Find and Prevent Sensitive Data From Moving Around in Your Organization

This is a scenario-based lab that involves finding and monitoring sensitive data and taking remediation action. Lab participants will use Tanium Reveal to first define sensitive data based upon a keyword list and then find files containing such.

First, based upon company policy, sensitive data should be removed if found on unauthorized systems, and that will be accomplished via a Tanium Enforce Remediation policy. Next, sensitive data that is permitted on authorized systems will be monitored for changes and deletions using Integrity Monitor. Finally, Tanium Impact will be analyzed to determine if there are easy paths of lateral movement that an adversary could use to gain access to computers having sensitive data.

Pre-Reqs: Basic understanding of Tanium Reveal, Enforce and Impact modules

Additional details:

Unique ID
VCVGLB026
Session Track
Client Management, Risk & Compliance Management, Sensitive Data Monitoring
Session Type
Virtual, Self-Service Lab
Session Category
Self-Service Lab
Modules
Enforce, Impact, Reveal, Integrity Monitor
Difficulty
Intermediate-Advanced
Industry
Agriculture, Mining & Raw Materials, Construction, Education, Energy, Utilities & Waste, Entertainment, Facilities, Lodging & Resorts, Financial Services, Government - Federal, Government - Local, Healthcare & Life Sciences, Holding Companies & Conglomerates, Hospitals & Physicians Clinics, Insurance, Law Firms & Legal Services, Manufacturing, Construction & Wholesale Trade, Media & Internet, Media & Telecommunications, Non-Profit & Charitable Organizations, Professional & Business Services, Real Estate, Retail & Hospitality, Software & Technology, Transportation Services, Other