| 1.3 Ensure device is physically secured | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL |
| 3.5 Review User-Defined Roles | CIS MongoDB 3.6 Database Audit L2 v1.1.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.9 Ensure audit tools are owned by root | CIS Debian 10 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.9 Ensure audit tools are owned by root | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.10 Ensure audit tools belong to group root | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.10 Ensure audit tools belong to group root | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.10 Ensure audit tools belong to group root | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.8 Ensure audit tools mode is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.9 Ensure audit tools owner is configured | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.9 Ensure audit tools owner is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.10 Ensure audit tools group owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.10 Ensure audit tools group owner is configured | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.10 Ensure audit tools group owner is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.4.4.10 Ensure audit tools group owner is configured | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
| APPL-13-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| CD12-00-012200 - PostgreSQL must protect its audit configuration from unauthorized modification. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Configuring a secure password policy for the BIG-IP system - Expiration Warning | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Required Lowercase Characters | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Required Numeric Characters | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring a secure password policy for the BIG-IP system - Secure Password Enforcement | Tenable F5 BIG-IP Best Practice Audit | F5 | IDENTIFICATION AND AUTHENTICATION |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept important ICMP | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Review Packet-Filter Rules | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Send ICMP error on packet reject | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring LDAP remote authentication for Active Directory - SSL Check Peer | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| OL08-00-030090 - OL 8 audit logs must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030100 - The OL 8 audit log directory must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030110 - The OL 8 audit log directory must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-011200 - PostgreSQL must protect its audit features from unauthorized removal. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-001300 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-001400 - The EDB Postgres Advanced Server must initiate support of session auditing upon startup. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-001600 - The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish what type of events occurred. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002000 - The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003100 - The EDB Postgres Advanced Server must protect its audit features from unauthorized removal. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| PPS9-00-003500 - Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be owned by database/EDB Postgres Advanced Server principals authorized for ownership. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| PPS9-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-007400 - The EDB Postgres Advanced Server must prevent non-privileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | ACCESS CONTROL |
| PPS9-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-010100 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to access security objects occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011050 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010123 - The Ubuntu operating system must be configured to permit only authorized users ownership of the audit log files. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010124 - The Ubuntu operating system must permit only authorized groups ownership of the audit log files. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
