With Comply, you can support your enterprise compliance goals at Tanium speed. Use Comply for operating system-level configuration checks and vulnerability scanning at scale using the Tanium architecture. It features the following benefits:
- Utilizes benchmarks to evaluate operating systems and applications for configuration of password policies, file permissions, and other components
- Supports Windows, macOS, Linux, AIX, and Solaris endpoints
- Supports Center for Internet Security (CIS) and SCAP benchmarks
- Enables custom checks and result mapping
Comply uses SCAP content to perform compliance checks. These specifications are derived from the input of a community of industry professionals working to advance automation and standardization of technical security operations.
Collection of security configuration rules (primarily composed of OVAL checks) applied against endpoints. XCCDF does not include commands to perform the scan; it is mostly descriptive. Rule evaluation is defined in OVAL. XCCDF files are sometimes called benchmarks or checklists.
A declarative language that defines how a rule is evaluated. OVAL makes logical assertions about the state of a system and is used to describe security vulnerabilities or desired configuration of systems.
A public database of known vulnerabilities.
A path to a local Open Vulnerability and Assessment Language (OVAL) definitions file or a URL to a remote OVAL definitions file.
An arbitrary PowerShell, VBScript, or UNIX shell script used to evaluate conditions on an endpoint.
Maps custom check ID or XCCDF rule ID to arbitrary value. Helpful in mapping CIS content to some other policy or associating arbitrary tags with rules.
A package containing a ZIP file of all XCCDF benchmarks, custom check scripts, custom profile definitions, and optional custom ID mapping definition. A report includes the action to distribute to selected computer groups as well as the saved question to retrieve scan results from endpoints.
You can use Comply vulnerability reports as a connection source.
This documentation may provide access to or information about content, products (including hardware and software), and services provided by third parties (“Third Party Items”). With respect to such Third Party Items, Tanium Inc. and its affiliates (i) are not responsible for such items, and expressly disclaim all warranties and liability of any kind related to such Third Party Items and (ii) will not be responsible for any loss, costs, or damages incurred due to your access to or use of such Third Party Items unless expressly set forth otherwise in an applicable agreement between you and Tanium.
Further, this documentation does not require or contemplate the use of or combination with Tanium products with any particular Third Party Items and neither Tanium nor its affiliates shall have any responsibility for any infringement of intellectual property rights caused by any such combination. You, and not Tanium, are responsible for determining that any combination of Third Party Items with Tanium products is appropriate and will not cause infringement of any third party intellectual property rights.
Last updated: 2/27/2020 11:12 AM | Feedback