Comply overview

Use Comply to evaluate endpoints for security configuration exposures and software vulnerabilities using industry standard security benchmarks, vulnerability definitions, and custom compliance checks. With complete results on-demand and comprehensive, enterprise-wide results, you can reduce your organization's overall risk, improve your security hygiene, and simplify preparation for industry compliance audits such as PCI, HIPAA, and SOX.

Comply utilizes SCAP compliant content, such as benchmarks published by DISA or the Center for Internet Security (CIS), to evaluate operating systems and applications for configuration of password policies, file permissions, and other components. Comply supports Windows, macOS, Linux, AIX, and Solaris endpoints.

Integration with other Tanium products

Comply has built in integration with Tanium™ Connect, Tanium™ Patch, and Tanium™ Trends for additional reporting of related data.


You can use Comply vulnerability reports as a connection source. For more information, see Exporting vulnerability reports.


You can open Patch from a link in Comply vulnerability reports results to view details about the patch that resolves a reported vulnerability. You can also install the patch to endpoints directly from the patch details page. For more information, see Vulnerability report results.


Comply features Trends boards that provide data visualization of Comply concepts.

The Comply board displays information about your Comply deployment, compliance exposures, vulnerability findings, tools deployed, and scanning status. The Comply board includes the following sections and panels:

  • Coverage
    • Coverage
  • Visibility
    • Is Vulnerable
  • Deployment
    • Tools Deployed - Last 30 Days
    • Tools Outdated - Last 30 Days
    • Scan Engines Deployed - Last 30 Days
  • Effectiveness
    • Compliance Exposures - Last 30 Days
    • Vulnerability Findings - Last 30 Days
  • Operationalization
    • Endpoint Scanned - Last 30 Days