Skip to content

The Tanium application must be configured to use Tanium User Groups in a manner consistent with the model outlined in the environment's system documentation.

An XCCDF Rule

Description

<VulnDiscussion>It is important for information system owners to document authorized User Groups for the Tanium application to avoid unauthorized access to systems. Misaligned implementation of User Groups grants excessive access and results in potential compromise of "need-to-know" for information access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-253819r842485_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Consult the documentation identifying the Tanium User Groups and their respective Role(s).
 
1. Using a web browser on a system that has connectivity to the Tanium application, access the Tanium application web UI and log on with multifactor authentication. 
 
2. Click "Administration" on the top navigation banner.