STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Tanium 7.3 Security Technical Implementation Guide

V-234084

CAT II (Medium)

The Tanium Detect must be configured to receive IOC streams only from trusted sources.

Rule ID

SV-234084r960804_rule

STIG

Tanium 7.3 Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-001414

Discussion

An IOC stream is a series or stream of intel that are imported from a vendor based on a subscription service or manually downloaded and placed in a folder. Detect can be configured to retrieve the IOC content on a regularly scheduled basis. The items in an IOC stream can be separately manipulated after they are imported.

Check Content

Consult with the Tanium System Administrator to determine if the "Tanium Detect" module is being used, if not this is Not Applicable.

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Detect".

Expand the left menu.

Click the "Management" tab.

Select "Sources".

Verify all configured Detect Streams are configured to a documented trusted source.

If any configured Detect Stream is configured to a stream that has not been documented as trusted, this is a finding.

Fix Text

Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI).

Log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Detect".

Expand the left menu.

Click the "Management" tab.

Select "Sources".

Click "New Source".

Select the specified Source from the list.

Fill out the specified information. 

Select "Create".