| 1.7.1.2 Ensure local login warning banner is configured properly | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.7.1.2 Ensure local login warning banner is configured properly | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.7.1.2 Ensure local login warning banner is configured properly - banner check | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - banner text | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
| 1.7.1.2 Ensure local login warning banner is configured properly - banner text | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
| 1.7.1.2 Ensure local login warning banner is configured properly - banner text | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 1.7.1.2 Ensure local login warning banner is configured properly - banner text | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 1.7.1.2 Ensure local login warning banner is configured properly - mrsv | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - mrsv | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - mrsv | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - mrsv | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - msrv | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.280 OL08-00-030710 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled | CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled | CIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled | CIS PostgreSQL 13 v1.3.0 L1 Database PostgreSQLDB | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - audit.log | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.15 Verify that Docker socket file ownership is set to root:docker | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure the set_user extension is installed | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | ACCESS CONTROL |
| 5.3.2.4.1 Ensure pam_unix does not include nullok | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5 Ensure per-account connection limits are used | CIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 Ensure per-account connection limits are used | CIS PostgreSQL 14 DB v 1.3.0 | PostgreSQLDB | ACCESS CONTROL |
| 5.5 Ensure per-account connection limits are used | CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 NFS - 'wafl.wcc_minutes_valid has been configured' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 5.7 Do not enable the "root" account | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.5.9 (L1) Host SSH daemon, if enabled, must disable stream local forwarding | CIS VMware ESXi 8.0 v1.2.0 L1 Unix | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.8 Ensure SSL is enabled and configured correctly | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure TLS is enabled and configured correctly | CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure TLS is enabled and configured correctly | CIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure TLS is enabled and configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.9 Ensure the pgcrypto extension is installed and configured correctly | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-004600 - PostgreSQL must generate audit records when unsuccessful logons or connection attempts occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-008600 - PostgreSQL must initiate session auditing upon startup. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-003600 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be restricted to authorized users. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| PGS9-00-001200 - PostgreSQL must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | ACCESS CONTROL |
| PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-004600 - PostgreSQL must generate audit records when unsuccessful logons or connection attempts occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005600 - PostgreSQL must generate audit records when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006600 - PostgreSQL must generate audit records when security objects are modified. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-007000 - PostgreSQL, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-007700 - PostgreSQL must generate time stamps, for audit records and application data, with a minimum granularity of one second. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-012700 - PostgreSQL must generate audit records for all direct access to the database(s). | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003600 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be restricted to authorized users - s used to modify database structure and logic modules must be restricted to authorized users. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| User Authentication Security - Configure a password complexity policy - character-sets are enforced | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| User Authentication Security - Configure a password complexity policy - Numeric characters | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| User Authentication Security - Configure a password complexity policy - Use SHA1 for password storage | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
