Protect delivers proactive protection to block malicious attacks on endpoints using native operating system and third-party controls at the speed and scale of Tanium across your environment.
A policy is a configuration for a specific application containing settings for particular policy type. Protect supports Anti-malware, AppLocker, BitLocker, Windows device control, Enhanced Mitigation Experience Toolkit (EMET), Firewall management, Software Restriction (SRP), and Remediation policies. Policies are targeted at computer groups.
A rule includes specific security controls contained within a policy.
You can target enforcement of policies to one or more computer groups for which you have management rights. Define computer groups in the Administration section of the Tanium™ Console.
An enforcement occurs when a policy is successfully applied to a computer group. Policies can have one of these enforcement states:
A policy has been successfully enforced. All rules and configurations of the policy are in effect on the targeted endpoint.
A higher priority policy of the same type is overriding this policy. See the enforcement state reason for more information.
The policy is not in effect on the targeted endpoint. See the enforcement state reason for more information.
Use Threat Response findings to create process and network rule policies for Windows endpoints in Protect to prevent future incidents across the network. Failing to identify and address more fundamental vulnerabilities exploited during an incident leaves the organization with no net improvement to their security posture.
Protect has built in integration with Tanium™ Trends for additional reporting of related data. The Trends initial gallery features boards that provide data visualization of Protect concepts.
Defender Definition Versions
Installed version of Windows Defender anti-malware definitions
Threats detected by Windows Defender in the last 24 hours
Processes blocked by AppLocker in the last 24 hours
Processes audited by AppLocker in the last 24 hours
Protect Tools Installations
Installation statuses for Protect tools across supported operating systems
Installed Tools Versions
Currently installed versions of Protect tools
Encryption statuses for Windows (BitLocker) and macOS (FileVault) endpoints
Accessed Recovery Keys
BitLocker recovery keys accessed from the Tanium Console or the recovery portal in the last 7 days
For more information about how to import the Trends boards that are provided by Performance, see Tanium Trends User Guide: Importing the initial gallery.
This documentation may provide access to or information about content, products (including hardware and software), and services provided by third parties (“Third Party Items”). With respect to such Third Party Items, Tanium Inc. and its affiliates (i) are not responsible for such items, and expressly disclaim all warranties and liability of any kind related to such Third Party Items and (ii) will not be responsible for any loss, costs, or damages incurred due to your access to or use of such Third Party Items unless expressly set forth otherwise in an applicable agreement between you and Tanium.
Further, this documentation does not require or contemplate the use of or combination with Tanium products with any particular Third Party Items and neither Tanium nor its affiliates shall have any responsibility for any infringement of intellectual property rights caused by any such combination. You, and not Tanium, are responsible for determining that any combination of Third Party Items with Tanium products is appropriate and will not cause infringement of any third party intellectual property rights.
Tanium is committed to the highest accessibility standards to make interaction with Tanium software more intuitive and to accelerate the time to success. For more information, see Tanium Product Accessibility.
Last updated: 5/13/2021 4:27 PM | Feedback