From Tanium 6.5 Security Technical Implementation Guide
Part of SRG-APP-000377
Associated with: CCI-001811
Tanium inherently watches files and their respective hash values for change but while Tanium can do file integrity checks of critical executables, it is important to conduct File Integrity Monitoring (FIM) via an outside service such as Host Based Security System (HBSS) or similar security suites with FIM capability. These technologies provide independent monitoring of critical Tanium and system binaries.
If the site is using Tanium Index, Index should be used to monitor the file integrity of Tanium critical files. If Tanium Index is not installed, a third-party file integrity monitoring tool must be used to monitor Tanium critical executables, defined as all files in the Tanium Server installed path. If the file integrity of Tanium critical executables is not monitored, this is a finding.
Implement a file integrity monitoring system to monitor the Tanium critical executable files.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer