Other resources

Release Notes

Video Tutorial

Protect overview

Protect delivers proactive protection to block malicious attacks on endpoints using native operating system and third-party controls at the speed and scale of Tanium across your environment.


Configuration for a specific application containing settings for particular policy type. Protect supports Anti-malware, AppLocker, BitLocker, Windows device control, Enhanced Mitigation Experience Toolkit (EMET), Firewall management, Software Restriction (SRP), and Remediation policies. Policies are targeted at computer groups.


Specific security controls contained within a policy.

Computer group

Defined in the Administration section of the Tanium™ Console. You can target enforcement of policies to one or more computer groups for which you have management rights.


An enforcement occurs when a policy is successfully applied to a computer group. Policies can have one of these enforcement states:


A policy has been successfully enforced. All rules and configurations of the policy are in effect on the targeted endpoint.

Partially enforced

A higher priority policy of the same type is overriding this policy. See the enforcement state reason for more information.


The policy is not in effect on the targeted endpoint. See the enforcement state reason for more information.