Policy Compliance Library Updates, April 2020

Pronamika Abraham

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The April release includes support for new technologies, 4 CIS Benchmark policies, 2 Industry and Best Practice policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

New Technology Support

  • Microsoft SharePoint 2010, 2013, 2016, 2019
  • PostgreSQL 12

New CIS Benchmark Policy

CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to providing broad coverage of the CIS Benchmarks with regular releases of CIS certified policies in Policy Compliance and by contributing to the development of new benchmarks through the CIS Community.

This release contains the following new CIS Benchmark policies:

  • CIS Benchmark for Microsoft SharePoint 2016 v1.1.0
  • CIS Benchmark for SharePoint 2019 v1.0.0
  • CIS Benchmark for Microsoft SQL Server 2019 v1.0.0
  • CIS Benchmark for PostgreSQL12 v1.0.0

New Industry and Best Practice Policies

  • Qualys Security Configuration and Compliance policy for IBM HTTP Server 9
  • Qualys Security Configuration and Compliance policy for Oracle HTTP Server 11g and 12c

Deprecated Policies

The following policies are deprecated in the April 2020 package:

  • CIS Benchmark for Ubuntu Linux 18.04 LTS, v1.0.0
  • DISA Security Technical Implementation Guide (STIG) policy for Google Chrome, V1R15
  • DISA Security Technical Implementation Guide (STIG) policy for Internet Explorer 10, V1R15
  • DISA Security Technical Implementation Guide (STIG) policy for Internet Explorer 11, V1R16
  • DISA Security Technical Implementation Guide (STIG) policy for Microsoft SQL Server 2016 Database, V1R4
  • DISA Security Technical Implementation Guide (STIG) policy for Microsoft SQL Server 2016 Instance, V1R6
  • DISA Security Technical Implementation Guide (STIG) policy for Mozilla FireFox, V4R25
  • DISA Security Technical Implementation Guide (STIG) policy for Oracle Database 11.2g, V1R14
  • DISA Security Technical Implementation Guide (STIG) policy for Oracle Database 12c, V1R12
  • DISA Security Technical Implementation Guide (STIG) policy for PostgreSQL 9.x, V1R5
  • DISA Security Technical Implementation Guide (STIG) policy for Windows Server 2019 DC, V1R2
  • DISA Security Technical Implementation Guide (STIG) policy for Windows Server 2019 MS, V1R2
  • DISA Security Technical Implementation Guide (STIG) policy for Red Hat Enterprise Linux 7, V2R2
  • DISA Security Technical Implementation Guide (STIG) policy for Windows Server 2008 R2 DC, V1R29
  • DISA Security Technical Implementation Guide (STIG) policy for Windows Server 2008 R2 MS, V1R28
  • DISA Security Technical Implementation Guide (STIG) policy for Windows Server 2016 DC, V1R7
  • DISA Security Technical Implementation Guide (STIG) policy for Windows Server 2016 MS, V1R7

Updated Library Policies

  • Policy update to add support for new DISA STIG standard:
    • DISA STIG policy RHEL 7 version 2 Release 6
    • DISA STIG Windows 2008 R2 DC version 1 Release 32
    • DISA STIG Windows 2008 R2 MS version 1 Release 31
    • DISA STIG Windows 2016 version 1 Release 10
  • Policy refresh for the following library policies:
    • CIS Benchmark for Ubuntu Linux 18.04 LTS v2.0.1
  • Policy update for configuration control changes:
    • CIS Benchmark for Oracle MySQL Community Server 5.6, v1.1.0: 3 policies:
      • CIS Benchmark for Oracle MySQL Community Server 5.6, v1.1.0 MySQL RDBMS on Linux and MySQL RDBMS
      • CIS Benchmark for Oracle MySQL Community Server 5.6, v1.1.0 MySQL RDBMS on Linux and MySQL
      • CIS Benchmark for Oracle MySQL Community Server 5.6, v1.1.0 MySQL RDBMS
    • CIS Benchmark for Oracle MySQL Community Edition 5.7, v1.0.0: 2 policies
      • CIS Benchmark for Oracle MySQL Community Edition 5.7, v1.0.0 MySQL RDBMS
      • CIS Benchmark for Oracle MySQL Community Edition 5.7, v1.0.0 MySQL RDBMS on Linux and MySQL RDBMS
    • CIS Benchmark for Oracle MySQL Enterprise Edition 5.6, v1.1.0: 2 Policies
      • CIS Benchmark for Oracle MySQL Enterprise Edition 5.6, v1.1.0 MySQL RDBMS on Linux and MySQL RDBMS
      • CIS Benchmark for Oracle MySQL Enterprise Edition 5.6, v1.1.0 MySQL RDBMS
    • CIS Benchmark for Oracle MySQL Enterprise Edition 5.7, v1.0.0: 2 Policies
      • CIS Benchmark for Oracle MySQL Enterprise Edition 5.7, v1.0.0 MySQL RDBMS on Linux and MySQL RDBMS
      • CIS Benchmark for Oracle MySQL Enterprise Edition 5.7, v1.0.0 MySQL RDBMS

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:

  • CIS Benchmark for Mac OSX 10.15
  • CIS Benchmark for Mac OSX 10.14
  • CIS Benchmark for Cisco IOS 16 XE Benchmark v1.0.0
  • CIS Benchmark for Palo Alto Firewall 9 Benchmark v1.0.0
  • CIS Benchmark for Windows Server 2019 Release 1809 v1.1.0
  • DISA Security Technical Implementation Guide (STIG) policy for HP-UX 11.31 V1R19
  • DISA Security Technical Implementation Guide (STIG) policy for MongoDB Enterprise Advanced 3.x V1R1
  • Qualys Security Configuration and Compliance Policy for Pivotal GreenPlum 5.x
  • Qualys Security Configuration and Compliance Policy for Pivotal Greenplum 6.x
  • Qualys Security Configuration and Compliance Policy for Microsoft Access 2019
  • Qualys Security Configuration and Compliance Policy for Microsoft Excel 2019
  • Qualys Security Configuration and Compliance Policy for Microsoft Exchange 2010
  • Qualys Security Configuration and Compliance Policy for Microsoft Office 2019
  • Qualys Security Configuration and Compliance Policy for Microsoft Outlook 2019
  • Qualys Security Configuration and Compliance Policy for Microsoft Word 2019
  • Qualys Security Configuration and Compliance Policy for Microsoft PowerPoint 2019
  • Qualys Security Configuration and Compliance Policy for Microsoft SharePoint Server 2013
  • Qualys Security Configuration and Compliance Policy for Microsoft SharePoint Server 2010

Policy Updates:

  • DISA Security Technical Implementation Guide (STIG) policy for Palo Alto Networks (IDPS)
  • DISA Security Technical Implementation Guide (STIG) policy for Palo Alto Networks Application Layer Gateway (ALG)
  • DISA Security Technical Implementation Guide (STIG) policy for Palo Alto Networks Network Device Management (NDM)
  • DISA Security Technical Implementation Guide (STIG) policy for RHEL 6 Version 1 Release 24
  • DISA Security Technical Implementation Guide (STIG) policy for Ubuntu 16 Version 1 Release 3
  • DISA Security Technical Implementation Guide (STIG) policy for Windows 2012 R2 and non-R2 DC Version 2 Release 19
  • DISA Security Technical Implementation Guide (STIG) policy for Windows 2012 R2 and non-R2 MS Version 2 Release 17

If you have any questions, please contact your TAM or Technical Support. See all library updates.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *