| 1.67 WN19-AU-000110 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.67 WN19-AU-000110 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.68 WN19-AU-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.68 WN19-AU-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.83 WN19-AU-000280 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.83 WN19-AU-000280 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.89 WN19-AU-000340 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.89 WN19-AU-000340 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.91 WN19-AU-000360 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.91 WN19-AU-000360 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.169 WN19-DC-000230 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.170 WN19-DC-000240 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.13 Ensure 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 2.13 Ensure 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 2.15 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.15 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.15 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.10 Ensure the public role in the msdb database is not granted access to SQL Agent proxies | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | ACCESS CONTROL |
| 3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxies | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages - SQL Injection Helper Packages | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.9 Enable 'DATABASE LINK' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure Database and Application User Input is Sanitized | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 18.9.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_SQL_Server_2012_Database_v1.6.0_Level_1_OS.audit from Microsoft SQL Server 2012 Database, version 1.6.0 | CIS SQL Server 2012 Database L1 OS v1.6.0 | Windows | |
| CIS_Oracle_Server_11g_R2_Windows_v2.2.0.audit from CIS Oracle Database Server 11g R2 benchmark v2.2.0 | CIS Oracle Server 11g R2 Windows v2.2.0 | Windows | |
| O112-C2-007900 - The DBMS must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-001400 - PostgreSQL must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users). | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SQL2-00-010000 - DBA OS or domain accounts must be granted only those host system privileges necessary for the administration of SQL Server. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-010100 - Use of the SQL Server software installation account must be restricted to SQL Server software installation. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-013600 - SQL Server must protect audit information from any type of unauthorized access. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SQL2-00-014700 - SQL Server must support the employment of automated mechanisms supporting the auditing of the enforcement actions. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SQL2-00-015400 - SQL Server software installation account(s) must be restricted to authorized users. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-016800 - SQL Server must have the SQL Server Analysis Service (SSAS) software component removed from SQL Server if SSAS is unused. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - APPLICATION_ROLE_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DATABASE_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 107 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 116 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 131 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 132 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 135 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 164 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 170 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 176 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 178 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-007300 - Access to CLR code must be disabled or restricted, unless specifically required and approved. | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-007500 - Access to linked servers must be disabled or restricted, unless specifically required and approved. | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | CONFIGURATION MANAGEMENT |
