App SRG: Application Server Security Requirements Guide
This Application Server Security Requirements Guide (SRG) addresses the software framework used to create an application-server implementation, without regard to what the application functions are. The framework is comprised of services such as data connection services, security, transaction support, load balancing, management, and APIs to extend the application server. Specific software technologies used within the application server, e.g., web server, database, auditing system, etc., must meet the requirements for the specific technology SRG and/or STIG.
-
SRG-APP-000026-CTR-000070
The container platform must automatically audit account creation. -
SRG-APP-000027-CTR-000075
The container platform must automatically audit account modification. -
SRG-APP-000028-CTR-000080
The container platform must automatically audit account-disabling actions. -
SRG-APP-000029-CTR-000085
The container platform must automatically audit account removal actions. -
SRG-APP-000091-CTR-000160
The container platform must generate audit records when successful/unsuccessful attempts to access privileges occur. -
SRG-APP-000095-CTR-000170
All audit records must identify what type of event has occurred within the container platform. -
SRG-APP-000096-CTR-000175
The container platform audit records must have a date and time association with all events. -
SRG-APP-000097-CTR-000180
All audit records must identify where in the container platform the event occurred. -
SRG-APP-000098-CTR-000185
All audit records must identify the source of the event within the container platform. -
SRG-APP-000099-CTR-000190
All audit records must generate the event results within the container platform.
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.