Views:

Gain insight into CVEs in your environment by connecting your Tanium Comply data source with TrendAI Vision One™.

Connect your Tanium Comply account to TrendAI Vision One™ to gain access to endpoint information and CVE detections in order to enhance risk analyses in Cyber Risk Exposure Management.

Procedure

  1. Trend advises creating a service account in Tanium (rather than using an individual user account) to issue the API token. If the account tied to an API token is later disabled, the integration breaks immediately. Apply the following roles to the service account: Comply Report Reviewer and API Gateway User (or Gateway User in newer Tanium versions), scoped to All Computers or the specific computer groups you want to collect data from.
    Note
    Note
    For guidance on service accounts, see the Use service accounts section (under Best practices for tokens) of Tanium's API tokens documentation.
  2. Sign in to the Tanium console with the account that will issue the API token.
  3. Go to AdministrationPermissionsAPI Tokens and click New API Token.
  4. Fill in a description of the token and the number of days until expiry.
  5. In the Trusted IP addresses field, add the TrendAI Vision One™ IP addresses for your region. See Cyber Risk Exposure Management regional IP addresses for your regional IP addresses.
  6. Click Save.
    The Tanium API token generates and is displayed on the console. Ensure you copy the token.
  7. In the TrendAI Vision One™ console, go to Workflow and AutomationThird-Party Integrations.
  8. Locate and click the Tanium Comply card.
    You are directed to the Tanium Comply data source drawer in Service ManagementData Source and Log Management.
  9. Input the URL of your Tanium server in the URL field.
    Note
    Note
    This integration currently supports Tanium Cloud only. Tanium Cloud tenant URLs include -api in the hostname. On-premises Tanium servers are not currently supported.
  10. Input the newly generated API token in the API token field.
  11. Click Save.
    Note
    Note
    You may update the API token at any time by clicking Edit settings.
    Note
    Note
    Trend does not automatically rotate the Tanium API token. You are expected to manually rotate the token before it expires, following Tanium's short-lived-token best practice. If the token expires, the integration silently stops pulling data.