Documente Academic
Documente Profesional
Documente Cultură
1. Inventory of Authorized and • Deploy an automated asset inventory discovery tool • Tanium Core
Unauthorized Devices • Inventory all local and remote devices connecting to the • Tanium Discover
corporate network - both managed and unmanaged
• Control and block unmanaged assets from
the network
2. Inventory of Authorized and • Create list of installed and running software • Tanium Core
Unauthorized Software • Used to look for anomalous software
• Provide visibility and attribution of software to monitor
software versions and dangerous file types
3. Secure Configurations for • Identify and manages variance from secure • Tanium Core
Hardware and Software on configuration standards • Tanium Comply
Mobile Devices, Laptops, • Patch application and OS updates at scale • Tanium Patch
Workstations and Servers • Identify and limit administrative privileges • Tanium Integrity Monitor
• File integrity monitoring of critical system files
6. Maintenance, Monitoring, and • Ensure information is collected even if system logs have • Tanium Core
Analysis of Audit Logs been tampered with or removed • Tanium Incident Response
• Provide interface to quickly search, filter and • Tanium Trace
visualize information
7. Email and Web • Continually validate & block unauthorized web browsers • Tanium Core
Browser Protections & email clients • Tanium Protect
• Deliver large scale remediation of out-of-date email and • Tanium Comply
web browsers
• Monitor and update unauthorized client settings
8. Malware Defenses • Provide SRP, Windows Firewall rules and monitoring • Tanium Core
around EMET anti-exploit configurations • Tanium Incident Response
• Tanium Protect
www.tanium.com
CIS CONTROL HOW TANIUM HELPS ADDRESS RELEVANT TANIUM MODULES
9. Limitation and Control of • Identify all open ports, protocols and services running • Tanium Core
Network Ports, Protocols across the enterprise • Tanium Protect
and Services • Control and prevent communication to unauthorized • Tanium Discover
ports, protocols and services
10. Data Recovery Capability • Provide visibility into backup status for endpoints • Tanium Core
and backup destinations for risk mitigation
12. Boundary Defense • Track and identify existing IP connections • Tanium Core
• Control and prevent communication to known malicious • Tanium IOC Detect
IP addresses
13. Data Protection • Monitor processes and tools used to prevent • Tanium Core
data exfiltration • Tanium Trace
• Mitigate the effects of exfiltrated data
15. Wireless Access Control • Ensure wireless access meets authorized configuration • Tanium Core
• Identify rogue access points • Tanium Discover
16. Account Monitoring • Provide access to review all system accounts • Tanium Core
and Control • Ensure accounts have an expiration date associated • Tanium Comply
• Identify locked out and disabled accounts
• Continually monitor accounts to determine whether stale
or dormant
• Tanium Core
18. Application Software Security • Deliver visibility and remediation of outdated
application software
19. Incident Response • Provide standard tool for system administrators and other • Tanium Core
and Management personnel to report, collect and fully scope an incident • Tanium Incident Response
• Tanium Trace
• Tanium IOC Detect
20. Penetration Tests and Red • Monitor and control system accounts for testing and • Tanium Core
Team Exercises validation of legitimate use • Tanium Incident Response
• Tests organizational readiness by simulating the objectives • Tanium Patch
and actions of an attacker • Tanium Trace
www.tanium.com