Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.
In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.
The March release includes the following new policy and updates:
- New Industry and Best Practice policies for Microsoft Windows 10 Release 1809
- New CIS Benchmark policies for Amazon Linux 2 v1.0.0, VMware ESXi 6.5 v1.0.0, Debian Linux 9 v1.0.0, and Microsoft Windows 10 Enterprise Release 1803 v1.5.0
Qualys’ Certification Page at CIS has been updated.
New CIS Benchmark Policies
CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to broad coverage of the CIS Benchmarks and regularly releases certified policies as well as contributing to the development of new benchmarks through the CIS Community.
- CIS Benchmark for Amazon Linux 2 v1.0.0
- CIS Benchmark for VMware ESXi 6.5 v1.0.0
- CIS Benchmark for Debian Linux 9 v1.0.0
- CIS Benchmark for Microsoft Windows 10 Enterprise Release 1803 v1.5.0
New Industry and Best Practice Policies
- Microsoft Security Baseline for Windows 2019 Server
- Security Configuration and Compliance Policy for Microsoft Windows 10 Release 1809
Coming Next Month
The following policies and updates are currently planned for release to the policy library next month:
- Qualys Security Configuration and Compliance Policy for Apache Tomcat 9
- Security Technical Implementation Guide (STIG) for Cisco IOS XE
- Security Technical Implementation Guide (STIG) for Palo Alto
- CIS Benchmark for PostgreSQL 10, v1.0.0