EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The EDB Postgres Advanced Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the requirements of the data owner.
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The application must implement cryptographic modules adhering to the higher standards ...Rule Medium Severity -
SRG-APP-000506-DB-000353
Group -
The EDB Postgres Advanced Server must generate audit records when privileges/permissions are added.
Changes in the permissions, privileges, and roles granted to users and roles must be tracked. Without an audit trail, unauthorized elevation or restriction of individuals' and groups' privileges co...Rule Medium Severity -
SRG-APP-000495-DB-000327
Group -
SRG-APP-000001-DB-000031
Group -
SRG-APP-000023-DB-000001
Group -
SRG-APP-000033-DB-000084
Group -
SRG-APP-000080-DB-000063
Group -
SRG-APP-000089-DB-000064
Group -
SRG-APP-000090-DB-000065
Group -
SRG-APP-000091-DB-000066
Group -
SRG-APP-000091-DB-000325
Group -
SRG-APP-000092-DB-000208
Group -
The EDB Postgres Advanced Server must initiate support of session auditing upon startup.
Session auditing is for use when a user's activities are under investigation. Typically, this DBMS capability would be used in conjunction with comparable monitoring of a user's online session, in...Rule Medium Severity -
SRG-APP-000095-DB-000039
Group -
SRG-APP-000096-DB-000040
Group -
The EDB Postgres Advanced Server must produce audit records containing time stamps to establish when the events occurred.
Information system auditing capability is critical for accurate forensic analysis. Without establishing when events occurred, it is impossible to establish, correlate, and investigate the events re...Rule Medium Severity -
SRG-APP-000097-DB-000041
Group -
The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish where the events occurred.
Information system auditing capability is critical for accurate forensic analysis. Without establishing where events occurred, it is impossible to establish, correlate, and investigate the events r...Rule Medium Severity -
SRG-APP-000098-DB-000042
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.