Skip to content

Dragos Platform 2.x Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • DRAG-OT-002480

    <GroupDescription></GroupDescription>
    Group
  • Before establishing a network connection with a Network Time Protocol (NTP) server, Dragos Platform must authenticate using a bidirectional, cryptographically based authentication method that uses a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to authenticate with the NTP server.

    &lt;VulnDiscussion&gt;Without device-to-device authentication, communications with malicious devices may be established. Bidirectional authenticati...
    Rule Medium Severity
  • DRAG-OT-000020

    <GroupDescription></GroupDescription>
    Group
  • Dragos must configure idle timeouts at 10 minutes.

    &lt;VulnDiscussion&gt;A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinit...
    Rule Medium Severity
  • DRAG-OT-000520

    <GroupDescription></GroupDescription>
    Group
  • Dragos Platforms must limit privileges and not allow the ability to run shell.

    &lt;VulnDiscussion&gt;If Dragos Platform were to allow any user to make changes to software libraries, then those changes might be implemented with...
    Rule High Severity
  • DRAG-OT-001750

    <GroupDescription></GroupDescription>
    Group
  • Dragos Platform must accept the DOD CAC or other PKI credential for identity management and personal authentication.

    &lt;VulnDiscussion&gt;The use of Personal Identity Verification (PIV) credentials facilitates standardization and reduces the risk of unauthorized ...
    Rule Medium Severity
  • DRAG-OT-000220

    <GroupDescription></GroupDescription>
    Group
  • The publicly accessible Dragos Platform application must display the Standard Mandatory DOD Notice and Consent Banner before granting access to Dragos Platform.

    &lt;VulnDiscussion&gt;Display of a standardized and approved use notification before granting access to the publicly accessible application ensures...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules