| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 12 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 14 OS v 1.2.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 13 OS v1.2.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.1.3 Ensure the logging collector is enabled | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Ensure the filename pattern for log files is set correctly | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure images are scanned and rebuilt to include security patches | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On' | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | RISK ASSESSMENT |
| 9.6 Configure 'Do not display the reveal password button' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 9.6 Ensure root PATH Integrity - writeable dir in path | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.6 Ensure root PATH Integrity - dot in path | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.6 Ensure root PATH Integrity - dot in path | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.6 Ensure root PATH Integrity - dot in path | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.6 Ensure root PATH Integrity - writeable dir in path | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| APPL-15-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CD12-00-011800 - PostgreSQL must map the PKI-authenticated identity to an associated user account. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CGI-BIN directory should be disabled. 'Directory' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule env_module' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Extreme : Password Policy - history <=4 | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | IDENTIFICATION AND AUTHENTICATION |
| Extreme : Password Policy - lockout-on-login-failures | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| Extreme : SNMP community name != private | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | SYSTEM AND INFORMATION INTEGRITY |
| File permissions in the root document should only be accessible by administrator | TNS IBM HTTP Server Best Practice | Windows | |
| HTTP TRACE method should be disabled. 'RewriteLog' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| HTTP TRACE method should be disabled. 'RewriteLogLevel' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Huawei: Disable SNMP write access | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Enable AAA authorization | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Set 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set 'shell' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set appropriate 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set System Name | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Keep Alive setting parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| Limit HTTP methods allowed by the Web Server. | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Non-Essential modules should be disabled. 'mod_autoindex' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_dav' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_status' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| O121-C2-014500 - The DBMS must support organizational requirements to enforce the number of characters that get changed when passwords are changed. | DISA STIG Oracle 12c v3r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-009100 - Access to external executables must be disabled or restricted - du | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-010300 - PostgreSQL must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-003000 - The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-652010 - RHEL 9 must have the rsyslog package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| User IDs which disclose the privileges associated with it, should not be created. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'lock' | TNS IBM HTTP Server Best Practice | Unix | ACCESS CONTROL |
| WN16-DC-000290 - Domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000290 - Windows Server 2019 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2019 STIG v3r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000290 - Windows Server 2022 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
