The Tanium application must be configured to use Tanium User Groups in a manner consistent with the model outlined within the environment's system documentation.

An XCCDF Rule

Description

<VulnDiscussion>It is important for information system owners to document authorized user groups for the Tanium application to avoid unauthorized access to systems. Misaligned implementation of user groups grants excessive access and results in potential compromise of "need-to-know" when it comes to information access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-254884r960792_rule
Severity: Medium
References: CCI-000213
Updated: 17 days ago

Consult the documentation identifying the Tanium User Groups and their respective Role(s).
 
1. Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI) and log on with multi-factor authentication. 
 
2. Click "Administration" on the top navigation banner.
 3. Under Permissions, select "User Groups".
 
4. Click each User Group and add any missing Role(s).
 
5. For any missing User Groups, make the appropriate adjustments in LDAP.

The Tanium application must be configured to use Tanium User Groups in a manner consistent with the model outlined within the environment's system documentation.

Description

Remediation - Manual Procedure