Back to qualys.com

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

This release includes the following new policies and updates:

  • New CIS Benchmarks for MySQL and updates to latest versions of Windows, SUSE, and Ubuntu benchmarks
  • New best practice and industry policies for NIST 800.53, Amazon Linux, and Juniper JunOS
  • New DISA STIG Policies for Windows 8.1, Windows Server 2008/2012 Domain Controllers and several existing DISA STIGs updated to latest version
  • Updates to several existing library policies

Qualys’ Certification Page at CIS has been updated.

New Industry and Best Practice Policies

  • NIST 800-53 Rev 4 for Linux
  • NIST 800-53 Rev 4 for Network Devices
  • NIST 800-53 Rev 4 for Database
  • Security Configuration and Compliance policy for Amazon Linux 2
  • Security Configuration and Compliance Policy for Juniper JunOS 14.x
  • Security Configuration and Compliance Policy for Juniper JunOS 15.x

New CIS Benchmarks

CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to broad coverage of the CIS Benchmarks and regularly releases certified policies as well as contributing to the development of new benchmarks through the CIS Community.

  • CIS Benchmark for Oracle MySQL Enterprise Edition 5.6, v1.1.0
  • CIS Benchmark for Oracle MySQL Enterprise Edition 5.7, v1.0.0

New additions to the policy library for DISA STIG Guidelines:

  • DISA Security Technical Implementation Guide (STIG) for Windows 8.1, V1R20
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2008 (non-R2) DC, V6R39
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 (non-R2) DC, V2R11
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 R2 DC, V2R11

Updated Library Policies

New Versions of supported CIS Benchmarks
  • CIS Benchmark for Microsoft Windows 7 Workstation, v3.1.0
  • CIS Benchmark for Microsoft Windows 8.1 Workstation, v2.3.0
  • CIS Benchmark for Microsoft Windows Server 2008 non-R2, v3.1.0
  • CIS Benchmark for Microsoft Windows Server 2008 R2, v3.1.0
  • CIS Benchmark for Microsoft Windows Server 2012 non-R2, v2.1.0
  • CIS Benchmark for Microsoft Windows Server 2012 R2, v2.3.0
  • CIS Benchmark for SUSE Linux Enterprise Server 11.x, v2.1.0
  • CIS Benchmark for SUSE Linux Enterprise 12.x, v2.1.0
  • CIS Benchmark for Ubuntu Linux 14.04 LTS, v2.1.0
Updated DISA STIGs:
  • DISA Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 7, V1R4
  • DISA Security Technical Implementation Guide (STIG) for Windows 10, V1R12
Control updates in existing library policies
  • CIS Benchmark for CentOS Linux 6, v2.1.0
  • CIS Benchmark for CentOS Linux 7, v2.2.0
  • CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1511), v1.1.0
  • CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1607), v1.2.0
  • CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1703), v1.3.0
  • CIS Benchmark for Oracle Linux 6, v1.1.0
  • CIS Benchmark for Oracle Linux 7, v2.1.0
  • CIS Benchmark for Oracle Solaris 11, v1.1.0
  • CIS Benchmark for Red Hat Enterprise Linux 6, v2.1.0
  • CIS Benchmark for Red Hat Enterprise Linux 7, v2.2.0
  • CIS Benchmark for Ubuntu Linux 16.04 LTS, v1.1.0
  • CIS Benchmark for Microsoft SQL Server 2012, v1.4.0
  • CIS Benchmark for Oracle Database 11-11g R2, v1.0.0
  • CIS Benchmark for Oracle Database 11gR2, V2.2.0
  • CIS Benchmark for Oracle Database 12c, V2.0.0
  • CIS Benchmark for Oracle MySQL Community Server 5.6, v1.1.0
  • DISA Security Technical Implementation Guide (STIG) for Internet Explorer 10, V1R15
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 (non-R2) MS, V2R11
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 R2 MS, V2R11
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2016 DC, V1R3
  • DISA Security Technical Implementation Guide (STIG) for Windows Server 2016 MS, V1R3
  • Adobe Common Controls Framework for Microsoft Windows
  • Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2016 [Domain Controller]
  • Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2016 [Member Server]
  • Microsoft Security Compliance Manager (SCM) Baseline for Windows 10 version 1511
  • Security Configuration and Compliance policy for Microsoft Windows 10 (version 1709)

New Technology Support

  • Jboss/Wildfly EAP
  • MariaDB 10.x
  • DB2 11.x

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage
  • CIS Benchmark for Apple macOS 10.13, v1.0.0
  • CIS Benchmark for Palo Alto Firewall 8, v1.0.0
  • CIS Benchmark for PostgreSQL 9.5, v1.0.0
  • CIS Benchmark for Windows 10 Release 1709 v1.4.0 in Policy Compliance
  • NIST 800-53 Rev 4 for Windows technologies
  • Security Configuration and Compliance policy for Debian 9
  • Security Configuration and Compliance policy for IBM DB2 11.x
  • Security Configuration and Compliance policy for JBoss EAP/Wildfly
  • Security Configuration and Compliance policy for Debian 9
Updates
  • CIS Benchmark for IBM DB2 9.x, v3.0.1
  • CIS Benchmark for IBM DB2 10.x, v1.1.0
  • CIS Benchmark for Google Chrome, v1.3.0
New Technology Roadmap
  • IBM HTTP Server 9
  • Microsoft Office 2013 and related office apps (Outlook, Word, Excel, Access, Power Point)
  • Microsoft Office 2016 and related office apps (Outlook, Word, Excel, Access, Power Point)

If you have any questions, please contact your TAM or Technical Support.  See all library updates.

Leave a Reply