Tanium Integration V2 for Security Operations release notes

  • Release version: Store
  • Updated October 14, 2021
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Tanium Integration V2 for Security Operations Release Notes

    The Tanium Integration V2 for Security Operations enhances the capabilities of ServiceNow users by providing automated and manual access to Tanium functionalities directly from ServiceNow, facilitating better incident response and security management.

    Show full answer Show less

    Key Features

    • Automated Query Triggers: Automatically triggers Tanium queries and actions based on specific incident conditions.
    • Manual Launching: Allows users to manually launch Tanium capabilities from Security Incident Response (SIR) incidents.
    • Profile Creation: Enables the creation of multiple profiles for different Tanium and ServiceNow capabilities, tailored to specific incident categories.
    • Preview Validation: Users can preview Tanium result configurations directly on SIR incidents.
    • Network Isolation: Supports isolating compromised systems and returning them post-remediation.
    • Enterprise-wide Searches: Conducts searches for malicious hashes and generates child incidents for follow-up tasks.
    • Security Tagging: Tags identify which Tanium capabilities are launched and track query completion.
    • Audit Trail: Logs a complete audit trail of Tanium queries and actions in incident work notes.
    • Multi-console Support: Facilitates the application of different policies across multiple Tanium consoles.

    Key Outcomes

    By utilizing the Tanium Integration V2, ServiceNow customers can expect enhanced security incident management, improved response times, and better visibility into threat events. The integration streamlines workflows, allowing for effective tracking and remediation of security incidents while ensuring compliance and auditing through detailed logs.

    Version history for the Security Operations Tanium integration v2 on the ServiceNow Store.

    Important:
    For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

    Version history

    Version 10.3.5 - October 2021
    Fixed: Added additional password-related policies.
    Version 10.3.3 - December 2020
    Changed: With Key Management Framework plugin, developers will have an ability to manage keys used for Password2 fields through crypto module definition.
    Version 5.0.5 - September 2019
    • Fixed:
      • Maximum wait time for sightings search results
      • Maximum results returned for sightings search
      • Re-ordering of API username and password fields in integration configuration
      • Availability of Tanium Sightings Details and Tanium Sightings Results in all Related Lists of the security incident without additional configuration
    Version 5.0.4 - June 2019
    • This version of the Tanium V2 integration supports expanded use cases for Tanium capabilities. It has been tested with versions 7.2x and 7.3x of the Tanium console.
    • A more limited Tanium integration is currently available in the ServiceNow Store that supports queries for running process details. For more feature options and product capabilities, this V2 integration is the preferred version of the Tanium integration.
    Version 5.0.3 - April 2019
    • This is the initial version of the Tanium that supports expanded use cases for Tanium capabilities. A more limited Tanium is currently available in the ServiceNow Store that supports queries for running process details. For more feature options and product capabilities, this V2 integration is the preferred version of the Tanium.
      • Supports automated triggering of Tanium queries and actions based on incident conditions
      • Supports launching of Tanium capabilities manually from ServiceNow AI Platform® Security Incident Response (SIR) security incidents
      • Flexibility to create multiple profiles for triggering different types of Tanium and ServiceNow AI Platform Security Operations capabilities. These profiles gather threat event information or perform actions based on the conditions of specific incident categories such as malware
      • Validate your profile configuration with a preview of the Tanium results on SIR security incidents
      • Isolate compromised systems from the network, and, after remediation, return the systems to the network
      • Launch enterprise-wide searches for malicious hashes, and create child incidents or response tasks to track follow-up remediation
      • If tagging is enabled, security tags identify which Tanium capabilities are initially launched by a workflow and when the queries or actions are successfully completed
      • A full audit trail of Tanium queries and actions is logged in the work notes on SIR security incidents
      • Supports multiple Tanium consoles so that you can apply different policies to user groups and regions