Skip to content

Application Security and Development Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The application must accept Personal Identity Verification (PIV) credentials from other federal agencies.

    <VulnDiscussion>Access may be denied to authorized users if federal agency PIV credentials are not accepted. Personal Identity Verification ...
    Rule Medium Severity
  • SRG-APP-000403

    <GroupDescription></GroupDescription>
    Group
  • The application must electronically verify Personal Identity Verification (PIV) credentials from other federal agencies.

    &lt;VulnDiscussion&gt;Inappropriate access may be granted to unauthorized users if federal agency PIV credentials are not electronically verified. ...
    Rule Medium Severity
  • SRG-APP-000404

    <GroupDescription></GroupDescription>
    Group
  • The application must accept FICAM-approved third-party credentials.

    &lt;VulnDiscussion&gt;FICAM establishes a federated identity framework for the Federal Government. FICAM provides Government-wide services for comm...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules