Tanium 7.x Application on TanOS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000175
<GroupDescription></GroupDescription>Group -
The Tanium Server certificates must have Extended Key Usage entries for the serverAuth object TLS Web Server Authentication and the clientAuth object TLS Web Client Authentication.
<VulnDiscussion>Restricting this setting limits the user's ability to change their password. Passwords need to be changed at specific policy ...Rule Medium Severity -
SRG-APP-000177
<GroupDescription></GroupDescription>Group -
The Tanium application must be configured for LDAP user/group synchronization to map the authenticated identity to the individual user or group account for PKI-based authentication.
<VulnDiscussion>Without mapping the certificate used to authenticate to the user account, the ability to determine the identity of the indivi...Rule Medium Severity -
SRG-APP-000180
<GroupDescription></GroupDescription>Group -
SRG-APP-000328
<GroupDescription></GroupDescription>Group -
The permissions on the Tanium Client directory must be restricted to only the SYSTEM account on all managed clients.
<VulnDiscussion>By restricting access to the Tanium Client directory on managed clients, the Tanium client's ability to operate and function ...Rule Medium Severity -
SRG-APP-000357
<GroupDescription></GroupDescription>Group -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
The Tanium application must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
<VulnDiscussion>Lack of authentication and identification enables nonorganizational users to gain access to the application or possibly other...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.