STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Dragos Platform 2.x Security Technical Implementation Guide

V-271034

CAT II (Medium)

Dragos Platform must accept the DOD CAC or other PKI credential for identity management and personal authentication.

Rule ID

SV-271034r1057745_rule

STIG

Dragos Platform 2.x Security Technical Implementation Guide

Version

V1R6

CCIs

CCI-002009, CCI-002010, CCI-001953, CCI-001954, CCI-000185, CCI-000186, CCI-000187, CCI-001991

Discussion

The use of Personal Identity Verification (PIV) credentials facilitates standardization and reduces the risk of unauthorized access. PIV credentials are those credentials issued by federal agencies that conform to FIPS Publication 201 and supporting guidance documents. OMB Memorandum 11-11 requires federal agencies to continue implementing the requirements specified in HSPD-12 to enable agency-wide use of PIV credentials. Satisfies: SRG-APP-000402, SRG-APP-000403, SRG-APP-000391, SRG-APP-000392, SRG-APP-000402, SRG-APP-000403, SRG-APP-000177, SRG-APP-000176, SRG-APP-000175, SRG-APP-000401

Check Content

Verify that Dragos is configured to use the DOD CAC or other PKI credential to log in to the application.

Log in to the application. 

If DOD CAC or other PKI is not configured, this is a finding.

Fix Text

Configure an SSO proxy service using LDAP to provide PKI credentials.