STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018: STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:SV-93377r1_rule
V-78671
SRG-APP-000039
TANS-SV-000008
CAT II
10
Using a web browser on a system that has connectivity to Tanium, access the Tanium web UI and log on with CAC.
Click on the navigation button (hamburger menu) on the top left of the console.
Click on "IOC Detect".
Along the top right side of the interface, click on the icon with the gear.
Select "IOC Streams" from the headers within the "Settings" window.
Delete IOC streams that are configured to a non-trusted source, or reconfigure to point to a trusted source.
Using a web browser on a system that has connectivity to Tanium, access the Tanium web user interface (UI) and log on with CAC.
Click on the navigation button (hamburger menu) on the top left of the console.
Click on "IOC Detect".
Along the top right side of the interface, click on the icon with the gear.
Select "IOC Streams" from the headers within the "Settings" window.
Verify all configured IOC Detect Streams are configured to a documented trusted source.
If any configured IOC Detect Stream is configured to a stream that has not been documented as trusted, this is a finding.
V-78671
False
TANS-SV-000008
Using a web browser on a system that has connectivity to Tanium, access the Tanium web user interface (UI) and log on with CAC.
Click on the navigation button (hamburger menu) on the top left of the console.
Click on "IOC Detect".
Along the top right side of the interface, click on the icon with the gear.
Select "IOC Streams" from the headers within the "Settings" window.
Verify all configured IOC Detect Streams are configured to a documented trusted source.
If any configured IOC Detect Stream is configured to a stream that has not been documented as trusted, this is a finding.
M
3215