The Tanium Security Operations Integrations aims to increase efficiency in the incident lifecycle by removing the number of manual investigation steps and augmenting ServiceNow processes with the speed and scale of Tanium to provide a more unified interface in which related incident data is presented in a meaningful and actionable way.
Automatically enriches data for the associated CI on a Security Incident:
- Logged On Users
- Network Statistics
- Running Processes
- Running Services
Enables ability to leverage Tanium Trace to execute Sightings Searches for IP’s and Hashes
Release notes for this application can be found at: https://help.tanium.com/bundle/servicenow_releasenotes/
Verify that the following Security Operations applications are installed and activated from the ServiceNow Store. If not installed, install, and activate one application at a time in the order listed below to ensure a smooth installation.
- Security Incident Response
- Security Integration Framework
- Security Support Common
- Security Support Orchestration
- Security Operations