Poespas Blog

How to Configure Remediation Policies for CIS Controls in Qualys

Configuring Remediation Policies for CIS Controls in Qualys

Qualys is a powerful platform for vulnerability management, compliance, and threat detection. One of its key features is the ability to configure remediation policies, which enable organizations to automate the remediation process for identified vulnerabilities and compliance issues.
In this article, we will focus on configuring remediation policies specifically for CIS controls (Controls Implementation Statement) in Qualys. CIS controls are a set of cybersecurity best practices developed by the Center for Internet Security (CIS).

Prerequisites

Before diving into the configuration steps, it is essential to have a basic understanding of Qualys and its remediation policy feature. Additionally, you should have access to a Qualys platform instance with necessary permissions.

Step 1: Understanding CIS Controls in Qualys

CIS controls in Qualys are represented as a set of compliance checks that can be used to assess an organization’s adherence to the CIS controls framework. These checks are based on the CIS controls guidelines and are designed to identify potential vulnerabilities and compliance issues.

Step 2: Creating a Remediation Policy for CIS Controls

To create a remediation policy for CIS controls in Qualys, follow these steps:

1. Log in to your Qualys platform instance and navigate to the Remediation Policies section.
2. Click on Create New Remediation Policy.
3. In the Policy Name field, enter a descriptive name for the policy (e.g., “CIS Controls Remediation Policy”).
4. Select the Target as the set of hosts or assets you want to apply the remediation policy to.
5. In the Remediation Actions section, choose the actions you want Qualys to perform when a vulnerability or compliance issue is detected (e.g., sending an email notification, running a script).
6. Configure any additional settings as necessary (e.g., specifying a deadline for remediation).

Step 3: Associating CIS Controls with Remediation Policy

Once your remediation policy is created, you need to associate the relevant CIS controls with it:

1. Go to the Compliance section in Qualys.
2. Select the CIS controls you want to associate with the remediation policy.
3. Click on the Remediation Policies tab and select the remediation policy you created earlier.

Conclusion

Configuring remediation policies for CIS controls in Qualys enables organizations to automate the remediation process for identified vulnerabilities and compliance issues related to CIS controls. By following these steps, you can ensure that your organization is adhering to CIS controls guidelines and minimizing potential security risks.