Other resources

Release Notes

Video Tutorial

Protect overview

Protect delivers proactive protection to block malicious attacks on endpoints using native operating system and third-party controls at the speed and scale of Tanium across your environment.

Policy

Configuration for a specific application containing settings for particular policy type. Protect supports Anti-malware, AppLocker, BitLocker, Windows device control, Enhanced Mitigation Experience Toolkit (EMET), Firewall management, Software Restriction (SRP), and Remediation policies. Policies are targeted at computer groups.

Rule

Specific security controls contained within a policy.

Computer group

Defined in the Administration section of the Tanium™ Console. You can target enforcement of policies to one or more computer groups for which you have management rights.

Enforcement

An enforcement occurs when a policy is successfully applied to a computer group. Policies can have one of these enforcement states:

Enforced

A policy has been successfully enforced. All rules and configurations of the policy are in effect on the targeted endpoint.

Partially enforced

A higher priority policy of the same type is overriding this policy. See the enforcement state reason for more information.

Unenforced

The policy is not in effect on the targeted endpoint. See the enforcement state reason for more information.

Integration with Other Tanium Products

Threat Response

Use Threat Response findings to create process and network rule policies for Windows endpoints in Protect to prevent future incidents across the network. Failing to identify and address more fundamental vulnerabilities exploited during an incident leaves the organization with no net improvement to their security posture.

Trends

Protect has built in integration with Tanium™ Trends for additional reporting of related data. The Trends initial gallery features boards that provide data visualization of Protect concepts.

Anti-Malware

Defender Definition Versions

Installed version of Windows Defender anti-malware definitions

Defender Alerts

Threats detected by Windows Defender in the last 24 hours

AppLocker

Blocked Processes

Processes blocked by AppLocker in the last 24 hours

Audited Processes

Processes audited by AppLocker in the last 24 hours

Deployment

Protect Tools Installations

Installation statuses for Protect tools across supported operating systems

Installed Tools Versions

Currently installed versions of Protect tools

Encryption

Status

Encryption statuses for Windows (BitLocker) and macOS (FileVault) endpoints

Accessed Recovery Keys

BitLocker recovery keys accessed from the Tanium Console or the recovery portal in the last 7 days

For more information about how to import the Trends boards that are provided by Performance, see Tanium Trends User Guide: Importing the initial gallery.