Crunchy Bridge for Analytics now has support for Iceberg and other new features. Learn more in our Crunchy Bridge for Analytics announcement.

Crunchy Data Postgres 16 Security Technical Implementation Guide Released by DISA

Crunchy Data

3 min read

The Defense Information Systems Agency recently approved the updated Crunchy Data Postgres 16 Security Technical Implementation Guide (STIG) Offering Security-Conscious Enterprises Updated Guideline to Protect PostgreSQL Environments

Charleston, SC (June 25, 2024) Crunchy Data, the leading provider of trusted open source PostgreSQL technology — is pleased to announce the publication of the Crunchy Data PostgreSQL 16 Security Technical Implementation Guide (STIG) by the United States Defense Information Systems Agency (DISA). The Crunchy Data PostgreSQL 16 STIG provides the latest guidance for the secure deployment and configuration of Crunchy Certified PostgreSQL, Crunchy Data's fully open source distribution of PostgreSQL, in adherence to the United States Department of Defense security requirements guidelines. This new PostgreSQL STIG includes the latest guidance for PostgreSQL 13 through 16.

When combined with Crunchy Postgres for Kubernetes STIG Assessment API, Postgres users can automate their PostgreSQL STIG compliance assessment and enable ongoing compliance with the PostgreSQL STIG in a Kubernetes environment with Crunchy Data's Kubernetes-native, production ready Postgres technology.

“We are proud of our continued collaboration with DISA, providing security guidance for open source PostgreSQL,” said Crunchy Data President Paul Laurence. “Crunchy Data is committed to bringing the extraordinary cost effectiveness of PostgreSQL technology to the U.S. Defense community and PostgreSQL users who need to manage their information reliably, securely and efficiently.”

Crunchy Data collaborated with DISA to publish the PostgreSQL STIG in 2017, representing the first STIG for an open source database. Crunchy Certified PostgreSQL is Crunchy Data's 100% open source PostgreSQL distribution, enabling compliance with the Crunchy Data PostgreSQL STIG, by providing trusted PostgreSQL along with the requisite security enhancing audit logging extensions and Crunchy Data's enterprise support. To ensure that Crunchy Certified PostgreSQL represents the most trusted enterprise PostgreSQL distribution, Crunchy Certified PostgreSQL has received Common Criteria Evaluation Assurance Level (EAL) 2+ certification, an international standard for computer security certification, Crunchy Certified PostgreSQL is the first commercially available open source relational database management system to receive Common Criteria certification.


STIGs are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing the STIGs. The STIGs contain technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack.

About Common Criteria Certification

The Common Criteria for Information Technology Security is an international standard (ISO/IEC 15408) for computer security certification. Common Criteria provides assurance that the specification, implementation and evaluation of a computer security product has been conducted in a rigorous, standard and repeatable manner at a level appropriate for its target environment.

About Crunchy Data

Crunchy Data allows companies to build with confidence as the leading provider of trusted open source PostgreSQL and enterprise technology, support and training. Crunchy Data offers Crunchy Certified PostgreSQL, the most advanced and true open source RDBMS on the market. The company also offers Crunchy Bridge, a fully managed cloud Postgres service available on AWS, Azure and Google Cloud. PostgreSQL's active development community, proven architecture, and reputation for reliability, data integrity, and ease of use makes it a prime candidate for enterprises looking for a robust relational database alternative to expensive proprietary database technologies. Crunchy Data allows companies to build with confidence as the leading

Avatar for Crunchy Data

Written by

Crunchy Data

June 25, 2024 More by this author