| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | SYSTEM AND SERVICES ACQUISITION |
| 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 6.8 Ensure TLS is enabled and configured correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure TLS is enabled and configured correctly | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/motd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.10 Ensure that Microsoft Defender for Cloud is configured to check VM operating systems for updates | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| CD12-00-002700 - PostgreSQL must provide an immediate alert to appropriate support staff of all audit log failures. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-004100 - PostgreSQL must produce audit records of its enforcement of access restrictions associated with changes to the configuration of PostgreSQL or database(s). | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| CD12-00-004700 - PostgreSQL must generate audit records showing starting and ending time for user access to the database(s). | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-004800 - PostgreSQL must generate audit records when unsuccessful attempts to modify security objects occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005600 - PostgreSQL must generate audit records when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005900 - PostgreSQL must generate audit records when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006600 - PostgreSQL must generate audit records when security objects are modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006700 - PostgreSQL must generate audit records when categories of information (e.g., classification levels/security levels) is modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-010600 - PostgreSQL must invalidate session identifiers upon user logout or other session termination. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-011300 - PostgreSQL must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-012500 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-012700 - PostgreSQL must generate audit records for all direct access to the database(s). | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CIS_PostgreSQL_12_v1.1.0_L1_DB.audit from CIS PostgreSQL 12 Benchmark v1.1.0 | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | |
| CIS_PostgreSQL_16_v1.0.0_L1_Database.audit from CIS PostgreSQL 16 Benchmark v1.0.0 | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | |
| CNTR-K8-002000 - The Kubernetes API server must have the ValidatingAdmissionWebhook enabled. | DISA STIG Kubernetes v2r2 | Unix | ACCESS CONTROL |
| JUEX-L2-000040 - The Juniper EX switch must be configured to manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-002700 - PostgreSQL must provide an immediate real-time alert to appropriate support staff of all audit log failures. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004700 - PostgreSQL must generate audit records showing starting and ending time for user access to the database(s). | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004800 - PostgreSQL must generate audit records when unsuccessful attempts to modify security objects occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-011300 - PostgreSQL must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-070110 - Duplicate UIDs must not exist for multiple non-organizational users. | DISA STIG Solaris 11 SPARC v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-070110 - Duplicate UIDs must not exist for multiple non-organizational users. | DISA STIG Solaris 11 X86 v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-070130 - Reserved UIDs 0-99 must only be used by system accounts. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070130 - Reserved UIDs 0-99 must only be used by system accounts. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070200 - The operating system must have no unowned files. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070200 - The operating system must have no unowned files. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010507 - The Ubuntu operating system must enable and run the uncomplicated firewall(ufw). | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| VMCH-06-000043 - The system must use templates to deploy VMs whenever possible. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000020 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
