| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_disconnections' is enabled - log_disconnections is enabled | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.5 Ensure Relational Database Service is Multi-AZ Enabled | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND INFORMATION INTEGRITY |
| 6.5 Ensure 'Superuser' Runtime Parameters are Configured | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.5 Ensure 'Superuser' Runtime Parameters are Configured | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.5 Ensure 'Superuser' Runtime Parameters are Configured | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 6.6.5 Ensure all Custom Login Classes Forbid Shell Access | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL |
| 6.8 Ensure TLS is enabled and configured correctly | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Wireless technology on OS X | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
| 8.1 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.1 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.2 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.2 Ensure PostgreSQL subdirectory locations are outside the data cluster | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| CD12-00-004100 - PostgreSQL must produce audit records of its enforcement of access restrictions associated with changes to the configuration of PostgreSQL or database(s). | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| CD12-00-005000 - PostgreSQL must generate audit records when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-010600 - PostgreSQL must invalidate session identifiers upon user logout or other session termination. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-011300 - PostgreSQL must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CIS_PostgreSQL_12_v1.1.0_L1_DB.audit from CIS PostgreSQL 12 Benchmark v1.1.0 | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | |
| CIS_PostgreSQL_16_v1.0.0_L1_Database.audit from CIS PostgreSQL 16 Benchmark v1.0.0 | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | |
| CNTR-K8-002000 - The Kubernetes API server must have the ValidatingAdmissionWebhook enabled. | DISA STIG Kubernetes v2r3 | Unix | ACCESS CONTROL |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_DTR_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | |
| DISA_STIG_EDB_PostgreSQL_Advanced_Server_v9.6_v2r3_OS_Linux.audit from DISA EDB Postgres Advanced Server v9.6 v2r3 STIG | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | |
| GEN006060 - The system must not run Samba unless needed. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN006060 - The system must not run Samba unless needed. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| JUEX-L2-000040 - The Juniper EX switch must be configured to manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O112-C2-013300 - The DBMS must ensure users are authenticated with an individual authenticator prior to using a group authenticator. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-C2-013300 - The DBMS must ensure users are authenticated with an individual authenticator prior to using a shared authenticator. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-000100 - PostgreSQL must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| RHEL-08-030690 - The RHEL 8 audit records must be off-loaded onto a different system or storage media from the system being audited. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-070130 - Reserved UIDs 0-99 must only be used by system accounts. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-070200 - The operating system must have no unowned files. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010507 - The Ubuntu operating system must enable and run the uncomplicated firewall(ufw). | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| VMCH-06-000043 - The system must use templates to deploy VMs whenever possible. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000042 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000020 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
