Tanium console users Computer Group rights must be validated against the documentation for Computer Group rights.
An XCCDF Rule
Description
<VulnDiscussion>System access should be reviewed periodically to verify that all Tanium users are assigned the appropriate role, with the least privileged access possible to perform assigned tasks being the recommended best practice. Users who have been removed from the documentation should no longer be configured as a Tanium Console User. Consider removing users that have not logged onto the system within a predetermined time frame.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-93321r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Using a web browser on a system that has connectivity to Tanium, access the Tanium web UI and log on with CAC.
Click on the navigation button (hamburger menu) on the top left of the console and then click on "Administration".
Select the "Users" tab.