UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Tanium Trusted Content providers must be documented.


Overview

Finding ID Version Rule ID IA Controls Severity
V-254878 TANS-AP-000045 SV-254878r867534_rule Medium
Description
A Tanium Sensor, also called content, enables an organization to gather real-time inventory, configuration, and compliance data elements from managed computers. Sensors gather specific information from the local device and then write the results to the computer's standard output channel. The Tanium Client captures that output and forwards the results through the platform's unique "ring" architecture for display in the Tanium Console. The language used for Sensor development is based on the scripting engine available on the largest number of devices under management as well as the scripting experience and background of the people who will be responsible for creating new Sensors. VBScript and PowerShell are examples of common scripting languages used for developing sensors. Because errors in scripting can and will provide errant feedback at best and will impact functionality of the endpoint to which the content is directed, it is imperative to ensure content is only accepted from trusted sources.
STIG Date
Tanium 7.x Application on TanOS Security Technical Implementation Guide 2022-10-31

Details

Check Text ( C-58491r867532_chk )
Note: If only using Tanium-provided content and not accepting content from any other content providers, this is Not Applicable.

Consult with the Tanium System Administrator to review the documented list of trusted content providers along with the Hash for their respective public keys.

If the site does not have the Tanium trusted content providers documented along with the SHA-256 Hash for their respective public keys, this is a finding.
Fix Text (F-58435r867533_fix)
Prepare and maintain documentation identifying the Tanium trusted content providers along with the SHA-256 Hash from their respective public keys.