Rule ID
SV-270919r1190805_rule
Version
V1R6
CCIs
CCI-000166, CCI-001682
Only two default UI accounts facilitate the initial setup and configuration of the platform. These accounts provide immediate access to the system, allowing administrators to quickly get the system up and running without needing to create new user accounts during the initial installation phase. During maintenance, updates, or support operations, default accounts allow vendor support teams to access the system without needing to manage a variety of customer-specific accounts. This can streamline support activities and reduce downtime. Default accounts passwords must be changed and protected so they cannot be exploited by attackers to gain unauthorized access to the system. Satisfies: SRG-APP-000080, SRG-APP-000234
Verify local user accounts. While logged in to the Dragos Platform with a user account with administrative privileges, navigate to Admin >> User Management >> Users. If any user except the UI administrator account is configured to authenticate with username and password, this is a finding.
Remove any nondefault user accounts configured to authenticate with username and password or configure an approved identity provider for all required user accounts. 1.Remove user: While logged in to the Dragos Platform with a user account with administrative privileges, navigate to Admin >> User Management >> Users. Click the kebab menu next to the user and select "Delete User". Click "DELETE" in the verification window. 2. Add Authentication method: While logged in to the Dragos Platform with a user account with administrative privileges, navigate to Admin >> User Management >> Users. Click the kebab menu next to the user and select "Edit User". Click "Authentication" in the page selector. Add information to appropriate authentication method and click "Save".