Tanium Comply™ (Comply) allows users to support their enterprise compliance goals at Tanium speed. Comply is primarily used for operating system-level checks and scales using the Tanium architecture. It features the following benefits:
- Evaluates benchmarks and vulnerabilities against operating systems, network configuration, password policy, file permissions, and other components
- Supports Windows, Linux, and macOS platforms
- Supports Center for Internet Security (CIS) content
- Enables custom checks and result mapping
Security Content Automation Protocol (SCAP)
Comply uses SCAP content to perform compliance checks. These specifications are derived from the input of a community of industry professionals working to advance automation and standardization of technical security operations.
Extensible Configuration Checklist Description Format (XCCDF)
Collection of security configuration rules (primarily composed of OVAL checks) applied against endpoints. XCCDF does not include commands to perform the scan; it is mostly descriptive. Rule evaluation is defined in OVAL. XCCDF files are sometimes called benchmarks or checklists.
Open Vulnerability and Assessment Language (OVAL)
A declarative language that defines how a rule is evaluated. OVAL makes logical assertions about the state of a system and is used to describe security vulnerabilities or desired configuration of systems.
Common Vulnerabilities and Exposures (CVE)
A public database of known vulnerabilities.
A path to a local Open Vulnerability and Assessment Language (OVAL) definitions file or a URL to a remote OVAL definitions file.
An arbitrary powershell, VBScript, or UNIX shell script used to evaluate conditions on an endpoint.
Custom ID mapping
Maps custom check ID or XCCDF rule ID to arbitrary value. Helpful in mapping CIS content to some other policy or associating arbitrary tags with rules.
A package containing a zip file of all XCCDF benchmarks, custom check scripts, custom profile definitions, and optional custom ID mapping definition. A report includes the action to distribute to selected computer groups as well as the saved question to retrieve scan results from endpoints.
Last updated: 9/12/2017 5:44 PM | Feedback