Skip to content

Audit Failure Gated, Fail‑Closed Egress

Validate that when audit processing is unavailable or integrity cannot be established, launches and egress follow a fail‑closed posture and upload attempts are denied with appropriate reasons.

Objectives

  • Gate launches/egress on audit availability and integrity as configured.
  • Deny uploads when audit pipeline is down; no egress without evidence.

Preconditions

  • Policy configured to require audit integrity for launch/egress (fail‑closed posture).
  • Proxy‑only egress and upload controls enabled.

Suite

IDCanonical IDsFlowProcedureExpected Outcome
INTEG-AUDIT-FAIL-01HARD-POLICY-03, NET-EGRESS-01, DM-WEB-02Audit Failure Gated, Fail‑Closed Egress1) Disable or block audit pipeline temporarily. 2) Attempt to launch and perform a browser upload.Launch and/or egress are denied per fail‑closed; upload is denied; audit events include action: "deny", reason indicating audit failure gating when available, and integrity.hash for attempted events that were recorded.

Evidence Requirements

  • authz/policy events: action, reason (audit failure), rule.id, integrity.hash.
  • network/dataMotion events: action, outcome, rule.id, integrity.hash; absence of egress when gated.