| 1.5 Ensure the Cassandra service is run as a non-root user | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 1.5 Ensure the Cassandra service is run as a non-root user | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.3.3 Set a screen corner to Start Screen Saver | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.3.4 Set a screen corner to Start Screen Saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 3.1.4 Ensure the log file destination directory is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.24 Ensure 'log_line_prefix' is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.6 Ensure excessive DML privileges are revoked | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure excessive DML privileges are revoked | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.4 Ensure login via "host" TCP/IP Socket is configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2 Ensure 'backend' runtime parameters are configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 7.3 Ensure base backups are configured and functional | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONTINGENCY PLANNING |
| 7.5 Ensure streaming replication parameters are configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.7 Check Permissions on User Home Directories | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.9 Check Permissions on User .netrc Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.11 Check Permissions on User .netrc Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.13 Check That Defined Home Directories Exist | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.13 Check That Defined Home Directories Exist | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Find World Writable Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| CD12-00-002900 - PostgreSQL must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-004400 - PostgreSQL must generate audit records when categorized information (e.g., classification levels/security levels) is accessed. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-004900 - PostgreSQL must generate audit records when privileges/permissions are added. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005800 - PostgreSQL must generate audit records for all privileged activities or other system-level access. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006100 - PostgreSQL must generate audit records when privileges/permissions are deleted. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| DISA_STIG_EDB_PostgreSQL_Advanced_Server_v11_Windows_v2r4_OS.audit from DISA EDB Postgres Advanced Server v11 on Windows v2r4 STIG | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | |
| GEN009280 - The system must not have the PCNFS service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009280 - The system must not have the PCNFS service active. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| JUSX-DM-000163 - The Juniper SRX Services Gateway must limit the number of sessions per minute to an organization-defined number for SSH to protect remote access management from unauthorized access. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-000500 - PostgreSQL must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-000700 - Privileges to change PostgreSQL software modules must be limited. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-001300 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (functions, trigger procedures, links to software external to PostgreSQL, etc.) must be restricted to authorized users - s used to modify database structure and logic modules must be restricted to authorized users. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-001700 - PostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in storage. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-002100 - PostgreSQL must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002500 - PostgreSQL must reveal detailed error messages only to the ISSO, ISSM, SA and DBA. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-003100 - Database objects (including but not limited to tables, indexes, storage, trigger procedures, functions, links to software external to PostgreSQL, etc.) must be owned by database/DBMS principals authorized for ownership. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-008400 - PostgreSQL must prohibit user installation of logic modules (functions, trigger procedures, views, etc.) without explicit privileged status. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-008500 - PostgreSQL must separate user functionality (including user interface services) from database management functionality. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-009400 - PostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in process. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-010700 - PostgreSQL must protect its audit features from unauthorized access - Logs | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-010700 - PostgreSQL must protect its audit features from unauthorized access - roles. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-010700 - PostgreSQL must protect its audit features from unauthorized access. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-011200 - PostgreSQL must protect its audit features from unauthorized removal. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-012900 - PostgreSQL products must be a version supported by the vendor. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND SERVICES ACQUISITION |
| SOL-11.1-070190 - All valid SUID/SGID files must be documented. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| WPAW-00-002600 - If several PAWs are set up in virtual machines (VMs) on a host server, domain administrative accounts used to manage high-value IT resources must not have access to the VM host operating system (OS) (only domain administrative accounts designated to manage PAWs should be able to access the VM host OS). | DISA MS Windows Privileged Access Workstation v3r1 | Windows | CONFIGURATION MANAGEMENT |
