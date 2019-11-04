Qualys' library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The September release includes the following new policy and updates:

2 new technologies for OCA

7 new technologies for Scanner

10 new CIS Benchmark policies

3 new browser policies for Cloud Agent

11 new Industry and Best Practice policies

1 new DISA STIG policy

1 Microsoft Security Baseline policy

More than 100 updated policies

Qualys' Certification Page at CIS has been updated.

New Technologies

OCA:

Cisco FTD 6.x

Cisco WLC 8.x

Scanner:

Apache Kafka

Cisco NX-OS 9.x

Elasticsearch

Oracle 19c

Microsoft Exchange Server 2010

Microsoft Exchange Server 2013

Microsoft Exchange Server 2016

New CIS Benchmark Policies

CIS Benchmarks are developed through consensus, providing an industry recognized collection of best practice controls. Qualys is committed to providing broad coverage of the CIS Benchmarks with regular releases of CIS certified policies in Policy Compliance and also by contributing to the development of new benchmarks through the CIS Community.

This release contains the following new CIS Benchmark policies:

CIS Benchmark for Apache HTTP Server 2.2 v3.6.0

CIS Benchmark for Apache HTTP Server 2.4 v1.5.0

CIS Benchmark for Debian Linux 8 Benchmark v2.0.0

CIS Benchmark for Docker v1.2.0

CIS Benchmark for Google Chrome v2.0.0

CIS Benchmark for Microsoft Exchange Server 2013 v1.1.0

CIS Benchmark for Microsoft Exchange Server 2016 v1.0.0

CIS Benchmark for Microsoft IIS 10 v1.1.1

CIS Benchmark for PostgreSQL 11 v1.0.0

CIS Benchmark for Windows 2019 Server v1.0.0

New Browser Policies Supported via Cloud Agent

CIS Benchmark for Google Chrome, v1.3.0

CIS Benchmark for Microsoft Internet Explorer 10, v1.1.0

CIS Benchmark for Microsoft Internet Explorer 11, v1.0.0

New Industry and Best Practice Policies

Qualys Security Configuration and Compliance Policy for RHEL 8

Qualys Security Configuration and Compliance Policy for Oracle 19c

Qualys Security Configuration and Compliance Policy for MySQL 8.x

Qualys Security Configuration and Compliance Policy for Apache Kafka

Qualys Security Configuration and Compliance Policy for ElasticSearch

Qualys Security Configuration and Compliance Policy for ArubaOS 6.x

Qualys Security Configuration and Compliance Policy for Comware 5 and Comware 7

Qualys Security Configuration and Compliance Policy for FireEye CMS 7.x and 8.x

Qualys Security Configuration and Compliance Policy for HPE 3PAR OS 3.x

Qualys Security Configuration and Compliance Policy for Symantec SGOS 6.x

Qualys Security Configuration and Compliance Policy for Safeguard Computer Security Evaluation Matrix for Red Hat Enterprise Linux 7.x

New DISA STIG Policies

DISA Security Technical Implementation Guide (STIG) policy for PostgreSQL 9.x V1R5

New Microsoft Security Baseline Policy

Microsoft Security Baseline for Windows 10 1903

Updated Library Policies

Policy update to add 'Not Scored' checks:

CIS Benchmark for Ubuntu Linux 18.04 LTS, v1.0.0

CIS Benchmark for CentOS Linux 7, v2.2.0

Policy update for control configuration changes:

CIS Benchmark for Microsoft IIS 7.x, v1.8.0

CIS Benchmark for Microsoft IIS 8.x, v1.5.0

CIS Benchmark for Red Hat Enterprise Linux 7

Security Configuration and Compliance Policy for Cisco NX OS

Policy update to remove redundant XML tags:

Abu Dhabi Systems and Information Centre - Information Security Standards (Abu Dhabi Government) Version 2.0

Adobe Common Controls Framework for Google Chrome

Adobe Common Controls Framework for Microsoft Internet Explorer

Adobe Common Controls Framework for Microsoft Windows

Australia Information Security Manual (Information Technology Security) for Windows

Best Practice Controls for Reducing Risk related to Malware/Ransomware

CIS Benchmark for Apple Mac OS X 10.8, v1.1.0

CIS Benchmark for Apple Mac OS X 10.9, v1.0.0

CIS Benchmark for Apple macOS 10.12, v1.1.0

CIS Benchmark for Apple macOS 10.13, v1.0.0

CIS - Apple OS X 10.10, v1.0.0

CIS - Apple OS X 10.11, v1.0.0

CIS Benchmark for Amazon Linux 2, v1.0.0

CIS Benchmark for Amazon Linux 2016, v2.0.0

CIS Benchmark for Apache Tomcat 6.0 v1.0.0

CIS Benchmark for Apache Tomcat 7 v.1.1.0

CIS Benchmark for Apache Tomcat 8, v1.0.1

CIS Benchmark for CentOS Linux 6, v2.1.0

CIS Benchmark for Cisco Firewall ASA 8.x, v4.1.0

CIS Benchmark for Cisco Firewall ASA 9.x, v4.1.0

CIS Benchmark for Cisco IOS 15, V4.0.0

CIS Benchmark for Debian Linux 7, v1.0.0

CIS Benchmark for Debian Linux 9, v1.0.0

CIS Benchmark for Docker 1.11.0, v1.0.0

CIS Benchmark for Docker 1.12.0, v1.0.0

CIS Benchmark for Docker 1.13.0, v1.0.0

CIS Benchmark for HP-UX 11i, v1.5.0

CIS Benchmark for IBM AIX 6.1, v1.1.0

CIS Benchmark for IBM AIX 7.1, v1.1.0

CIS Benchmark for IBM DB2 10.x, v1.1.0

CIS Benchmark for IBM DB2 9.x, v3.0.1

CIS Benchmark for Microsoft IIS 7.x, v1.8.0

CIS Benchmark for Microsoft IIS 8.x, v1.5.0

CIS Benchmark for Microsoft Internet Explorer 10, v1.1.0

CIS Benchmark for Microsoft Internet Explorer 11, v1.0.0

CIS Benchmark for Microsoft Office 2013, v1.1.0

CIS Benchmark for Microsoft Office 2016, v1.1.0

CIS Benchmark for Microsoft SQL Server 2008 R2, v1.5.0

CIS Benchmark for Microsoft SQL Server 2012, v1.4.0

CIS Benchmark for Microsoft SQL Server 2014, v1.3.0

CIS Benchmark for Microsoft SQL Server 2016, v1.0.0

CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1607), v1.2.0

CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1703), v1.3.0

CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1709), v1.4.0

CIS Benchmark for Microsoft Windows 10 Enterprise (Release 1803), v1.5.0

CIS Benchmark for Microsoft Windows 10 Enterprise RTM (Release 1511), v1.1.0

CIS Benchmark for Microsoft Windows 2012 R2, v2.3.0

CIS Benchmark for Microsoft Windows 2016, v1.1.0

CIS Benchmark for Microsoft Windows 7 Workstation, v3.1.0

CIS Benchmark for Microsoft Windows 8, v1.0.0

CIS Benchmark for Microsoft Windows Server 2003 v3.1.0

CIS Benchmark for Microsoft Windows Server 2008 non-R2, v3.1.0

CIS Benchmark for Microsoft Windows Server 2008 R2, v3.1.0 [Scored, Level 2 - Member Server]

CIS Benchmark for Microsoft Windows Server 2012 non-R2, v2.1.0

CIS Benchmark for MongoDB 3.4, v1.0.0

CIS Benchmark for Oracle Database 11gR2, V2.2.0

CIS Benchmark for Oracle Database Server 11-11g R2, v1.0.0

CIS Benchmark for Oracle Linux 6, v1.1.0

CIS Benchmark for Oracle MySQL Community Server 5.6, v1.1.0

CIS Benchmark for Oracle MySQL Enterprise Edition 5.6, v1.1.0

CIS Benchmark for Oracle MySQL Enterprise Edition 5.7, v1.0.0

CIS Benchmark for Oracle Solaris 10, v5.2.0

CIS Benchmark for Oracle Solaris 11, v1.1.0

CIS Benchmark for Palo Alto Firewall 7, v1.0.0

CIS Benchmark for Red Hat Enterprise Linux 5, v2.2.0

CIS Benchmark for Red Hat Enterprise Linux 6, v2.1.0

CIS Benchmark for Red Hat Enterprise Linux 7, v2.2.0

CIS Benchmark for SuSE Enterprise Linux Server 10.x v2.0

CIS Benchmark for SUSE Linux Enterprise 11.x, v2.1.0

CIS Benchmark for Sybase ASE 15.0, v1.1.0

CIS Benchmark for Ubuntu 12.04 LTS Server, v1.1.0

CIS Benchmark for Ubuntu Linux 14.04 LTS, v2.1.0

CIS Benchmark for Ubuntu Linux 16.04 LTS, v1.1.0

CIS Benchmark for VMware ESXi 5.5, V1.2.0

CIS Benchmark for Windows 8.1 Workstation, v2.3.0

CIS Benchmark for Windows XP, v2.0.1

CIS Microsoft Windows Server 2016, v1.0.0

Compliance Checklist for MAS IBTRM (Monitory Authority of Singapore - Internet Banking and Technology Risk Management) Guidelines 3.0

DISA Security Technical Implementation Guide (STIG) for IBM WebSphere Traditional V9.x, V1R1

DISA Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 5, V1R16

DISA Security Technical Implementation Guide (STIG) for Red Hat Enterprise Linux 6, V1R21

DISA Security Technical Implementation Guide (STIG) for Windows 10, V1R16

DISA Security Technical Implementation Guide (STIG) for Windows 7, V1R29

DISA Security Technical Implementation Guide (STIG) for Windows 8.1, V1R20

DISA Security Technical Implementation Guide (STIG) for Windows Server 2008 (non-R2) DC, V6R42

DISA Security Technical Implementation Guide (STIG) for Windows Server 2008 (non-R2) MS, V6R41

DISA Security Technical Implementation Guide (STIG) for Windows Server 2008 R2 DC, V1R29

DISA Security Technical Implementation Guide (STIG) for Windows Server 2008 R2 MS, V1R28

DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 (non-R2) DC, V2R15

DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 (non-R2) MS, V2R14

DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 R2 DC, V2R15

DISA Security Technical Implementation Guide (STIG) for Windows Server 2012 R2 MS, V2R14

HITRUST Cyber Security Framework (CSF) for Linux, Version 8.1

HITRUST Cyber Security Framework (CSF) for VMware, Version 8.1

Microsoft Security Compliance Manager (SCM) Baseline for Windows 10 version 1511

Microsoft Security Compliance Manager (SCM) Baseline for Windows 7

Microsoft Security Compliance Manager (SCM) Baseline for Windows 8

Microsoft Security Compliance Manager (SCM) Baseline for Windows 8.1

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2008 Member Server

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2012 Domain Controller

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2012 Member Server

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2012 R2 [Domain Controller]

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2012 R2 [Member Server]

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2016 [Domain Controller]

Microsoft Security Compliance Manager (SCM) Baseline for Windows Server 2016 [Member Server]

NERC CIPv5 for Windows

NIST 800-53 Rev 4 for Database

NIST 800-53 Rev 4 for Linux

NIST 800-53 Rev 4 for Microsoft Windows

Qualys - Security Configuration and Compliance Policy for SAP Adaptive Server Enterprise 16.0

Qualys Policy for Security Control Validation on Windows Platform

Security and compliance policy for IBM WebSphere Application Server Version 7.x

Security and compliance policy for Oracle WebLogic Server 11g and 12c

Security Configuration and Compliance Policy for Amazon Linux 2017

Security Configuration and Compliance policy for Apache Tomcat 9

Security Configuration and Compliance Policy for Apple macOS 10.14

Security Configuration and Compliance Policy for Checkpoint Firewall

Security Configuration and Compliance Policy for Cisco IOS 12.x, v1.0

Security Configuration and Compliance Policy for Cisco IOS XE

Security Configuration and Compliance Policy for Cisco NX OS

Security Configuration and Compliance Policy for for Oracle Enterprise Linux 5

Security Configuration and Compliance Policy for IBM DB2 11.x

Security Configuration and Compliance Policy for IBM WebSphere 8.x

Security Configuration and Compliance Policy for Juniper Junos 12.x

Security Configuration and Compliance Policy for Juniper Junos 13.x

Security Configuration and Compliance Policy for Juniper Junos 14.x

Security Configuration and Compliance Policy for Juniper Junos 15.x

Security Configuration and Compliance Policy for Microsoft Windows 10 (Version 1809)

Security Configuration and Compliance Policy for OpenSUSE 13

Security Configuration and Compliance Policy for Pivotal TC Server 3.x

Security Configuration and Compliance Policy for SELinux

Security Configuration and Compliance Policy for SUSE Linux Enterprise Server 15

Security Configuration and Compliance Policy for vFabric TC Server 2.9.x

United States Government Configuration Baseline (USGCB) for Microsoft Windows 10

United States Government Configuration Baseline (USGCB) for Microsoft Windows 7

VMWare vSphere Security Hardening Guide for ESXi 4.x

VMWare vSphere Security Hardening Guide for ESXi 5.x

VMWare vSphere Security Hardening Guide for ESXi 6.x

Note: The XML tags in these policies were updated with refreshed date for internal migration-specific purposes and the changes do not impact the customer environment in any way.

Coming Next Month

The following policies and updates are currently planned for release to the policy library next month:

New Coverage:

CIS Benchmark for Microsoft SQL Server 2017 Benchmark v1.0.0

CIS Benchmark for Microsoft SQL Server 2014 v1.4.0

CIS Benchmark for Microsoft SQL Server 2016 v1.1.0

CIS Benchmark for Microsoft SQL Server 2012 v1.5.0

CIS Benchmark for Microsoft Windows 10 Release 1809

If you have any questions, please contact your TAM or Technical Support. See all library updates.

Related