STIGQter STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) must be configured to provide report generation that supports on-demand reporting requirements for threat events.

DISA Rule

SV-95161r1_rule

Vulnerability Number

V-80457

Group Title

SRG-APP-000367

Rule Version

BROM-00-000815

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

From a web browser, log on to the Bromium Enterprise Controller.

Upon successful authentication, the Dashboard View is the default view displayed. Select ad hoc reports based on SSP or other documented organizational requirements for reporting.

Reports can be in the form of screen output or ".csv" files.

Check Contents

Examine the site System Security Plan (SSP) or other appropriate documentation. Verify there is a documented procedure for when security incident reports need to be exported.

From a web browser, log on to the Bromium Enterprise Controller.

Upon successful authentication, on-demand reports for all threats are available throughout the administrator interface.

If a procedure does not exist for providing on-demand reports for threat events, this is a finding.

Vulnerability Number

V-80457

Documentable

False

Rule Version

BROM-00-000815

Severity Override Guidance

Examine the site System Security Plan (SSP) or other appropriate documentation. Verify there is a documented procedure for when security incident reports need to be exported.

From a web browser, log on to the Bromium Enterprise Controller.

Upon successful authentication, on-demand reports for all threats are available throughout the administrator interface.

If a procedure does not exist for providing on-demand reports for threat events, this is a finding.

Check Content Reference

M

Target Key

3375

Comments