| 2.7.1 iCloud configuration | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
| 3.1.18 Ensure 'log_connections' is enabled | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_connections' is enabled | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.22 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure excessive DML privileges are revoked | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.6 Ensure 'User' Runtime Parameters are Configured | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | ACCESS CONTROL |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Find World Writable Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.22 Find World Writable Files | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| Big Sur - Uniquely Identify Users and Processes | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Uniquely Identify Users and Processes | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Uniquely Identify Users and Processes | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-005700 - PostgreSQL must generate audit records when unsuccessful accesses to objects occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006800 - PostgreSQL must generate audit records when unsuccessful attempts to modify privileges/permissions occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| DISA_STIG_Apache_Server-2.4_Unix_v3r2_Middleware.audit from DISA Apache Server 2.4 UNIX Server v3r2 STIG | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | |
| EP11-00-000700 - The EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | ACCESS CONTROL |
| EP11-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002700 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized modification. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002900 - The EDB Postgres Advanced Server must protect its audit features from unauthorized access. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-003400 - Database software, including EDB Postgres Advanced Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-004500 - The EDB Postgres Advanced Server, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004850 - The EDB Postgres Advanced Server password file must not be used. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-009200 - The EDB Postgres Advanced Server must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN000930 - The root accounts home directory must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Uniquely Identify Users and Processes | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-000400 - The audit information produced by PostgreSQL must be protected from unauthorized modification - log directory | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-000400 - The audit information produced by PostgreSQL must be protected from unauthorized modification - log files | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-000400 - The audit information produced by PostgreSQL must be protected from unauthorized modification - log_file_mode | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-000800 - If passwords are used for authentication, PostgreSQL must transmit only encrypted representations of passwords. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-000900 - PostgreSQL must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-001100 - PostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in transmission. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-001400 - PostgreSQL must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users). | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-002200 - PostgreSQL must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| PGS9-00-002300 - The audit information produced by PostgreSQL must be protected from unauthorized deletion - log directory | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002300 - The audit information produced by PostgreSQL must be protected from unauthorized deletion - log files | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002300 - The audit information produced by PostgreSQL must be protected from unauthorized deletion - log_file_mode | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002600 - PostgreSQL must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-011500 - PostgreSQL must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-070060 - Groups assigned to users must exist in the /etc/group file. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070210 - The operating system must have no files with extended attributes. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070210 - The operating system must have no files with extended attributes. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONS | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - PRE_CLASSPATH | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - JAVA_OPTIONS | Oracle WebLogic Server 12c Windows v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - PRE_CLASSPATH | Oracle WebLogic Server 12c Windows v2r2 | Windows | CONFIGURATION MANAGEMENT |
