Skip to content
Log In

Mainframe Product Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Mainframe Product must provide an audit reduction capability that supports after-the-fact investigations of security incidents.

    If the audit reduction capability does not support after-the-fact investigations, it is difficult to establish, correlate, and investigate the events leading up to an outage or attack, or identify ...
    Rule Medium Severity
    Show

  • SRG-APP-000366

    Group
    Show

  • SRG-APP-000367

    Group
    Show

  • The Mainframe Product must provide a report generation capability that supports on-demand reporting requirements.

    The report generation capability must support on-demand reporting in order to facilitate the organization's ability to generate incident reports as needed to better handle larger-scale or more comp...
    Rule Medium Severity
    Show

  • SRG-APP-000368

    Group
    Show

  • SRG-APP-000369

    Group
    Show

  • SRG-APP-000370

    Group
    Show

  • SRG-APP-000378

    Group
    Show

  • The Mainframe product must prohibit user installation of software without explicit privileged status.

    Allowing regular users to install software, without explicit privileges, creates the risk that untested or potentially malicious software will be installed on the system. Explicit privileges (escal...
    Rule Medium Severity
    Show

  • SRG-APP-000379

    Group
    Show

  • SRG-APP-000380

    Group
    Show

  • The Mainframe Product must enforce access restrictions associated with changes to application configuration.

    Failure to provide logical access restrictions associated with changes to application configuration may have significant effects on the overall security of the system. When dealing with access re...
    Rule Medium Severity
    Show

  • SRG-APP-000381

    Group
    Show

  • SRG-APP-000391

    Group
    Show

  • SRG-APP-000392

    Group
    Show

  • SRG-APP-000400

    Group
    Show

  • The Mainframe Product must prohibit the use of cached authenticators after one hour.

    If cached authentication information is out of date, the validity of the authentication information may be questionable.
    Rule Medium Severity
    Show

  • SRG-APP-000402

    Group
    Show

  • SRG-APP-000403

    Group
    Show

  • SRG-APP-000404

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules