Security Configuration Assessment (SCA)

Similar documents
Qualys Cloud Platform

Community Edition Getting Started Guide. July 25, 2018

Policy Compliance. Getting Started Guide. November 15, 2017

Consulting Edition Getting Started Guide. October 3, 2018

Qualys Cloud Suite Release Notes

Qualys Cloud Platform (VM, PC) v8.x Release Notes

Qualys Release Notes

Qualys Cloud Platform (VM, PC) v8.x Release Notes

Automating the Top 20 CIS Critical Security Controls

Qualys 8.7 Release Notes

Qualys Cloud Platform

Qualys Cloud Platform (VM, PC) v8.x Release Notes

PCI Compliance. Network Scanning. Getting Started Guide

Everything visible. Everything secure.

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

SYMANTEC DATA CENTER SECURITY

Qualys Cloud Platform (VM, PC) v8.x Release Notes

DevSecOps Shift Left Security. Prioritizing Incident Response using Security Posture Assessment and Attack Surface Analysis

Unlocking the Power of the Cloud

Security and Compliance Suite Rollout Guide. July 19, 2017

PROFESSIONAL SERVICES (Solution Brief)

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

Qualys Cloud Suite 2.28

Tenable for Palo Alto Networks

Endpoint Security Can Be Much More Effective and Less Costly. Here s How

Qualys Integration with CyberArk Application Identity Manager (AIM)

Qualys Cloud Suite 2.23

Creating Near Real-Time and End-to-End Cyber Situational Awareness of University Networks

Device Discovery for Vulnerability Assessment: Automating the Handoff

Qualys Cloud Platform

SIEMLESS THREAT DETECTION FOR AWS

Securing Amazon Web Services with Qualys. December 11, 2017

Vulnerability Management

ForeScout Extended Module for IBM BigFix

Qualys Cloud Suite 2.30

Ken Agress, Senior Consultant PlanNet Consulting, LLC.

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Forescout. eyeextend for IBM BigFix. Configuration Guide. Version 1.2

Container Deployment and Security Best Practices

Reinvent Your 2013 Security Management Strategy

Chapter 5: Vulnerability Analysis

ELIMINATE SECURITY BLIND SPOTS WITH THE VENAFI AGENT

Leading Investment Management Software Firm Slashes Infrastructure Costs, Maximizes Application Availability ATTENTION. ALWAYS.

SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

ForeScout Extended Module for IBM BigFix

CloudView User Guide. June 8, 2018

Total Security Management PCI DSS Compliance Guide

Compliance with CloudCheckr

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

UNIFICATION OF TECHNOLOGIES

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

CyberPosture Intelligence for Your Hybrid Infrastructure

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

Goal 1: Maintain Security of ITS Enterprise Systems

Symantec Network Access Control Starter Edition

First Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

K12 Cybersecurity Roadmap

the SWIFT Customer Security

CoreMax Consulting s Cyber Security Roadmap

Host Hardening Achieve or Avoid. Nilesh Kapoor Auckland 2016

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

Risk Intelligence. Quick Start Guide - Data Breach Risk

Regaining Our Lost Visibility

Configuring Vulnerability Assessment Devices

Symantec Network Access Control Starter Edition

ForeScout Extended Module for Qualys VM

PCI Compliance Assessment Module with Inspector

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Asset Discovery with Symantec Control Compliance Suite WHITE PAPER

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

About the company. What we do? Cybersecurity solutions adapted to protect enterprise business applications (SAP & Oracle).

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

IBM Proventia Management SiteProtector Sample Reports

epldt Web Builder Security March 2017

Tenable.io User Guide. Last Revised: November 03, 2017

FedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide. Version 1.1

Tenable for ServiceNow. Last Updated: March 19, 2018

Transforming Security Part 2: From the Device to the Data Center

Protect Your Organization from Cyber Attacks

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

How to manage evolving threats on evolving ICT assets across Enterprise

SIEMLESS THREAT MANAGEMENT

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

IBM BigFix Compliance PCI Add-on Version 9.5. Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM

Oracle Database Security Assessment Tool

Offline Scanner Appliance

PROTECTING INFORMATION ASSETS NETWORK SECURITY

IBM Security QRadar SIEM Version Getting Started Guide

Web Application Firewall Getting Started Guide. September 7, 2018

Securing Your Cloud Introduction Presentation

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Insurance Industry - PCI DSS

Symantec Security Monitoring Services

locuz.com SOC Services

Symantec Network Access Control Starter Edition

DATABASE SECURITY REQUIREMENTS GUIDE (SRG) TECHNOLOGY OVERVIEW. Version 2, Release October Developed by DISA for the DoD

security mindfulness dwayne.

Transcription:

Security Configuration Assessment (SCA) Getting Started Guide Security Configuration Assessment (SCA) is a lightweight cloud service which can quickly perform the configuration assessment of the IT assets, and centrally track compliance status of all your assets on basis of the Center for Internet Security (CIS) hardening benchmarks. It not only helps in continuously improving your configuration posture as per the latest CIS benchmarks but also helps in comparing the configuration posture in terms of various Industry standards like PCI- DSS, HIPAA, NIST and many more. Why SCA? Security configuration setting is an element of a software s security that can be altered through the software itself. For example, an operating system offering access control lists that set the privileges that users have for files, and an application offering a setting to enable or disable the encryption of sensitive data stored by the application. A security configuration vulnerability involves the use of misconfigured security settings that could negatively impact security of the software. A good security configuration program like SCA would make it difficult for an attacker to exploit such configuration vulnerabilities. Add assets to SCA You can add the assets to SCA to track compliance status on. The host-scanning mechanism for SCA scans remote hosts and also auto discovers instances in case of instance-based technologies. Go to Assets > Host Assets. From the New menu, select IP Tracked Hosts, DNS Tracked Hosts or NetBIOS Tracked Hosts. The tracking method you choose will be assigned to all of the hosts being added. Review the number of hosts you can add, enter the new IPs/ranges, and click Add. Copyright 2017 by Qualys, Inc. All Rights Reserved. 1

Looks like you have assets in VM app. Do you want to add these assets? Simply, go to VM > Host Assets and select the assets you want to add to SCA. Using our revolutionary Qualys Cloud Agent platform you can deploy lightweight cloud agents to continuously assess your infrastructure for security and compliance. What are the steps Navigate to the Cloud Agent (CA) app and install the Cloud Agent in minutes. Refer to Qualys Cloud Agent Getting Started Guide. Import and Build CIS Policy Our out of the box CIS policies have controls pre-configured as per recommendations from the CIS and policy controls are optimized for performance, scalability, error handling and default conditions. You can customize values of the CIS checks as per your organization s security policies or even enable/disable certain CIS checks for reporting. Simply go to Policies > Policies > New > Import CIS Policy. Click on the policy you want and then click Next. Follow the wizard to give your policy a name and click Create. Imported policy is Active by default. Qualys Security Configuration Assessment 2

You can choose to show or hide individual controls in reports by activating or inactivating them from the Policy Editor. Start collecting configuration data Scan your hosts to check the compliance of your systems against your CIS policies. Your SCA scans and collects the data as required by the CIS policy, then the Qualys Cloud Platform analyzes and correlates it. Before you start the scan: Add authentication records for your assets (Windows, Unix, etc). Use the option profile with recommended settings provided by Qualys (Compliance Profile) or create a new profile and customize the settings. Configure a physical scanner or virtual appliance, or scan remotely using Qualys scanner appliances. It's simple to start your scan. Go to Scans > New > Scan, and tell us which IPs to scan, which scan options to use, and which scanner is right for the job (if you have scanner appliances that is). Qualys Security Configuration Assessment 3

Generate Report Your SCA report shows you up to date compliance posture against the CIS benchmarks, references to compliance standards (PCI-DSS, HIPAA, NIST and more), Qualys provided control criticality and remediation information. Go to Reports > Reports > New and select either Authentication Report or Policy Report. Define the format and source of your report and click Run. You can also quickly generate reports from the scan list or policy list directly. Just choose a scan or policy from your list and click the icon for Run Report in the Generate Report column. You can remediate the failed controls, per Qualys provided control criticality and the control remediation information. Qualys Security Configuration Assessment 4

We also show compliance mapping to standards like PCI, NIST, HIPPA, etc. in the report. Qualys Security Configuration Assessment 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback