| EPAS-00-000900 - The EDB Postgres Advanced Server must protect against a user falsely repudiating having performed organization-defined actions. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-001000 - The EDB Postgres Advanced Server must provide audit record generation capability for DOD-defined auditable events within all EDB Postgres Advanced Server/database components. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-001200 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are retrieved. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-003800 - Unused database components, EDB Postgres Advanced Server software, and database objects must be removed. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-003900 - Unused database components which are integrated in the EDB Postgres Advanced Server and cannot be uninstalled must be disabled. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006500 - The EDB Postgres Advanced Server must provide nonprivileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006600 - The EDB Postgres Advanced Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006900 - The EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in storage. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | ACCESS CONTROL |
| EPAS-00-007900 - The EDB Postgres Advanced Server must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-008800 - The EDB Postgres Advanced Server must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-011000 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is created. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011100 - Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011300 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to delete privileges/permissions occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011700 - Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012000 - The EDB Postgres Advanced Server must generate audit records for all privileged activities or other system-level access. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012300 - The EDB Postgres Advanced Server must generate audit records when concurrent logons/connections by the same user from different workstations occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012400 - The EDB Postgres Advanced Server must be able to generate audit records when successful accesses to objects occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000035 - The FortiGate device must allow full access to only those individuals or roles designated by the ISSM. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000060 - The FortiGate device must log all user activity. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000070 - The FortiGate device must generate audit records when successful/unsuccessful attempts to delete administrator privileges occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000105 - The FortiGate device must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000020 - The FortiGate firewall must generate traffic log entries containing information to establish what type of events occurred. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000040 - The FortiGate firewall must generate traffic log entries containing information to establish the outcome of the events, such as, at a minimum, the success or failure of the application of the firewall rule. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000160 - The FortiGate firewall must generate traffic log records when traffic is denied, restricted, or discarded. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| GOOG-11-000200 - Google Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Characters | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-000200 - Google Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-002800 - Google Android 11 must be configured to disable developer modes. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-009400 - Google Android 11 work profile must be configured to enforce the system application disable list. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-009600 - Google Android 11 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006200 - Google Android 12 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-008500 - Google Android 12 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-12-009500 - Google Android 12 must be configured to disable ad hoc wireless client-to-client connection capability. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-12-009900 - Google Android 12 must be configured to enforce that Wi-Fi Sharing is disabled. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010200 - Google Android 12 work profile must be configured to enforce the system application disable list. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010600 - Google Android 12 must be configured to disallow configuration of date and time. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-706700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics (work profile only): | MobileIron - DISA Google Android 13 BYOD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-710000 - Google Android 13 must have the DOD root and intermediate PKI certificates installed (work profile only). | MobileIron - DISA Google Android 13 BYOD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-710200 - The Google Android 13 work profile must be configured to enforce the system application disable list (work profile only). | MobileIron - DISA Google Android 13 BYOD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-706500 - Google Android 14 must be configured to enforce an application installation policy by specifying one or more authorized application repositories. | MobileIron - DISA Google Android 14 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-707700 - Google Android 14 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the Work Profile. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | ACCESS CONTROL |
| GOOG-14-710000 - Google Android 14 must have the DOD root and intermediate PKI certificates installed (work profile only) - work profile only. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-710800 - Android 14 devices must have the latest available Google Android 14 operating system installed. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-710900 - Android 14 devices must be configured to disable the use of third-party keyboards (work profile only) - work profile only. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-000300 - The Honeywell Mobility Edge Android Pie device must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-09-003500 - The Honeywell Mobility Edge Android Pie device must be configured to disable USB mass storage mode. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-009000 - Honeywell Mobility Edge Android Pie devices must have the DoD root and intermediate PKI certificates installed. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-009400 - Honeywell Mobility Edge Android Pie devices work profile must be configured to enforce the system application disable list. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-009800 - Honeywell Mobility Edge Android Pie devices work profile must be configured to disable automatic completion of workspace internet browser text input. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-010000 - Honeywell Mobility Edge Android Pie devices Work Profile must be configured to disable the autofill services. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
