How Tanium Helps Address the CIS Critical
Security Controls/SANS Top 20
CIS CONTROL
1. Inventory of Authorized and
Unauthorized Devices
2. Inventory of Authorized and
Unauthorized Software
3. Secure Configurations for
Hardware and Software on
Mobile Devices, Laptops,
Workstations and Servers
4. Continuous Vulnerability
Assessment and Remediation
5. Controlled Use of
Administrative Privileges
6. Maintenance, Monitoring, and
Analysis of Audit Logs
7. Email and Web
Browser Protections
8. Malware Defenses
HOW TANIUM HELPS ADDRESS RELEVANT TANIUM MODULES
• Deploy an automated asset inventory discovery tool • Tanium Core
• Inventory all local and remote devices connecting to the • Tanium Discover
corporate network - both managed and unmanaged
• Control and block unmanaged assets from
the network
• Create list of installed and running software • Tanium Core
• Used to look for anomalous software
• Provide visibility and attribution of software to monitor
software versions and dangerous file types
• Identify and manages variance from secure • Tanium Core
configuration standards • Tanium Comply
• Patch application and OS updates at scale • Tanium Patch
• Identify and limit administrative privileges • Tanium Integrity Monitor
• File integrity monitoring of critical system files
• Continually monitor and assess at scale • Tanium Core
• Scan for software vulnerabilities based on open standards • Tanium Trace
vulnerability database • Tanium Comply
• Quickly remediate across entire enterprise • Tanium Patch
• Continuously monitor for administrator activity • Tanium Core
• Alert when administrators are added or removed • Tanium Comply
• Determine systems where minimal password
complexity does not meet company policy
• Ensure information is collected even if system logs have • Tanium Core
been tampered with or removed • Tanium Incident Response
• Provide interface to quickly search, filter and • Tanium Trace
visualize information
• Continually validate & block unauthorized web browsers • Tanium Core
& email clients • Tanium Protect
• Deliver large scale remediation of out-of-date email and • Tanium Comply
web browsers
• Monitor and update unauthorized client settings
• Provide SRP, Windows Firewall rules and monitoring • Tanium Core
around EMET anti-exploit configurations • Tanium Incident Response
• Tanium Protect
www.tanium.com
 CIS CONTROL HOW TANIUM HELPS ADDRESS RELEVANT TANIUM MODULES

9. Limitation and Control of • Identify all open ports, protocols and services running • Tanium Core
Network Ports, Protocols across the enterprise • Tanium Protect
and Services • Control and prevent communication to unauthorized • Tanium Discover
ports, protocols and services

10. Data Recovery Capability • Provide visibility into backup status for endpoints • Tanium Core
and backup destinations for risk mitigation

12. Boundary Defense • Track and identify existing IP connections • Tanium Core
• Control and prevent communication to known malicious • Tanium IOC Detect
IP addresses

13. Data Protection • Monitor processes and tools used to prevent • Tanium Core
data exfiltration • Tanium Trace
• Mitigate the effects of exfiltrated data

15. Wireless Access Control • Ensure wireless access meets authorized configuration • Tanium Core
• Identify rogue access points • Tanium Discover

16. Account Monitoring • Provide access to review all system accounts • Tanium Core
and Control • Ensure accounts have an expiration date associated • Tanium Comply
• Identify locked out and disabled accounts
• Continually monitor accounts to determine whether stale
or dormant

• Tanium Core
18. Application Software Security • Deliver visibility and remediation of outdated
application software

19. Incident Response • Provide standard tool for system administrators and other • Tanium Core
and Management  personnel to report, collect and fully scope an incident • Tanium Incident Response
• Tanium Trace
• Tanium IOC Detect

20. Penetration Tests and Red • Monitor and control system accounts for testing and • Tanium Core
Team Exercises validation of legitimate use • Tanium Incident Response
• Tests organizational readiness by simulating the objectives • Tanium Patch
and actions of an attacker • Tanium Trace

Full list of CIS Critical Security Controls: https://www.sans.org/media/critical-security-controls/critical-controls-poster-2016.pdf

www.tanium.com