Skip navigation
Previous Next

EU Platform

May 13, 2011
0
Posted by malderman on May 13, 2011 in EU Platform

QualysGuard 6.19: May 12, 2011

A new release of QualysGuard®, Version 6.19, will be available in production on Thursday, June 2nd 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 GMT) and 6 PM PDT (01:00 AM GMT next day).

 

QualysGuard 6.19 includes the following enhancements:

QualysGuard Enhancements:

  • Expanded Dissolvable Agent Support: With QualysGuard 6.19, updates were made to the Dissolvable Agent to support new security testing capabilities: Windows Share Enumeration and Detailed Security Auditing for Windows Vista, 7 and 2008.  Managers will need to activate the Dissolvable Agent in the subscription using new workflows.

DA_setup.gifDA_Dialog.gif

For more information regarding the Dissolvable Agent, please see the The Dissolvable Agent on the Qualys Technology Blog.

QualysGuard Vulnerability Management Enhancements:

  • Windows Share Enumeration: In QualysGuard 6.19, QID 90635 is added to check for Windows shares that are readable by Everyone and returns the number of files for each share on each host.  The results list: share name, path, number of files found in each share, and whether all the files in each share are writable by Everyone (Yes/No). This QID requires the Dissolvable Agent.

QualysGuard Policy Compliance Enhancements:

  • Windows Share Enumeration: In QualysGuard 6.19, CID 4528, which requires the Dissolvable Agent, checks for Windows shares that are readable by Everyone and returns the number of files for each share on each host.  The results list: share name, path, number of files found in each share, and whether all the files in each share are writable by Everyone (Yes/No).
  • Detailed Security Auditing settings for Windows Vista, 7, and 2008: In Windows Vista, Windows 7, and Windows Server 2008, auditing has been expanded to support auditing subcategories. In early versions, the Group Policy Management Console could not configure these subcategories and were defined by using the command-line tool auditpol.exe.  In QualysGuard 6.19, 53 new CIDs, which require the Dissolvable Agent, check the configuration of these detailed security auditing settings.  A number of these settings are included in the CIS benchmarks for Windows Server 2008 and Windows 7 in Section 1.3 Detailed Security Auditing, including:
    • Audit Policy: System: IPsec Driver
    • Audit Policy: System: Security State Change
    • Audit Policy: System: Security System Extension
    • Audit Policy: System: System Integrity
    • Audit Policy: Logon-Logoff: Logoff
    • Audit Policy: Logon-Logoff: Logon
    • Audit Policy: Logon-Logoff: Special Logon
    • Audit Policy: Object Access: File System
    • Audit Policy: Object Access: Registry
    • Audit Policy: Privilege Use: Sensitive Privilege Use
    • Audit Policy: Detailed Tracking: Process Creation
    • Audit Policy: Policy Change: Audit Policy Change
    • Audit Policy: Policy Change: Authentication Policy Change
    • Audit Policy: Account Management: Computer Account Management
    • Audit Policy: Account Management: Distribution Group Management
    • Audit Policy: Account Management: Other Account Management Events
    • Audit Policy: Account Management: Security Group Management
    • Audit Policy: Account Management: User Account Management
    • Audit Policy: DS Access: Directory Service Access
    • Audit Policy: DS Access: Directory Service Changes
    • Audit Policy: Account Logon: Credential Validation

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.19, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

Bookmarked By (0)

Actions