Configuring Reputation

If you did not install Reputation with the Apply All Tanium recommended configurations option, you must enable and configure certain features.

When you import Reputation with automatic configuration, the Reputation service account is set to the account that you used to import the module.

Configuring a unique service account for each Tanium solution is an extra security measure to consider in consultation with the security team of your organization. See Configure service account.

No default settings are configured for Reputation.

Configure Reputation

Configure service account

The service account is a user that runs several background processes for Reputation. This user requires the following roles and access:

  • Reputation Service Account role
  • (Optional) Connect User role to send Reputation data to Tanium Connect

For more information about Reputation permissions, see User role requirements.

If you imported Reputation with default settings, the service account is set to the account that you used to perform the import. Configuring a unique service account for each Tanium solution is an extra security measure to consider in consultation with the security team of your organization.

  1. From the Main menu, go to Administration > Shared Services > Reputation to open the Reputation Overview page.
  2. Click Settings and open the Service Account tab.
  3. Update the service account settings and click Save.

Configure Reputation service settings

Reputation service settings determine the contents of the reputation database. These settings determine how often reputation items are scanned in the reputation source, how long to consider items as new, and how long to keep items in the database if their reputation status has not been referenced. For more information about these settings and how they affect the reputation items, see Reputation item life cycle.

To update these settings, from the Reputation Overview page, click Settings , and then click Configuration Settings.

The Keep Reports setting determines whether you want the full reports from the reputation source to be kept in the reputation database. You can choose to keep all reports, or only malicious and suspicious reports. Selecting only malicious and suspicious reports saves space in the database. If you are using VirusTotal as a connection source, use the keep all reports option to get the enhanced reporting information.

Set up Reputation users

You can use the following set of predefined user roles to set up Reputation users.

To review specific permissions for each role, see User role requirements.

For more information about assigning user roles, see Tanium Core Platform User Guide: Manage role assignments for a user.

Reputation Administrator

Assign the Reputation Administrator role to users who manage the configuration of Reputation.
This role can perform the following tasks:

  • Configure Reputation settings, including the service account, scanning, storage, and logging
  • View, create, edit, and delete reputation provider configurations
  • View, create, edit, and delete file data hashes

Reputation Operator

Assign the Reputation Operator role to users who manage the configuration of Reputation but do not need to manage the service account.
This role can perform the following tasks:

  • Configure some Reputation settings, including scanning, storage, and logging
  • View, create, edit, and delete reputation provider configurations
  • View, create, edit, and delete file data hashes

Reputation Service Account

Assign the Reputation Service Account role to the account that configures system settings for Reputation.
This role can perform several background processes for Reputation. For more information, see Installing Reputation.