Tanium endpoint files must be excluded from host-based intrusion prevention intervention.
An XCCDF Rule
Description
<VulnDiscussion>Similar to any other host-based applications, the Tanium Client is subject to the restrictions other system-level software may place on an operating environment. Antivirus, IPS, Encryption, or other security and management stack software may disallow the Tanium Server from working as expected. https://docs.tanium.com/client/client/requirements.html#Host_system_security_exceptions</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-254954r961863_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
In the host-based intrusion prevention system, ensure the following folders are excluded:
Windows (64-bit OS versions) - \Program Files (x86)\Tanium\Tanium Client
Windows (32-bit OS versions) - \Program Files\Tanium\Tanium Client
macOS - /Library/Tanium/TaniumClient
Linux, Solaris, AIX - /opt/Tanium/TaniumClient