Tanium Server directory and subsequent files must be excluded from on-access scan.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254955 | TANS-AP-001425 | SV-254955r867765_rule | Medium |
| Description |
|---|
| Similar to any other host-based applications, the Tanium Server is subject to the restrictions other system-level software may place on an operating environment. Antivirus, IPS, Encryption, or other security and management stack software may disallow the Tanium Server from working as expected. https://docs.tanium.com/client/client/requirements.html#Host_system_security_exceptions |
| STIG | Date |
|---|---|
| Tanium 7.x Application on TanOS Security Technical Implementation Guide | 2022-10-31 |
Details
| Check Text ( C-58568r867763_chk ) |
|---|
| Review the settings of the antivirus software. Validate exclusions exist that exclude the Tanium Server directory and subsequent files interactions from on-access scans. If exclusions do not exist, this is a finding. |
| Fix Text (F-58512r867764_fix) |
|---|
| Implement exclusion policies within the antivirus software solution to exclude the on-access scanning of Tanium Server directory and subsequent files interactions. |