Scribd
Upload
289 views2 pages

CIS Critical Security Conntrols Checklist PDF

Tanium helps address the top 20 CIS Critical Security Controls and SANS top cybersecurity risks through various Tanium modules. It provides visibility into devices, software, and vulnerabilities across an organization. It also enables monitoring and remediation of issues like patching, malware, and access controls at scale. Key Tanium modules that help with this include Tanium Core, Discover, Comply, Patch, Protect, and Incident Response.

Uploaded by

Roland Ho
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
289 views2 pages

CIS Critical Security Conntrols Checklist PDF

Tanium helps address the top 20 CIS Critical Security Controls and SANS top cybersecurity risks through various Tanium modules. It provides visibility into devices, software, and vulnerabilities across an organization. It also enables monitoring and remediation of issues like patching, malware, and access controls at scale. Key Tanium modules that help with this include Tanium Core, Discover, Comply, Patch, Protect, and Incident Response.

Uploaded by

Roland Ho
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

How Tanium Helps Address the CIS Critical

Security Controls/SANS Top 20


CIS CONTROL HOW TANIUM HELPS ADDRESS RELEVANT TANIUM MODULES

1. Inventory of Authorized and • Deploy an automated asset inventory discovery tool • Tanium Core
Unauthorized Devices • Inventory all local and remote devices connecting to the • Tanium Discover
corporate network - both managed and unmanaged
• Control and block unmanaged assets from
the network

2. Inventory of Authorized and • Create list of installed and running software • Tanium Core
Unauthorized Software • Used to look for anomalous software
• Provide visibility and attribution of software to monitor
software versions and dangerous file types

3. Secure Configurations for • Identify and manages variance from secure • Tanium Core
Hardware and Software on configuration standards • Tanium Comply
Mobile Devices, Laptops, • Patch application and OS updates at scale • Tanium Patch
Workstations and Servers • Identify and limit administrative privileges • Tanium Integrity Monitor
• File integrity monitoring of critical system files

4. Continuous Vulnerability • Continually monitor and assess at scale • Tanium Core


Assessment and Remediation • Scan for software vulnerabilities based on open standards • Tanium Trace
vulnerability database • Tanium Comply
• Quickly remediate across entire enterprise • Tanium Patch

5. Controlled Use of • Continuously monitor for administrator activity • Tanium Core


Administrative Privileges • Alert when administrators are added or removed • Tanium Comply
• Determine systems where minimal password
complexity does not meet company policy

6. Maintenance, Monitoring, and • Ensure information is collected even if system logs have • Tanium Core
Analysis of Audit Logs been tampered with or removed • Tanium Incident Response
• Provide interface to quickly search, filter and • Tanium Trace
visualize information

7. Email and Web • Continually validate & block unauthorized web browsers • Tanium Core
Browser Protections & email clients • Tanium Protect
• Deliver large scale remediation of out-of-date email and • Tanium Comply
web browsers
• Monitor and update unauthorized client settings

8. Malware Defenses • Provide SRP, Windows Firewall rules and monitoring • Tanium Core
around EMET anti-exploit configurations • Tanium Incident Response
• Tanium Protect

www.tanium.com
CIS CONTROL HOW TANIUM HELPS ADDRESS RELEVANT TANIUM MODULES

9. Limitation and Control of • Identify all open ports, protocols and services running • Tanium Core
Network Ports, Protocols across the enterprise • Tanium Protect
and Services • Control and prevent communication to unauthorized • Tanium Discover
ports, protocols and services

10. Data Recovery Capability • Provide visibility into backup status for endpoints • Tanium Core
and backup destinations for risk mitigation

12. Boundary Defense • Track and identify existing IP connections • Tanium Core
• Control and prevent communication to known malicious • Tanium IOC Detect
IP addresses

13. Data Protection • Monitor processes and tools used to prevent • Tanium Core
data exfiltration • Tanium Trace
• Mitigate the effects of exfiltrated data

15. Wireless Access Control • Ensure wireless access meets authorized configuration • Tanium Core
• Identify rogue access points • Tanium Discover

16. Account Monitoring • Provide access to review all system accounts • Tanium Core
and Control • Ensure accounts have an expiration date associated • Tanium Comply
• Identify locked out and disabled accounts
• Continually monitor accounts to determine whether stale
or dormant

• Tanium Core
18. Application Software Security • Deliver visibility and remediation of outdated
application software

19. Incident Response • Provide standard tool for system administrators and other • Tanium Core
and Management  personnel to report, collect and fully scope an incident • Tanium Incident Response
• Tanium Trace
• Tanium IOC Detect

20. Penetration Tests and Red • Monitor and control system accounts for testing and • Tanium Core
Team Exercises validation of legitimate use • Tanium Incident Response
• Tests organizational readiness by simulating the objectives • Tanium Patch
and actions of an attacker • Tanium Trace

Full list of CIS Critical Security Controls: https://www.sans.org/media/critical-security-controls/critical-controls-poster-2016.pdf

www.tanium.com

You might also like