Tanium is a feature-packed endpoint management and endpoint security platform designed to strengthen and optimize an organization’s cybersecurity efforts. The platform allows security and IT operations team to get access to visible and accurate information on the state of endpoints at all times, to protect against modern-day disruptions, and realize new levels of business resilience.
Netsurion Open XDR helps you to monitor events from Tanium via syslog. It’s reports, saved searches and dashboards provide a graphical representation of key information, such as the total number or percentage of audit events, or operational events. This enables administrators to get an overview of their network activity logs.
Once Tanium is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
|Operations||Tanium – Action History report||Action history reports consist record of all actions issued by console operators. This includes actions, such as flush DNS cache, action lock, deploy direct connect – open session – windows, and discover – execute scan for non-Windows [distributed Nmap], etc.|
The configuration details are consistent with Netsurion Open XDR 9.x and later, and Tanium.