Policy Compliance Library Updates, September 2022

Pronamika Abraham

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS security guidelines from OS and application vendors, and other industry best practices.

To keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library twice every month. The first update contains new policies and is released in the first week of each month, followed by the second update by end of the month that includes bug fixes and updated policies.

The September release includes two CIS Benchmark policies, 16 DISA STIG  policies, and deprecates some of the existing policies.

Qualys’ Certification Page at CIS has been updated.

New CIS Benchmark Policies

CIS Benchmarks are developed through consensus, providing an industry-recognized collection of best practice controls. Qualys is committed to providing broad coverage of the CIS Benchmarks with regular releases of CIS-certified policies in Policy Compliance and contributes to the development of new benchmarks through the CIS Community.

This release contains the following new CIS Benchmark policies:

  • CIS Benchmark for Cisco IOS 15, V4.1.1
  • CIS Benchmark for Apple Mac OS 12.0 Monterey v1.0.0

New DISA STIG Policies

  • DISA Security Technical Implementation Guide (STIG) for Canonical Ubuntu 20.04 LTS, V1R5
  • DISA Security Technical Implementation Guide (STIG) for IIS 8.5 server, v2r4
  • DISA Security Technical Implementation Guide (STIG) for IIS 8.5 site, v2r6
  • DISA Security Technical Implementation Guide (STIG) for IIS 10 Server, V2R6
  • DISA Security Technical Implementation Guide (STIG) for IIS 10 Site, V2R6
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Office 365 ProPlus, V2R6
  • DISA Security Technical Implementation Guide (STIG) for Microsoft SQL Server 2016 Instance, V2R7
  • DISA Security Technical Implementation Guide (STIG) for Oracle Database 12c, Ver 2 Rel 5
  • DISA Security Technical Implementation Guide (STIG) for Oracle Enterprise Linux 7, V2R8
  • DISA Security Technical Implementation Guide (STIG) for Solaris 10 SPARC, V2R2
  • DISA Security Technical Implementation Guide (STIG) for Microsoft SQL Server 2016 Database, V2R4
  • DISA Security Technical Implementation Guide (STIG) for SUSE Linux Enterprise 12.x, V2R7
  • DISA Security Technical Implementation Guide (STIG) for SUSE Linux Enterprise 15.x, V1R7
  • DISA Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 7, V3R8
  • DISA Security Technical Implementation Guide (STIG) for Ubuntu 18.04 LTS, V2R8
  • DISA Security Technical Implementation Guide (STIG) for Windows 10, V2R4

Deprecated Policies

This month’s package deprecates the following policies:

Network Devices:

  • CIS Benchmark for Cisco IOS 15, V4.1.0 

Applications:

  • DISA Security Technical Implementation Guide (STIG) for IIS 10 Server, V2R5
  • DISA Security Technical Implementation Guide (STIG) for IIS 10 Site, V2R5
  • DISA Security Technical Implementation Guide (STIG) for IIS 8.5 Server, V2R3
  • DISA Security Technical Implementation Guide (STIG) for IIS 8.5 Site, V2R5

Databases:

  • DISA Security Technical Implementation Guide (STIG) for Microsoft SQL Server 2016 Database, V2R3
  • DISA Security Technical Implementation Guide (STIG) for Oracle Database 12c, Ver 2 Rel 3

Operating System:

  • DISA Security Technical Implementation Guide (STIG) for Windows 10, V2R3
  • DISA Security Technical Implementation Guide (STIG) for Oracle Enterprise Linux 7, V2R6
  • DISA Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 7, V3R6
  • DISA Security Technical Implementation Guide (STIG) for SUSE Linux Enterprise 12.x, V2R6
  • DISA Security Technical Implementation Guide (STIG) for Microsoft SQL Server 2016 Instance, 2R6
  • DISA Security Technical Implementation Guide (STIG) for SUSE Linux Enterprise 15.x, V1R5
  • DISA Security Technical Implementation Guide (STIG) for Ubuntu 18.04 LTS, V2R6
  • DISA Security Technical Implementation Guide (STIG) for Canonical Ubuntu 20.04 LTS, V1R3

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:

  • CIS Benchmark for Alma Linux OS 8 v2.0.0
  • CIS Benchmark for Aliyun Linux 2 v1.0.0
  • CIS Benchmark for IBM WebSphere Liberty v1.0.0
  • CIS Benchmark for Microsoft Windows Server 2022 v1.0.0
  • CIS Benchmark for Microsoft Windows Server 2008 R2 v3.3.0
  • CIS Benchmark for Microsoft Windows 10 Stand-alone v1.0.0
  • DISA Security Technical Implementation Guide (STIG) for Microsoft Exchange 2016 (Edge – V2R4)
  • DISA Security Technical Implementation Guide (STIG) for Mozilla Firefox, Ver 6, Rel 1
  • DISA Security Technical Implementation Guide (STIG) for Apple OS X 10.15 – Ver 1, Rel 9
  • DISA Security Technical Implementation Guide (STIG) for Apple macOS 11 (Big Sur) – Ver 1, Rel 6
  • DISA Security Technical Implementation Guide (STIG) for Apple macOS 12 (Monterey) – Ver 1, Rel 3
  • DISA Security Technical Implementation Guide (STIG) for Juniper Route
  • DISA Security Technical Implementation Guide (STIG) for Kubernetes – Ver 1, Rel 6

If you have any questions, please contact your TAM or Technical Support. See all library updates.

Share your Comments

Comments

Your email address will not be published.