| V-272628 | | CylanceON-PREM must be configured to initiate a session timeout after 10 minutes of inactivity. | Ensuring inactive sessions are terminated provides protection against misuse of the system.
Satisfies: SRG-APP-000003, SRG-APP-000190, SRG-APP-000295... |
| V-272630 | | CylanceON-PREM must be configured to show the standard mandatory DOD Notice and Consent Banner before granting access to CylanceON-PREM. | Presentation of the standard DOD Notice and Consent Banner is required to ensure privacy and security notification verbiage used is consistent with ap... |
| V-272631 | | Session-only-based cookies must be enabled. | Cookies must only be allowed per session and only for approved URLs, as permanently stored cookies can be used for malicious intent.
Approved URLs m... |
| V-272632 | | CylanceON-PREM must be configured to support integration with a third-party Security Information and Event Management (SIEM) to support notifications. | Integrating a Central Log Server for managing audit records enhances security monitoring, incident response, and compliance efforts. By providing cent... |
| V-272633 | | CylanceON-PREM must be configured with only one local Role to be used by the account of last resort in the event the authentication server is unavailable. | CylanceON-PREM uses a third-party identity provider (IDP) for access. The use of a "break glass" account is a critical failsafe measure for emergency ... |
| V-272634 | | CylanceON-PREM must be configured to send alerts via Simple Mail Transfer Protocol (SMTP). | Failure to notify personnel of failed tests introduces a risk to the system. Corrective action and the unsecure condition(s) will remain.
Satisfies: ... |
| V-272635 | | CylanceON-PREM must enforce that all files accessed are evaluated against the AI model for potential threats. | CylanceON-PREM enforces file evaluations against its AI model to ensure proactive, predictive, and comprehensive security. Failure to scan files intro... |
| V-272636 | | CylanceON-PREM must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable. | there must not be local users/roles within CylanceON-PREM. Manually verifying local users and roles ensures that unauthorized users do not gain access... |
| V-272637 | | CylanceON-PREM must be configured to use an external database if users exceed 30,000. | Exhausting audit log storage will introduce failures in audit logging, which will result in loss of security monitoring information.
Satisfies: SRG-A... |
| V-272638 | | CylanceON-PREM must disable all functions, ports, protocols and services not required. | Unnecessary or unsecured ports, protocols, and services present many risks for attackers and may go undetected.... |
| V-272639 | | CylanceON-PREM must be configured with a DOD issued certificate (or another authorizing official [AO]-approved certificate). | The DOD will only accept PKI certificates obtained from a DOD-approved internal or external certificate authority. Reliance on certificate authorities... |
| V-272640 | | CylanceON-PREM must be running the latest release. | Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovere... |
| V-272641 | | CylanceON-PREM must be restarted every 30 days to invoke health checks. | Restarting CylanceON-PREM every 30 days ensures system stability and performance.
Regular health checks of the system reduce the risk of security fun... |
| V-272642 | | All associated custom applications, including API endpoints, must be inventoried and managed. | The Console Applications page provides integration with the CylanceON-PREM API. An application has a unique application ID and application secret for ... |
| V-272627 | | CylanceON-PREM must be configured to use a third-party identity provider. | Configuring CylanceON-PREM to integrate with an Enterprise Identity Provider enhances security, simplifies user management, ensures compliance, provid... |
| V-272629 | | CylanceON-PREM must be configured to use TLS 1.2 or higher. | Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that explo... |
