V-254883
SV-254883r960792_rule
CAT II
Documentation identifying Tanium console users, their respective User Groups, Computer Groups, and Roles must be maintained.
From: Tanium 7.x Application on TanOS Security Technical Implementation Guide (V2R2)
Description
<VulnDiscussion>System access must be reviewed periodically to verify all Tanium users are assigned the appropriate functional role, with the least privileged access possible to perform assigned tasks being the recommended best practice to avoid unauthorized access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Consult with the Tanium System Administrator to review the documented list of Tanium users. User Groups, Roles, Computer Groups, and correlated LDAP security groups must be documented for users.
If the documentation does not exist, or is missing any Tanium users and their respective User Groups, Roles, Computer Groups, and correlated LDAP security groups documentation, this is a finding.
Fix Text
Prepare and maintain documentation identifying the Tanium console users and their respective User Groups, Roles, Computer Groups, and associated LDAP security groups.
CCI Reference
CCI-000213- Created
- 2026-04-07 20:08:37
- Last Updated
- 2026-04-07 20:08:37