DISA STIGS Viewer

Finding ID	Version	Rule ID	IA Controls	Severity
V-270932	DRAG-OT-000370	SV-270932r1058029_rule		Medium

Description

Installing the Knowledge Pack(s) is essential for the Dragos Platform to provide comprehensive security monitoring, compliance, and operational visibility within industrial environments. It enhances the Platform's capabilities in detecting and responding to threats, ensuring regulatory compliance, and maintaining the overall security. It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. The pack provides enhanced visibility into the operations of the Dragos Platform. This includes monitoring user activities, changes to system configurations, and other critical events. Improved visibility helps in identifying potential security issues and operational anomalies before they escalate into significant problems.

STIG	Date
Dragos Platform 2.x Security Technical Implementation Guide	2024-12-23

Check Text (C-74975r1057437_chk)

Ensure all notification and audit services are functional. Log in to the SiteStore CLI and execute the following command: system k3s status If the message does not return "system is ready", this is a finding. (Note that for approximately 15–20 minutes after system startup or reboot, system will not be ready. Additionally, until the sensor is paired with a SiteStore, one pod on the sensor will not be ready).

Fix Text (F-74876r1058001_fix)

If a notification does not appear, install KP-CW-24-001. This knowledge pack will add this and other notifications relevant to the STIG to the Dragos Platform. To add Knowledge Pack: While logged in to the Dragos Platform with a user account with administrative privileges, navigate to Admin >> SiteStore Management >> Knowledge Packs. Locate all "STIG-KP_Plus" Knowledge Pack(s). Click "Deploy" button next to the Knowledge Pack(s). Fill in the form and click "DEPLOY".