The Tanium Community hosts hundreds of best practice articles. Each one is meant to help technical users achieve valuable outcomes when using Tanium. We have gathered some of our most popular and impactful articles below as a primer for those who are new to the Tanium platform or want to learn more about all you can do with Tanium.
Find and Remediate the CVE-2019-1367 (IE Remote 0-day) Vulnerability
In September this year, Microsoft reported a critical vulnerability in Internet Explorer (IE). Tanium users can quickly find and remediate these types of vulnerabilities at enterprise scale. This article walks through this process with out-of-the-box solutions in Tanium Core, as well as utilizing capabilities in Tanium Asset, Comply and Patch.
Prevent Patching Failure By Managing Microsoft Servicing Stack Updates
As of May 2019, Microsoft has begun marking Servicing Stack Updates (SSUs) as exclusive updates, which means they cannot install at the same time as other patches. The simplest solution is to exclude SSUs from existing deployments and deploy them concurrently in a separate deployment. This article explains how to fast and easy use Tanium Patch to achieve this.
Introduce Automation to a Low-touch, Safe and Effective Monthly Patch Strategy
Automation makes organizations efficient, reduces the chance of human error and frees up skilled administrators to tackle more interesting and complex tasks. In addition, faster and more complete installation of new security patches translates to a better overall security posture. This article details a mostly automated Tanium Patch workflow around a three-stage enterprise-wide deployment.
Identify Risk in Applications and Services with Remote Vulnerability Scanning
By configuring and deploying Tanium Comply for remote vulnerability scanning, Tanium customers can gain additional insight into vulnerable applications and services from the viewpoint of an unprivileged attacker on the network. This article provides a runbook that identifies how to configure Tanium Comply 2.0+ and Tanium Discover 1.8+ to enable remote vulnerability scanning capabilities.
Alert When PCI or Other Sensitive Data Appears on a Managed Computer
In the context of stringent data privacy laws and regulations (e.g. GDPR, CCPA, etc.), if you don’t know where your sensitive data is, you can’t ensure appropriate controls are in place to protect it. When sensitive data shows up on a computer that hasn’t had that type of data previously, Tanium Reveal and Connect can work together to detect new sensitive data appearing in your environment and alert an analyst so they can investigate.