| 2.2.3 Ensure 'GLOBAL_NAMES' Is Set to 'TRUE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.2.3 Ensure 'GLOBAL_NAMES' Is Set to 'TRUE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.2.9 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 2.2.9 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 2.2.10 Ensure 'UTL_FILE_DIR' Is Empty | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.2.10 Ensure 'UTL_FILE_DIR' Is Empty | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.13 Ensure 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 2.13 Ensure the 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL |
| 2.14 Ensure the 'sa' Login Account has been renamed | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure the 'sa' Login Account has been renamed | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure the 'sa' Login Account has been renamed | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure the 'sa' Login Account has been renamed | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | ACCESS CONTROL |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.06 init.ora - 'audit_trail parameter set to OS, DB, DB_EXTENDED, XML, or XML, EXTENDED' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.6 Review audit queue size | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 4.8 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 7.1.1 Disable the Audit Buffer | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.5 Ensure 'Active Directory Domain object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.5 Ensure 'Active Directory Domain object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.5 Ensure 'Active Directory Domain object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| EP11-00-000900 - The EDB Postgres Advanced Server must protect against a user falsely repudiating by ensuring all accounts are individual, unique, and not shared. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000570 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-002000 - The MySQL Database Server 8.0 must be able to generate audit records when security objects are accessed. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003800 - The MySQL Database Server 8.0 must generate audit records when successful logons or connections occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-004200 - The MySQL Database Server 8.0 must generate audit records showing starting and ending time for user access to the database(s). | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| O121-C2-008200 - The DBMS itself, or the logging or alerting mechanism the application utilizes, must provide a warning when allocated audit record storage volume reaches an organization-defined percentage of maximum audit record storage capacity. | DISA STIG Oracle 12c v3r2 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-003500 - SQL Server must enforce access control policies to restrict the Alter Settings permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-005700 - SQL Server must enforce access control policies to restrict the Administer bulk operations permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-006500 - SQL Server must enforce access control policies to restrict the View any definition permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-006800 - SQL Server must enforce access control policies to restrict the Create DDL event notification permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-006900 - SQL Server must enforce access control policies to restrict the Create endpoint permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-008400 - SQL Server must enforce access control policies to restrict the Unsafe assembly permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| UBTU-22-653020 - Ubuntu 22.04 LTS audit event multiplexor must be configured to offload audit logs onto a different system from the system being audited. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
