The CIS PostgreSQL Benchmark is freely available as a guide to help businesses secure Postgres deployments.
Crunchy Data, the leading provider of trusted open source PostgreSQL technology and support, in collaboration with the Center for Internet Security, is pleased to announce the publication of a PostgreSQL CIS Benchmark for PostgreSQL 15. This newly published CIS PostgreSQL 15 Benchmark adds to the existing CIS Benchmarks for PostgreSQL 9.5 – 14 and builds upon Crunchy Data’s ongoing efforts with the PostgreSQL Security Technical Implementation Guide.
CIO INFLUENCE: Elation Health and Ribbon Health Partner to Deliver Exceptional Referral Management
The PostgreSQL CIS Benchmark offers security-conscious enterprises a comprehensive guide for open source PostgreSQL configuration and usage. Enterprises can refer to the CIS Benchmark as they consider open source PostgreSQL as an alternative to proprietary and other database systems. The PostgreSQL CIS Benchmark for Postgres 15 can be downloaded from the CIS website. Authoring a CIS Benchmark is a collaborative process and involves considerable peer reviews and discussion before a major version is published, ensuring there is a general consensus on the best practices for deploying a secure system.
The CIS PostgreSQL 15 Benchmark recommendations were developed by testing PostgreSQL 15 running on RHEL 9, though these recommendations will also apply to other versions of PostgreSQL. Similar to the PostgreSQL STIG, the CIS PostgreSQL Benchmark provides recommendations in the following areas.
CIO INFLUENCE: GDIT Forms 5G and Edge Accelerator Coalition with AWS, Cisco, Dell Technologies, Splunk and T-Mobile
Installation and Patches
- Directory and File Permissions
- Logging Monitoring and Auditing
- User Access and Authorization
- Connection and Login
- PostgreSQL Settings
- Replication
- Special Configuration Considerations
“The Crunchy Data team is proud to continue our collaboration with CIS to further improve upon the PostgreSQL Benchmark over time. It’s our mission to provide security best practices and certifications to help drive further adoption of the world’s most advanced open source relational database,” said President of Crunchy Data, Paul Laurence.
PostgreSQL is a powerful, open source, object-relational database system with more than 20 years of active development and a strong global development community. Commercial enterprises and government agencies with a focus on advanced data management benefit from PostgreSQL’s proven architecture and reputation for reliability, data integrity, and cost effectiveness.
CIO INFLUENCE: RangeForce Adds MITRE D3fend and ATT&CK Frameworks to Cyber Defense Readiness Platform
[To share your insights with us, please write to sghosh@martechseries.com]
