STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Application Security and Development Security Technical Implementation Guide

V-222672

CAT III (Low)

The application must generate audit records when concurrent logons from different workstations occur.

Rule ID

SV-222672r961833_rule

STIG

Application Security and Development Security Technical Implementation Guide

Version

V6R4

CCIs

CCI-000172

Discussion

When an application provides users with the ability to concurrently logon, an event must be recorded that indicates the user has logged on from different workstations. It is important to ensure that audit logs differentiate between the two sessions. The event data must include the user ID, the workstation information and application session information that provides the details necessary to determine which application session executed what action on the system.

Check Content

Review the application documentation and interview the application administrator to identify where log records are stored.

Access log records then log on to the application as a regular user from one workstation. Take note of workstation IP address and confirm the address as the source workstation.

Have the application administrator log on to the application from another workstation using the same account.

Validate the IP address of the second workstation is recorded in the logs.

If the application does not create an audit record when concurrent logons occur from different workstations, this is a finding.

Fix Text

Configure the application to log concurrent logons from different workstations.