Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware.
In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library monthly.
This release includes new policies and updates covering: MySQL, Amazon Linux, CentOS, Microsoft IIS, and Microsoft Windows.
New CIS Benchmarks
CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to broad coverage of the CIS Benchmarks and regularly releases certified policies as well as contributing to the development of new benchmarks through the CIS Community.
Qualys’ Certification Page at CIS has been updated: https://benchmarks.cisecurity.org/membership/certified/qualys
Recent additions to the policy library include the following certified CIS Benchmarks:
- CIS Benchmark for Oracle MySQL Community Server 5.6 on Linux, v1.1.0
New Qualys Recommended, Vendor Recommended, or Mandate-Based Policies
- Security and Compliance Policy for Amazon Linux
Updated Library Policies
- CIS Benchmark for CentOS Linux 7, v1.1.0
- CIS Benchmark for Microsoft IIS 7.x v1.7.1
- CIS Benchmark for Microsoft IIS 8.x, v1.4.0
- CIS Benchmark for Microsoft Windows 8.1, v2.2.0
If you have any questions, please contact your TAM or Technical Support.