) Cyber Security Guidelines

Reserve Bank of India (RBI), India’s central banking and monetary authority, points out that the number, frequency, and impact of cyber incidents on Indian banks has increased substantially. Like their peers globally, Indian banks are committed to maintaining customer trust, protecting financial assets, and preserving their own brand and reputation as the industry will remain a top target of cybercriminals using increasingly sophisticated methods. Thus, it is urgent that banks continue to improve their cyber defenses.

In a race to adopt technology innovations, the exposure to cyber incidents/attacks has also increased, thereby underlining the urgent need to put in place a robust cyber security and resilience framework. The Reserve Bank of India has provided guidelines on Cyber Security Framework vide circular DBS.

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library monthly.

This release includes new policies and updates covering: Docker, Oracle Enterprise Linux, Red Hat Enterprise Linux, and Windows Server 2012 R2.

Continue reading …

Qualys Cloud Suite 8.9.3 New Features

This new patch release of the Qualys Cloud Suite, version 8.9.3, includes updates for cloud-based scanner deployments and tagging improvements.

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library monthly.

This release includes new policies and updates covering: MySQL, Amazon Linux, CentOS, Microsoft IIS, and Microsoft Windows.

Continue reading …

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library monthly.

In Q4 2016, Qualys added new policies for CIS as well as Qualys Recommended policies, and provided updated versions for minor changes to a number of CIS policies.

Continue reading …

Qualys Cloud Suite 8.9.2 New Features

This new patch release of the Qualys Cloud Suite, version 8.9.2, includes updates for Cloud-based scanner deployments and expanded platform coverage for PC.

Feature Highlights

Continue reading …

Slash Vendor Risk and Sharpen Compliance with Policies, Standards and Regulations

As we continue our Qualys Top 10 Tips for a Secure & Compliant 2017 blog series, we zoom in on the all important area of compliance and risk monitoring, a key element of any comprehensive security program.

IT compliance and risk managers don’t have it easy. You face an increasingly complex regulatory landscape, constantly evolving industry standards and a technology environment that’s changing at a dizzying pace. It falls on your shoulders to make sure your organizations follow rules, regulations, laws, standards and practices in areas of IT across all business functions.

In this post, we’ll offer tips 5 – 7 on our list, to help you:

  • Ensure internal and external IT compliance
  • Assess procedural and technical controls among vendors to reduce the risk of doing business with them
  • Comply with the Payment Card Industry Data Security Standard (PCI DSS)

Continue reading …