In-Person Labs

Peruse the list of In-person Labs being offered at Converge 2022 below.
Use the filters to narrow down which best fit your needs and expertise.

Description Difficulty Modules More Info
An Introduction to Tanium Risk

In this lab, students will learn how Tanium Risk can identify security issues and unknown risk in your environment. In addition, this knowledge will aid you in prioritizing remediation and resolution to improve organizational security hygiene.

Pre-Reqs: None

IntermediateComply, Impact, Patch, Reveal, Risk
Automating Workflows With the Tanium REST API

This will session will begin with an overview of the Tanium API and then do a deeper dive into automating security and operational workflows using PowerShell script.

Pre-Reqs: Working knowledge of PowerShell scripts is recommended, but not required

Intermediate-AdvancedCore, Threat Response, Reputation
Becoming an IT Operations Pro With Tanium

Converged Endpoint Management helps the largest and most demanding organizations manage, inventory, monitor, contextualize and remediate endpoints with ultimate visibility and control at scale. The goal of this session is to get you familiar with asking questions within Tanium to make data driven decisions by taking inventory of what is running in your environment and monitoring the health of devices and agents.

Throughout this lab, you will track application usage throughout the organization and remove unused and potentially unwanted programs which can reduce risk and spending on unused software. In addition, you will review an automated patching strategy for operating system and third-party applications. Next, you will review how to identify poorly performing software using Tanium Performance and then remediate that software with Tanium Deploy. Finally, you will review issues in the environment and use Tanium Client Management to gather and Troubleshoot those issues. Throughout the session, Tanium SMEs will discuss best practices and new features of each module.

Pre-Reqs: None

BeginnerAsset, Deploy, Interact, Patch, Performance, Tanium Client Management
Breaking Silos and Making Friends

Tanium's platform approach provides a unique way to bring teams together. With today's prolific tool suites, it takes a practitioner time to evaluate what their true risks are in their enterprise, and how best to mitigate/remediate these items.

This goes beyond identifying unmanaged systems and bringing them under compliance. It must include populating a proper CMDB, identifying what the riskiest areas are and applying the proper methods to remediate them.

In today’s Enterprises, we commonly see multiple teams using their own tools to gather information, but as we know this data is outdated, inaccurate or just can't be used, because of the time involved to do the correlation between the tools.

With Tanium, this lab will show how quickly you can discover and bring these endpoints under control. Adding them into a CMDB is just the beginning. Understanding how these unmanaged systems have been impacting your Risk — without you even knowing it — and consequences to other systems — should they be compromised — will enhance your endpoint management.

These steps traditionally have been done by multiple teams, with multiple tools. We want to break these silos, and get teams talking and working together.

Pre-Reqs: None

Beginner-IntermediateAsset, Comply, Discover, Enforce, Impact, Patch, Reveal
Find and Prevent Sensitive Data From Moving Around in Your Organization

This is a scenario-based lab that involves finding and monitoring sensitive data and taking remediation action. Lab participants will use Tanium Reveal to first define sensitive data based upon a keyword list and then find files containing such.

First, based upon company policy, sensitive data should be removed if found on unauthorized systems, and that will be accomplished via a Tanium Enforce Remediation policy. Next, sensitive data that is permitted on authorized systems will be monitored for changes and deletions using Integrity Monitor. Finally, Tanium Impact will be analyzed to determine if there are easy paths of lateral movement that an adversary could use to gain access to computers having sensitive data.

Pre-Reqs: Basic understanding of Tanium Reveal, Enforce and Impact modules

Intermediate-AdvancedEnforce, Impact, Reveal, Integrity Monitor
Finding All Your Cattle: Corralling Your Tanium Herd

Discover networked devices, identify and assess unmanaged endpoints, and reduce vulnerability exposure with updates! In this lab, learn how to use Tanium's automated abilities to speed up onboarding new endpoints, whether they are unmanaged endpoints in your environment or expansion to additional sites.

Pre-Reqs: Intermediate Tanium Administrator skills, especially Operations and Risk focused

Intermediate-AdvancedAsset, Deploy, Direct Connect, Discover, Impact, Interact, Patch, Tanium Reporting Service
Get Started Leveraging the Tanium Platform and Module REST APIs Quickly With the TanREST PowerShell Module

In this lab you will learn how to set up the TanREST module, find the API docs and create some example workflows to familiarize yourself with the tools available.

Pre-Reqs: None

IntermediateCore, Deploy, Interact
Integrate Tanium With ServiceNow to Make Your CMDB Actual and Complete

Companies are changing every day and there is great need to have valuable IT workflows. The reality is often that there is a lack of decision making data in the CMDB. This will block the automation part of the workflows. The foundation to solve this issue is to get the CMDB data accurate and actual.

In this lab, we will cover Tanium Asset and Discover as the source for an automated ServiceNow CMDB. First, to see the capabilities in Tanium and second, how to setup the integration with the market leading ServiceNow IT workflow platform. The last part of this lab will cover the standard available integrations with Security Operations and Vulnerability Management to show the art of possibility between both platforms. Dreams become reality!

Pre-Reqs: Administrative knowledge of Tanium; basic administrative knowledge of ServiceNow. Attendees will need to have access to a ServiceNow developer instance, which can be requested at developer.servicenow.com prior to Converge.

IntermediateAPI Gateway, Asset, Comply, Connect, Discover
It's Coming from Inside the House: On the Hunt for Insider Threats With Tanium

The sequel to a much-loved story of a young hunter looking to find and destroy the malodorous and malicious threat within the network — this year, our hunter is seeking insider threats!

We will review hunting techniques and walk through a Malicious Insider Kill Chain, as well as signs of accidental or negligent behaviors that compromise security. Hands-on labs will leverage Threat Response and Integrity Monitor to detect the malicious or negligent behavior, and Reveal and Impact to aid understanding insider threat capabilities.

Pre-Reqs: Intermediate Security experience; Familiarity with Tanium Core; Prior Tanium Threat Response experience recommended, but not required

AdvancedImpact, Reveal, Threat Response, Integrity Monitor
Learning how to Defend Against Threats With Tanium Before a Real Attack

This lab will focus on using Tanium to respond to attacks, and reduce attack surface, by combining Tanium and Threat Emulation. Students will understand a given attack scenario at a high level and identify/implement remediations accordingly. Remediations will focus on reducing the attack surface by applying appropriate security controls and mitigations.

Pre-Reqs: Basic Tanium experience; Cybersecurity background helpful, but not required

Intermediate-AdvancedEnforce, Impact, Threat Response
Show Your CIO how Tanium Delivers Value Using Tanium Reporting

Maximize the value of Tanium Reporting for all users from executive to engineer. Reporting allows new and experienced users the ability to easily find, combine, filter, format and share results without having to leave the Tanium Console.

In this lab we will walk through the basics of creating reports and dashboards, and pivoting to action across modules to strengthen key workflows.

Pre-Reqs: None

Beginner-IntermediateComply, Connect, Enforce, Patch, Tanium Reporting Service
Take Your ISMS to the Next (Maturity-) Level!

Whether it's ISO27001, NIST CSF or PCI-DSS — all ISMS frameworks need process automation and measure effectiveness to reach high maturity ratings and pass certification audits. Besides CIS recommendations, many companies already have their own baselines and target values in place.

In this lab, we would like to show how generic CIS benchmarks can easily be tuned or customized to exactly match customers' requirements. Additionally, we would like to showcase how custom benchmarks can be created to check various other endpoint settings.

After taking this lab, CISOs, ISMS Managers and ISMS Implementers should know how to leverage Tanium to automatically assess compliance with corporate policies and at best, extend their benchmark libraries with custom checks.

Pre-Reqs: Fundamental knowledge of the Tanium platform; Basic knowledge about Tanium Comply

IntermediateComply, Interact
Tanium Basics: Leveraging the Power of Certainty

Intended for both new users and those looking to increase their Tanium knowledge, this lab introduces learners to the Tanium Platform and core functions including questions, sensors, packages, saved questions, dashboards, categories, analyzing trends, actions, action groups and more.

Pre-Reqs: None

BeginnerConnect, Core, Interact, Trends
Tanium, Better Together With Microsoft on a Security Level

In this session, students will be afforded the opportunity to leverage Microsoft Defender to generate alerts in Tanium Threat Response. From there, we will dig deeper, integrating with Microsoft Sentinel to further investigate, remediate and take action on the endpoint.

Pre-Reqs: A security mindset would be helpful, but all practitioners are welcome

IntermediateAsset, Comply, Core, Deploy, Enforce, Patch, Threat Response
Using Tanium to Pinpoint Issues on Your Clients

Have you ever had performance issues on endpoints? Did you ever wonder why an application was running slow? Have you ever had difficulty investigating and understanding the root cause of issues on your endpoints? I bet the answer is, "Yes!"

In this lab, we will walk you through troubleshooting issues on a Windows client. We will show you how to detect issues using Tanium Performance and Tanium Interact, then deep dive into the client itself and show you how to idefntify issues using task manager, windows event log and other tools. Lastly, we will demonstrate how to resolve these issues through hands-on experience and allowing you to fix it yourself.

Pre-Reqs: Basic understanding of Tanium Interact, Performance and general Windows troubleshooting tools

IntermediateAsset, Interact, Performance
Vulnerability Identification, Remediation, and Reporting With Tanium

In this lab, attendees will be given an overview into the entire life cycle of vulnerability management.

In part 1, we will review best practices for configuring Vulnerability scans in Tanium Comply, including scan frequency and low resource configurations. In part 2, we will look at an automated patching strategy that allows for a W0-W4 monthly patching cadence and makes handling patching exceptions exceptionally easy. Lastly, in part 3, we will walk through configuring KPI reports to show vulnerability posture and patching efficacy using Tanium Data.

Pre-Reqs: None

IntermediateComply, Patch, Tanium Reporting Service
Weaving Endpoint Data Into Reporting Gold With API Gateway

Tanium Data Service and Tanium Reporting are two powerful tools in Tanium, but users and developers need the right tool to weave that raw data into reporting gold.

Using API Gateway as the needle, you can pull from TDS data spools and spin the thread into meaningful patterns in Reporting. Tanium's API Gateway can cover the whole end-to-end tasks for automating data operations.

In this session, attendees will learn how to use a number of tools to create a customized report and then get that data out of Tanium and into your other tools (in multiple ways).

Pre-Reqs: Basic knowledge of Tanium and its capabilities; Python or scripting knowledge will be helpful, but not required

IntermediateAPI Gateway, Connect, Tanium Reporting Service
Date & Time
An Introduction to Tanium Risk
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Wednesday, November 16, 2022, 8:30 AM - 10:00 AM
Thursday, November 17, 2022, 11:00 AM - 12:30 PM
Automating Workflows With the Tanium REST API
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Thursday, November 17, 2022, 9:00 AM - 10:30 AM
Becoming an IT Operations Pro With Tanium
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Breaking Silos and Making Friends
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Thursday, November 17, 2022, 9:00 AM - 10:30 AM
Find and Prevent Sensitive Data From Moving Around in Your Organization
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Wednesday, November 16, 2022, 1:00 PM - 2:30 PM
Finding All Your Cattle: Corralling Your Tanium Herd
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Thursday, November 17, 2022, 11:00 AM - 12:30 PM
Get Started Leveraging the Tanium Platform and Module REST APIs Quickly With the TanREST PowerShell Module
Wednesday, November 16, 2022, 1:00 PM - 2:30 PM
Thursday, November 17, 2022, 11:00 AM - 12:30 PM
Integrate Tanium With ServiceNow to Make Your CMDB Actual and Complete
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Thursday, November 17, 2022, 9:00 AM - 10:30 AM
It's Coming from Inside the House: On the Hunt for Insider Threats With Tanium
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Wednesday, November 16, 2022, 3:30 PM - 5:00 PM
Thursday, November 17, 2022, 11:00 AM - 12:30 PM
Learning how to Defend Against Threats With Tanium Before a Real Attack
Wednesday, November 16, 2022, 8:30 AM - 10:00 AM
Thursday, November 17, 2022, 9:00 AM - 10:30 AM
Show Your CIO how Tanium Delivers Value Using Tanium Reporting
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Take Your ISMS to the Next (Maturity-) Level!
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Wednesday, November 16, 2022, 3:30 PM - 5:00 PM
Tanium Basics: Leveraging the Power of Certainty
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Wednesday, November 16, 2022, 8:30 AM - 10:00 AM
Tanium, Better Together With Microsoft on a Security Level
Monday, November 14, 2022, 10:00 AM - 11:30 AM
Monday, November 14, 2022, 3:15 PM - 4:45 PM
Wednesday, November 16, 2022, 1:00 PM - 2:30 PM
Using Tanium to Pinpoint Issues on Your Clients
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Thursday, November 17, 2022, 9:00 AM - 10:30 AM
Vulnerability Identification, Remediation, and Reporting With Tanium
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Thursday, November 17, 2022, 9:00 AM - 10:30 AM
Weaving Endpoint Data Into Reporting Gold With API Gateway
Monday, November 14, 2022, 1:00 PM - 2:30 PM
Wednesday, November 16, 2022, 3:30 PM - 5:00 PM
Thursday, November 17, 2022, 11:00 AM - 12:30 PM