From Tanium 7.0 Security Technical Implementation Guide
Part of SRG-APP-000039
Associated with: CCI-001414
An IOC stream is a series or "stream" of IOCs that are imported from a vendor based on a subscription service or manually downloaded and placed in a folder. IOC Detect can be configured to retrieve the IOC content on a regularly scheduled basis. The items in an IOC stream can be separately manipulated after they are imported.
Consult with the Tanium System Administrator to review the documented list of folder maintainers for IOC Detect Folder streams. If the site does not leverage Folder streams to import IOCs, this finding is "Not Applicable". If the site does use Folder streams to import IOCs and the folder maintainers are not documented, this is a finding.
Prepare and maintain documentation identifying the Tanium IOC Folder stream maintainers.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer