Policy Compliance Library Updates, April 2021

Pronamika Abraham

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The April release includes 1 CIS Benchmark policy, 3 new mandate-based policies, more than 10 DISA STIG policies, 3 Industry and Best Practice policies.

Qualys’ Certification Page at CIS has been updated.

New CIS Benchmark Policy

CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to providing broad coverage of the CIS Benchmarks with regular releases of CIS certified policies in Qualys Policy Compliance and by contributing to the development of new benchmarks through the CIS Community.

This release contains the following new CIS Benchmark policy:

  • CIS Benchmark policy for Microsoft Intune for Windows 10 Release 2004 v1.0.0

New Mandate-based Policy

  • Cybersecurity Maturity Model Certification (CMMC) v1.0 for Linux
  • MITRE ATT&CK Policy (MAC OS)
  • NERC CIPv6 for Windows

New DISA STIG Policies

  • DISA Security Technical Implementation Guide (STIG) for Juniper Router NDM, Version 1 Release 5
  • DISA Security Technical Implementation Guide (STIG) for Apache 2.4 Server for UNIX Version 2 Release 2
  • DISA Security Technical Implementation Guide (STIG) for Apache 2.4 Site for UNIX Version 2 Release 1
  • DISA Security Technical Implementation Guide (STIG) for Palo Alto Networks IDPS and ALG Version 2 Release 1
  • DISA Security Technical Implementation Guide (STIG) for PostgreSQL 9.x Version 2 Release 1
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Access 2013 Ver 1, Rel 6
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Excel 2013 Ver 1, Rel 7
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Office System 2013 Ver 2, Rel 1
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Outlook 2013 Ver 1, Rel 13
  • DISA Security Technical Implementation Guide (STIG) for Microsoft PowerPoint 2013 Ver 1, Rel 6
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Word 2013 Ver 1, Rel 6
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Edge STIG – Ver 1, Rel 1

New Industry and Best Practice Policies

  • Qualys Security Configuration and Compliance Policy for SAP HANA
  • Qualys Security Configuration and Compliance Policy for Data Domain OS 6.x
  • Qualys Security Configuration and Compliance Policy for Apache Hadoop

Updated Library Policies

  • Policy update to include CID 17159
    • CIS Benchmark for Ubuntu Linux 18.04 LXD Host, v1.0.0

Deprecated Policies

The following policies are deprecated in the March 2021 package:

  • Network Policies
    • DISA Security Technical Implementation Guide (STIG) for Palo Alto Networks ALG, V12R5
    • DISA Security Technical Implementation Guide (STIG) for Palo Alto Networks IDPS, V1R4
  • Database Policies
    • DISA Security Technical Implementation Guide (STIG) for PostgreSQL 9.x, V1R7
  • Application Policies
    • DISA Security Technical Implementation Guide (STIG) for Apache 2.4 Server for Windows, V1R4
    • DISA Security Technical Implementation Guide (STIG) for Apache 2.4 Server for UNIX, V1R4
    • DISA Security Technical Implementation Guide (STIG) for Apache 2.4 Site for UNIX, V1R1

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:
  • CIS Benchmark for Cisco NX-OS v1.0.0
  • CMMC policy for databases
  • DISA Security Technical Implementation Guide (STIG) for Apple MacOS 11 Version 1 Release 1
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Exchange 2016 Edge Transport Server Ver 1, Rel 5
  • DISA Security Technical Implementation Guide (STIG) for VMware vCenter
  • Qualys Security Configuration and Compliance Policy for Cisco ISE 2.x
  • Qualys Security Configuration and Compliance Policy for Cisco ISE 3.x
  • Qualys Security Configuration and Compliance Policy for VMware vCenter Server assessment (Appliance and Windows)
  • Qualys Security Configuration and Compliance Policy for MemSQL
  • Qualys Security Configuration and Compliance Policy for SCSEM Windows Sever 2016 v1.1
Policy Update:
  • SCSEM Windows Sever 2019 v1.0

If you have any questions, please contact your TAM or Technical Support. See all library updates.

Share your Comments

Comments

Your email address will not be published.