CHARLESTON, S.C., June 25, 2024 — Crunchy Data, the leading provider of trusted open source PostgreSQL technology, is pleased to announce the publication of the Crunchy Data PostgreSQL 16 Security Technical Implementation Guide (STIG) by the United States Defense Information Systems Agency (DISA).
The Crunchy Data PostgreSQL 16 STIG provides the latest guidance for the secure deployment and configuration of Crunchy Certified PostgreSQL, Crunchy Data’s fully open source distribution of PostgreSQL, in adherence to the United States Department of Defense security requirements guidelines. This new PostgreSQL STIG includes the latest guidance for PostgreSQL 13 through 16.
Beyond the U.S. Government, the Crunchy Data PostgreSQL 16 STIG offers security-conscious enterprises a comprehensive guide for open source PostgreSQL configuration and use. Enterprises can refer to this comprehensive guide for PostgreSQL security best practices as they consider open source PostgreSQL as an alternative to proprietary database software.
When combined with Crunchy Postgres for Kubernetes STIG Assessment API, Postgres users can automate their PostgreSQL STIG compliance assessment and enable ongoing compliance with the PostgreSQL STIG in a Kubernetes environment with Crunchy Data’s Kubernetes-native, production-ready Postgres technology.
“We are proud of our continued partnership with DISA, providing security guidance for open source PostgreSQL,” said Crunchy Data President Paul Laurence. “Crunchy Data is committed to bringing the extraordinary cost-effectiveness of PostgreSQL technology to the U.S. Defense community and PostgreSQL users who need to manage their information reliably, securely, and efficiently.”
Crunchy Data collaborated with DISA to publish the PostgreSQL STIG in 2017, representing the first STIG for an open source database. Crunchy Certified PostgreSQL is Crunchy Data’s 100% open source PostgreSQL distribution, enabling compliance with the Crunchy Data PostgreSQL STIG, by providing trusted PostgreSQL along with the requisite security-enhancing audit logging extensions and Crunchy Data’s enterprise support.
Ensuring Trust and Security
To ensure that Crunchy Certified PostgreSQL represents the most trusted enterprise PostgreSQL distribution, Crunchy Certified PostgreSQL has received Common Criteria Evaluation Assurance Level (EAL) 2+ certification, an international standard for computer security certification. Crunchy Certified PostgreSQL is the first commercially available open source relational database management system to receive Common Criteria certification.
About DISA STIG
STIGs are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices/systems. Since 1998, DISA has played a critical role in enhancing the security posture of DoD’s security systems by providing the STIGs. The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.
About Common Criteria Certification
The Common Criteria for Information Technology Security is an international standard (ISO/IEC 15408) for computer security certification. Common Criteria provides assurance that the specification, implementation, and evaluation of a computer security product have been conducted in a rigorous, standard, and repeatable manner at a level appropriate for its target environment.
About Crunchy Data
Crunchy Data allows companies to build with confidence as the leading provider of trusted open source PostgreSQL and enterprise tech.