Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

Continue reading …

The patch release of the Qualys Cloud Platform, version 8.18.1.0-1, includes new support for HashiCorp Vaults as well as for Virtual Scanner Appliance for OCI and OCI-Classic Platforms.

Continue reading …

This new release of the Qualys Cloud Platform (VM, PC), version 8.18 contains several new features and improvements in Qualys Vulnerability Management and Policy Compliance, which include CertView Vulnerability Scan for EC2 Assets, support for new authentication types to filter vulnerabilities, support for InformixDB authentication and IBM Web Application Server, and 2 new technologies in Policy Compliance.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The January release includes the following new policy and updates:

• New CIS Benchmark for Ubuntu and PostgreSQL
• Updates to almost 60 existing library policies

Qualys’ Certification Page at CIS has been updated.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

Continue reading …

Qualys is extending the Cloud Agent capabilities for users of the Policy Compliance (PC) application by letting them define controls.

Until now, the Cloud Agent could only assess Qualys PC’s “out of the box” controls. By adding support for user defined controls (UDC), Qualys PC users now can use Cloud Agents to evaluate those types of controls. UDCs allows users to create their own controls dynamically, as needed, without having to submit control requests to Qualys development.

The UDC controls you’ve already defined in your Qualys Policy Compliance account for compliance scanning will also be evaluated by Qualys Cloud Agent with no action required from you.

Continue reading …

Qualys Cloud Platform (VM, PC) version 8.17 contains various feature enhancements in Qualys Vulnerability Management and Qualys Policy Compliance. In addition, this release also lowers the time required before pausing or canceling an ongoing scan. Previously, scheduled scans could be cancelled or paused after a minimum of one hour from its start time.

Continue reading …

This new release of the Qualys Cloud Platform (VM, PC), version 8.16, contains several new improvements in Qualys Vulnerability Management and Qualys Policy Compliance, which includes new password security option, increased limit for virtual hosts that can be added to a subscription, added support for Scanning ESXi Hosts on vCenter, and more.

Read on for release highlights.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The September and October releases include the following new policies and updates:

• New CIS Benchmark for Palo Alto Firewall 8, IBM DB2 9.x, IBM DB2 10.x, and Oracle 12c
• New Industry and Best Practices policies for IBM DB2 11.x, MariaDB 10.x, Microsoft Windows, and Microsoft SQL Server 2017
• Updates to several existing library policies

Qualys’ Certification Page at CIS has been updated.

Continue reading …

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

• New CIS Benchmarks for MySQL and updates to latest versions of Windows, SUSE, and Ubuntu benchmarks
• New best practice and industry policies for NIST 800.53, Amazon Linux, and Juniper JunOS
• New DISA STIG Policies for Windows 8.1, Windows Server 2008/2012 Domain Controllers and several existing DISA STIGs updated to latest version
• Updates to several existing library policies

Qualys’ Certification Page at CIS has been updated. Continue reading …