| 2.6 Configure TLS authentication for Docker daemon - tlscacert | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon - tlscacert | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon - tlscert | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon - tlskey | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon --tlscert | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon --tlsverify | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Configure TLS authentication for Docker daemon '--tlskey'' | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.2.18 timed | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled | CIS PostgreSQL 14 DB v 1.3.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - show pgaudit.log | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 26 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 26 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iPadOS 26 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.5 Use pg_permission extension to audit object permissions | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.7 Make use of predefined roles | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.8 Make use of default roles | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
| 5.3.2.4.3 Ensure pam_unix includes a strong password hashing algorithm | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2.4.3 Ensure pam_unix includes a strong password hashing algorithm | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.4 Ensure 'SIGHUP' Runtime Parameters are Configured | CIS PostgreSQL 14 DB v 1.3.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.5 Ensure 'Superuser' Runtime Parameters are Configured | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | ACCESS CONTROL |
| 6.9 Ensure the pgcrypto extension is installed and configured correctly | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.11 Ensure the pgcrypto extension is installed and configured correctly | CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.11 Ensure the pgcrypto extension is installed and configured correctly | CIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT' | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure PostgreSQL configuration files are outside the data cluster | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 9.6 Configure 'Do not display the reveal password button' | CIS IE 10 v1.1.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 9.6 Ensure Timeout Limits for the Request Body is Set to 20 or Less | CIS Apache HTTP Server 2.4 v2.3.0 L1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| CD12-00-003500 - PostgreSQL must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005200 - PostgreSQL must generate audit records when security objects are deleted. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-008100 - PostgreSQL must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-008700 - PostgreSQL must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-011400 - PostgreSQL must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_PostgreSQL_13_v1.3.0_L1_Database_Unix.audit from CIS PostgreSQL 13 v1.3.0 | CIS PostgreSQL 13 v1.3.0 L1 Database Unix | Unix | |
| PGS9-00-003500 - PostgreSQL must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004200 - The audit information produced by PostgreSQL must be protected from unauthorized read access - log directory | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004200 - The audit information produced by PostgreSQL must be protected from unauthorized read access - log files | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004900 - PostgreSQL must generate audit records when privileges/permissions are added. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005500 - PostgreSQL must be able to generate audit records when privileges/permissions are retrieved. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006000 - PostgreSQL must be able to generate audit records when security objects are accessed. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-008700 - PostgreSQL must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-004200 - The EDB Postgres Advanced Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
