Documentation - V-222508

V-222508

Application Security and Development Security Technical Implementation Guide

CAT II

Title

Application audit tools must be cryptographically hashed.

Description

<VulnDiscussion>Protecting the integrity of the tools used for auditing purposes is a critical step to ensuring the integrity of audit data. Audit data includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. Audit tools include, but are not limited to, vendor provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom q...

Fix Text (Documentation Requirement)

Cryptographically hash the audit tool files used by the application. Store and protect the generated hash values for future reference.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel