| 1.19 WN19-00-000190 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.41 WN19-00-000410 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.41 WN19-00-000410 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.52 WN19-AC-000050 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.52 WN19-AC-000050 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.161 WN19-DC-000150 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT I | Windows | CONFIGURATION MANAGEMENT |
| 1.217 WN19-SO-000100 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.247 WN19-SO-000400 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.247 WN19-SO-000400 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.252 WN19-SO-000450 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.252 WN19-SO-000450 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.269 WN19-UR-000160 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.269 WN19-UR-000160 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.271 WN19-UR-000180 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.271 WN19-UR-000180 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.273 WN19-UR-000200 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.273 WN19-UR-000200 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.275 WN19-UR-000220 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 8 v1.0.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.6 Ensure 'REMOTE_OS_ROLES' Is Set To 'FALSE' | CIS Oracle Database 19c v2.0.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 2.3.7 Ensure 'REMOTE_OS_ROLES' Is Set To 'FALSE' | CIS Oracle Database 23ai v1.1.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 5.1.3.1 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'AUD$' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.3 Ensure 'DBA' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.4 Ensure AUDIT_ADMIN' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.14 Ensure the 'DROP DATABASE LINK' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.6 Ensure That Cloud SQL Database Instances Do Not Have Public IPs | CIS Google Cloud Platform Foundation v4.0.0 L2 | GCP | ACCESS CONTROL, MEDIA PROTECTION |
| CIS_IBM_DB2_10_v1.1.0_Level_2_OS_Windows.audit from CIS DB2 10.x Windows OS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| DG0014-ORACLE11 - Default demonstration and sample database objects and applications should be removed - 'No demo or sample users exist' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts. | DISA STIG Oracle 11.2g v2r5 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password. | DISA STIG Oracle 11.2g v2r5 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-001900 - PostgreSQL and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-038900 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL2-00-038910 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password lifetime. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL4-00-000100 - The number of concurrent SQL Server sessions for each system account must be limited. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | ACCESS CONTROL |
| SQL6-D0-008200 - If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords. | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-012800 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs). | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQLI-22-012800 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs). | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
