STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Tanium 7.3 Security Technical Implementation Guide

V-234032

CAT II (Medium)

Tanium must implement organization-defined automated security responses if baseline configurations are changed in an unauthorized manner.

Rule ID

SV-234032r961458_rule

STIG

Tanium 7.3 Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-001744

Discussion

Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the system. Changes to information system configurations can have unintended side effects, some of which may be relevant to security. Detecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the application. Examples of security responses include, but are not limited to the following: halting application processing; halting selected application functions; or issuing alerts/notifications to organizational personnel when there is an unauthorized modification of a configuration item.

Check Content

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on the module "Integrity Monitor".

Click on "Monitors" from the left menu.

Ensure "Monitors" are deployed with applicable Watchlists and Endpoints.

Record any that have a number greater than "0" otherwise, this is a finding.

If using third party integrity monitoring tools, this is Not Applicable.

Fix Text

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on the module "Integrity Monitor".

Click "Watchlist" from the left menu.

 "Create a New Watchlist" in the upper right corner.

Add Name and Description of the new Watchlist.

Select "Path Style" that fits your enterprise needs.

Select "Create".

Click on the new Watchlist.

Select "Add Paths".

Add paths to be monitored (Work with your TAM to determine correct paths).

Click "Monitor" from the left menu.
 
 "Create a New Monitor" in the upper right corner.

Add "Name"

Add "Description".

Add computers for the new Monitor along with Watchlist.

Click "Create".

Select "Deploy Monitors".