Skip to content

Tanium endpoint files must be excluded from host-based intrusion prevention intervention.

An XCCDF Rule

Description

<VulnDiscussion>Similar to any other host-based applications, the Tanium Client is subject to the restrictions other system-level software may place on an operating environment. Antivirus, IPS, Encryption, or other security and management stack software may disallow the Tanium Server from working as expected. https://docs.tanium.com/client/client/requirements.html#Host_system_security_exceptions</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-254954r961863_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

In the host-based intrusion prevention system, ensure the following folders are excluded:

Windows (64-bit OS versions) - \Program Files (x86)\Tanium\Tanium Client
Windows (32-bit OS versions) - \Program Files\Tanium\Tanium Client
macOS - /Library/Tanium/TaniumClient
Linux, Solaris, AIX - /opt/Tanium/TaniumClient