| 2.3.3 Set a screen corner to Start Screen Saver | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 3.1.6 Ensure the log file permissions are set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.9 Ensure the maximum log file size is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.11 Ensure syslog messages are not suppressed | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.14 Ensure the correct messages are written to the server log | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.15 Ensure the correct SQL statements generating errors are recorded | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.16 Ensure 'debug_print_parse' is disabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.17 Ensure 'debug_print_rewritten' is disabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.18 Ensure 'debug_print_plan' is disabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.20 Ensure 'log_connections' is enabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.22 Ensure 'log_error_verbosity' is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.23 Ensure 'log_hostname' is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.25 Ensure 'log_statement' is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.3 Remove X Windows - X Window System | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.4 Ensure excessive DML privileges are revoked | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.4 Lock Out Accounts if Not Currently in Use | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL |
| 4.5 Ensure excessive function privileges are revoked | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure excessive DML privileges are revoked | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.7 Ensure Row Level Security (RLS) is configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.8 Ensure the set_user extension is installed | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL |
| 6.1 Understanding attack vectors and runtime parameters | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.4 Ensure 'SIGHUP' Runtime Parameters are Configured | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure logging of replication commands is configured | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL |
| 7.4 Ensure WAL archiving is configured and functional | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Find World Writable Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.22 Find World Writable Files | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| CD12-00-002900 - PostgreSQL must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-004900 - PostgreSQL must generate audit records when privileges/permissions are added. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005500 - PostgreSQL must be able to generate audit records when privileges/permissions are retrieved. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005800 - PostgreSQL must generate audit records for all privileged activities or other system-level access. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006000 - PostgreSQL must be able to generate audit records when security objects are accessed. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006100 - PostgreSQL must generate audit records when privileges/permissions are deleted. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-000500 - PostgreSQL must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-004000 - PostgreSQL must isolate security functions from non-security functions. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-010600 - PostgreSQL must invalidate session identifiers upon user logout or other session termination. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-012200 - PostgreSQL must protect its audit configuration from unauthorized modification. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-070210 - The operating system must have no files with extended attributes. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070210 - The operating system must have no files with extended attributes. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
