Container Platform Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000099
Group -
All audit records must generate the event results within the container platform.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
SRG-APP-000100
Group -
All audit records must identify any users associated with the event within the container platform.
Without information that establishes the identity of the user associated with the events, security personnel cannot determine responsibility for the potentially harmful event.Rule Medium Severity -
SRG-APP-000100
Group -
SRG-APP-000101
Group -
SRG-APP-000111
Group -
The container platform components must provide the ability to send audit logs to a central enterprise repository for review and analysis.
The container platform components must send audit events to a central managed audit log repository to provide reporting, analysis, and alert notification. Incident response relies on successful tim...Rule Medium Severity -
SRG-APP-000116
Group -
The container platform must use internal system clocks to generate audit record time stamps.
Understanding when and sequence of events for an incident is crucial to understand what may have taken place. Without a common clock, the components generating audit events could be out of synchron...Rule Medium Severity -
SRG-APP-000118
Group -
The container platform must protect audit information from any type of unauthorized read access.
If audit data were to become compromised, then competent forensic analysis and discovery of the true source of potentially malicious system activity is difficult if not impossible to achieve. In ad...Rule Medium Severity -
SRG-APP-000119
Group -
SRG-APP-000120
Group -
SRG-APP-000121
Group -
SRG-APP-000122
Group -
The container platform must protect audit tools from unauthorized modification.
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on au...Rule Medium Severity -
SRG-APP-000123
Group -
The container platform must protect audit tools from unauthorized deletion.
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on au...Rule Medium Severity -
SRG-APP-000126
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.