Find and Prevent Sensitive Data From Moving Around in Your Organization
This is a scenario-based lab that involves finding and monitoring sensitive data and taking remediation action. Lab participants will use Tanium Reveal to first define sensitive data based upon a keyword list and then find files containing such.
Based upon company policy, sensitive data should be removed if found on unauthorized systems, and that will be accomplished via a Tanium Enforce Remediation policy. Next, sensitive data that is permitted on authorized systems will be monitored for changes and deletions using Integrity Monitor. Finally, Tanium Impact will be analyzed to determine if there are easy paths of lateral movement that an adversary could use to gain access to computers having sensitive data.
Pre-Reqs: Basic understanding of Tanium Reveal, Enforce and Impact modules
Additional details: