| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_disconnections' is enabled - log_disconnections is enabled | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.5 Ensure Relational Database Service is Multi-AZ Enabled | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND INFORMATION INTEGRITY |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.7 Do not use update instructions alone in the Dockerfile | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 7.1 Wireless technology on OS X | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
| 8.1 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.1 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.2 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.2 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| CD12-00-005000 - PostgreSQL must generate audit records when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| DG0195-ORACLE11 - DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DISA_STIG_EDB_PostgreSQL_Advanced_Server_v9.6_v2r3_OS_Linux.audit from DISA EDB Postgres Advanced Server v9.6 v2r3 STIG | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | |
| FireEye - AAA is enabled | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - AAA lockouts delay further attempts for at least 30 seconds | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - Binary analysis AV-suite is enabled | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Email encryption certificates are verified | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - Greylists are enabled | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Guest images | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - IPMI password needs to be set | TNS FireEye | FireEye | |
| FireEye - LDAP requires encryption | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Local logging level includes all errors and warnings | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Local logging level is not overridden except by defaults | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Management interface is only accessible from specific IP ranges | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - NTP client is synchronized | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - NTP client uses a custom server | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Remote syslog is enabled | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Remote syslog logging level includes all errors and warnings | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - SNMP uses a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP v3 uses SHA instead of MD5 | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SSH connections must be SSHv2 | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Time zone selection | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - User 'admin' SSH access is disabled | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - YARA policy applies both customer and FireEye rules | TNS FireEye | FireEye | SECURITY ASSESSMENT AND AUTHORIZATION |
| FireEye - YARA rules are enabled | TNS FireEye | FireEye | SECURITY ASSESSMENT AND AUTHORIZATION |
| O19C-00-010600 - Oracle Database production application and data directories must be protected from developers on shared production/development database management system (DBMS) host systems. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O112-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-024100 - DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 12c v3r2 Linux | Unix | CONFIGURATION MANAGEMENT |
| O121-BP-024100 - DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-024100 - DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 12c v3r2 Windows | Windows | CONFIGURATION MANAGEMENT |
| PGS9-00-000100 - PostgreSQL must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| SOL-11.1-070070 - Users must have a valid home directory assignment. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
