V-272627
SV-272627r1113422_rule
CAT III
CylanceON-PREM must be configured to use a third-party identity provider.
From: Arctic Wolf CylanceON-PREM Security Technical Implementation Guide (V1R1)
Description
<VulnDiscussion>Configuring CylanceON-PREM to integrate with an Enterprise Identity Provider enhances security, simplifies user management, ensures compliance, provides auditing capabilities, and offers a more seamless and consistent user experience. It aligns CylanceON-PREM with enterprise standards and contributes to a more efficient and secure environment.
Satisfies: SRG-APP-000001, SRG-APP-000023, SRG-APP-000025, SRG-APP-000033, SRG-APP-000065, SRG-APP-000118, SRG-APP-000121, SRG-APP-000148, SRG-APP-000149, SRG-APP-000150, SRG-APP-000153, SRG-APP-000154, SRG-APP-000155, SRG-APP-000157, SRG-APP-000163, SRG-APP-000164, SRG-APP-000165, SRG-APP-000166, SRG-APP-000167, SRG-APP-000168, SRG-APP-000169, SRG-APP-000170, SRG-APP-000173, SRG-APP-000176, SRG-APP-000177, SRG-APP-000183, SRG-APP-000185, SRG-APP-000345, SRG-APP-000400, SRG-APP-000401, SRG-APP-000404, SRG-APP-000405, SRG-APP-000461, SRG-APP-000700, SRG-APP-000705, SRG-APP-000710, SRG-APP-000715, SRG-APP-000720, SRG-APP-000730, SRG-APP-000735, SRG-APP-000740, SRG-APP-000815, SRG-APP-000820, SRG-APP-000825, SRG-APP-000830, SRG-APP-000835, SRG-APP-000840, SRG-APP-000845, SRG-APP-000850, SRG-APP-000855, SRG-APP-000860, SRG-APP-000865, SRG-APP-000870, SRG-APP-000875</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Verify Identity Provider (IDP) settings. Administrator privileges are required.
Using LDAP:
1. Log in to the admin console.
2. Navigate to Configuration >> Settings.
3. Locate the LDAP section.
If LDAP (an authorized IDP) is not configured correctly or is disabled, this is not a finding.
Not using LDAP:
1. Log in to the admin console.
2. Navigate to Configuration >> Settings.
3. Locate Identity Provider Settings.
Review documentation of allowed IDPs.
If IDP settings are not configured correctly or the IDP is disabled or not authorized, this is a finding.
Fix Text
Configure CylanceON-PREM to accept authentication from an external identity provider. Administrator privileges are required.
Using LDAP:
1. Log in to the admin console.
2. Navigate to Configuration >> Settings.
3. Locate the LDAP section.
4. Enable Identity Provider Settings.
5. Enter the identity provider information.
6. Test the connection.
7. Click the green check.
Not using LDAP:
1. Log in to the admin console.
2. Navigate to Configuration >> Settings.
3. Locate Identity Provider Settings.
4. Enable the Identity Provider toggle.
5. Enter the identity provider information.
- Single Sign-On: This is the single sign-on or SAML response URL that is provided by the identity provider.
- Entity ID: This is the entity ID, issuer, or application name that is provided by the identity provider.
- x.509 Certificate: This is provided by the identity provider.
6. Click the green check. CylanceON-PREM will generate a Service Provider Entity ID that the identity provider will need to complete the single sign-on configuration.
CCI Reference
CCI-000054,CCI-000015,CCI-000017,CCI-000213,CCI-000044,CCI-000162,CCI-001493,CCI-000764,CCI-000765,CCI-000766,CCI-000770,CCI-004046,CCI-001942,CCI-000795,CCI-000205,CCI-000200,CCI-000192,CCI-000193,CCI-000194,CCI-001619,CCI-000195,CCI-000198,CCI-000186,CCI-000187,CCI-000884,CCI-000877,CCI-002238,CCI-002007,CCI-001991,CCI-002011,CCI-002014,CCI-003747,CCI-003627,CCI-003628,CCI-003629,CCI-003638,CCI-003639,CCI-003641,CCI-003642,CCI-004045,CCI-004047,CCI-004058,CCI-004059,CCI-004060,CCI-004061,CCI-004062,CCI-004063,CCI-004064,CCI-004065,CCI-004066,CCI-004068- Created
- 2026-04-07 20:08:09
- Last Updated
- 2026-04-07 20:08:09