F1TYM1

Policy Compliance Library Updates, February 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The February release includes 8 CIS Benchmark policies, 4 Qualys Security Configuration and Compliance policies, and 1 mandate [MARS-Ev2] policy. Apart from adding a new technology support, it also provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS at CIS has been updated.

New CIS Benchmark Policy

CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to providing broad coverage of the CIS Benchmarks with regular releases of CIS certified policies in Policy Compliance and by contributing to the development of new benchmarks through the CIS Community

This release contains the following new CIS Benchmark policies:

  • CIS Benchmark for CentOS Linux 8 v1.0.0
  • CIS Benchmark for Juniper OS v2.0.0
  • CIS Benchmark for MongoDB 3.6 v1.0.0
  • CIS Benchmark for Mozilla Firefox 38 ESR v1.0.0
  • CIS Benchmark for Oracle Linux 8 v1.0.0
  • CIS Benchmark for Oracle Solaris 11.4 v1.0.0
  • CIS Benchmark for Windows 10 Enterprise Release 1903 v1.7.0
  • CIS Benchmark for Windows 10 Enterprise Release 1909 v1.8.0

New Industry and Best Practice Policies

  • MARS-E Document Suite, Version 2.0 for Red Hat Enterprise Linux 7.x
  • Qualys Security Configuration and Compliance Policy for Riverbed SteelHead RiOS 9.x
  • Qualys Security Configuration and Compliance Policy for Windows Embedded OS
  • Qualys Security Configuration and Compliance Policy for File Integrity Monitoring (FIM) audit prerequisites.

Updated Library Policies

Policy re-release:

  • The following policy is re-released for Control (ID 7662) update and include “Not Scored” controls:
    • CIS Benchmark for Microsoft IIS 10 v1.1.1 [Scored & Not Scored, level 1 & 2]
  • The following policies is re-released for Control (ID 12712, 13604, 13605, 13681, 12746, 12747, 12769) updates also for new Controls (ID 12813,16222,16224,16564) inclusion in it.
    • Qualys Security Configuration and Compliance Policy for JBoss WildFly/EAP
  • The following policy is re-released for Control ID (9182) update.
    • NIST 800-53 Rev 4 for Linux.

Deprecated Policies:

The following policies are deprecated owing to the latest policy release (CIS Benchmark for Juniper OS v2.0.0 ) for this technology:

  • Security Configuration and Compliance Policy for Juniper Junos 13.x
  • Security Configuration and Compliance Policy for Juniper Junos 14.x
  • Security Configuration and Compliance Policy for Juniper Junos 15.x

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:

  • DISA STIG policy RHEL 7 Version 2 Release 6 (Q1 Release: Jan 2020)
  • DISA STIG RHEL 6 Version 1 Release 24 (Q4 Release: Oct 2019)
  • DISA STIG WINDOWS 2008 R2 DC Version 1 Release 31 (Q3 Release: Jul 2019)
  • DISA STIG WINDOWS 2008 R2 MS Version 1 Release 30 (Q3 Release: Jul 2019)
  • DISA STIG WINDOWS 2012 R2 and non-R2 DC Version 2 Release 19 (Q1 Release: Jan 2020)
  • DISA STIG WINDOWS 2012 R2 and non-R2 MS Version 2 Release 17 (Q4 Release: Oct 2019)
  • DISA STIG WINDOWS 2016 Version 1 Release 10 (Q1 Release: Jan 2020)
  • DISA STIG WINDOWS 2019 Version 1 Release 3 (Q1 Release: Jan 2020)
  • DISA STIG Oracle 11.2g Version 1 Release 17 (Q1 Release: Jan 2020)
  • DISA STIG Oracle 12c Version 1 Release 16 (Q1 Release: Jan 2020)
  • DISA STIG Internet Explorer 11 Version 1 Release 18 (Q4 Release: Oct 2019)
  • DISA STIG Internet Explorer 10 Version 1 Release 16 (Q1 Release: Jan 2020)
  • DISA STIG Google Chrome Version 1 Release 18 (Q1 Release: Jan 2020)
  • DISA STIG Mozilla Firefox Version 4 Release 28 (Q1 Release: Jan 2020)
  • DISA STIG Microsoft SQL Server 2016 Database Version1 Release 5 and Instance Version 1 Release 8 (Q1 Release: Jan 2020)
  • CIS Fedora 28 Family Linux Benchmark v1.0.0

If you have any questions, please contact your TAM or Technical Support. See all library updates.

In:

Tags: