Virtual Self-Service Labs

Peruse the list of Virtual Self-Service Labs being offered during Converge 2022 below.
Use the filters to narrow down which best fit your needs and expertise.

Virtual Self-Service Labs can be taken at your own pace on November 15th and 16th. Access to selected Lab environments will be granted starting at 8:00am CST on November 15th and will close at 8:00pm CST on November 16th.

Description Difficulty Modules More Info
Automating Workflows with the Tanium REST API

This will session will begin with an overview of the Tanium API and then do a deeper dive into automating security and operational workflows using PowerShell script.

Pre-Reqs: Working knowledge of PowerShell scripts is recommended, but not required

Intermediate-AdvancedCore, Threat Response, Reputation
Becoming an IT Operations Pro with Tanium

Converged Endpoint Management helps the largest and most demanding organizations manage, inventory, monitor, contextualize and remediate endpoints with ultimate visibility and control at scale. The goal of this session is to get you familiar with asking questions within Tanium to make data driven decisions by taking inventory of what is running in your environment and monitoring the health of devices and agents.

Throughout this lab, you will track application usage throughout the organization and remove unused and potentially unwanted programs which can reduce risk and spending on unused software. In addition, you will review an automated patching strategy for operating system and third-party applications. Next, you will review how to identify poorly performing software using Tanium Performance and then remediate that software with Tanium Deploy. Finally, you will review issues in the environment and use Tanium Client Management to gather and Troubleshoot those issues. Throughout the session, Tanium SMEs will discuss best practices and new features of each module.

Pre-Reqs: None

BeginnerAsset, Deploy, Interact, Patch, Performance
Better Together with Microsoft on a Security Level

In this session, students will be afforded the opportunity to leverage Microsoft Defender to generate alerts in Tanium Threat Response. From there, we will dig deeper, integrating with Microsoft Sentinel to further investigate, remediate, and take action on the endpoint.

Pre-Reqs: A security mindset would be helpful, but all practitioners are welcome

IntermediateAsset, Comply, Core, Deploy, Enforce, Patch, Threat Response
Breaking Silos and Making Friends

Tanium's platform approach provides a unique way to bring teams together. With today's prolific tool suites, it takes a practitioner time to evaluate what their true risk is in their enterprise, and how best to mitigate/remediate these items. This goes beyond identifying unmanaged systems and bringing them under compliance. It must include populating a proper CMDB, identifying what the riskiest areas are, and applying the proper methods to remediate them. In today’s Enterprises, we commonly see multiple teams using their own tools to gather information, but as we know this data is outdated, inaccurate, or just can't be used, because of the time involved to do the correlation between the tools.

With Tanium, this lab will show how quickly you can discover, and bring these endpoints under control. Adding them into a CMDB is just the beginning. Understanding how these unmanaged systems have been impacting your Risk (and you didn't even know it), and what those systems can also affect should they be compromised. These steps traditionally have been done by multiple teams, with multiple tools. We want to break these silos and get teams talking and working together. To do this we will attempt to demonstrate what each team can see and do within the Tanium Platform, making for a better understanding of the entire enterprise, by providing a single pane of glass to everyone.

Pre-Reqs: None

Beginner-IntermediateAsset, Comply, Discover, Enforce, Impact, Patch, Reveal
Code Your Way to Freedom: Tanium Endpoint Coding for Self-Reliance and Real Weekends

Come check out Converge 2021's most well-attended lab, with new additions and lab exercises!

Tanium was built to deploy and run code fast. Executing your own code as a Sensor or Package to get information and control endpoints in seconds is how you get your weekends back and look like a hero doing it. Learn why security and operations admins finally agree on something - waiting for a vendor is not nearly as much fun as impersonating one. Learn how to do it and also what to absolutely never do. No programming experience required - you can do this! Yes, You!

Pre-Reqs: Basic Tanium experience, asking questions and deploying actions; No specific product experience required

IntermediateCore
Find and Prevent Sensitive Data From Moving Around in Your Organization

This is a scenario-based lab that involves finding and monitoring sensitive data and taking remediation action. Lab participants will use Tanium Reveal to first define sensitive data based upon a keyword list and then find files containing such.

Based upon company policy, sensitive data should be removed if found on unauthorized systems, and that will be accomplished via a Tanium Enforce Remediation policy. Next, sensitive data that is permitted on authorized systems will be monitored for changes and deletions using Integrity Monitor. Finally, Tanium Impact will be analyzed to determine if there are easy paths of lateral movement that an adversary could use to gain access to computers having sensitive data.

Pre-Reqs: Basic understanding of Tanium Reveal, Enforce and Impact modules

Intermediate-AdvancedEnforce, Impact, Reveal, Integrity Monitor
Finding All Your Cattle: Corralling Your Tanium Herd

Discover networked devices, identify and assess unmanaged endpoints, and reduce vulnerability exposure with updates! In this lab, learn how to use Tanium's automated abilities to speed up onboarding new endpoints, whether they are unmanaged endpoints in your environment or expansion to additional sites.

Pre-Reqs: Intermediate Tanium Administrator skills, especially Operations and Risk focused

Intermediate-AdvancedAsset, Deploy, Direct Connect, Discover, Impact, Interact, Patch, Tanium Reporting Service
Get Started Leveraging the Tanium Platform and Module REST APIs Quickly with the TanREST PowerShell Module

In this lab you will learn how to set up the TanREST module, find the API docs and create some example workflows to familiarize yourself with the tools available.

Pre-Reqs: None

IntermediateCore, Deploy, Interact
Integrate Tanium with ServiceNow to Make Your CMDB Actual and Complete

Companies are changing every day and there is great need to have valuable IT workflows. The reality is often that there is a lack of decision making data in the CMDB. This will block the automation part of the workflows. The foundation to solve this issue is to get the CMDB data accurate and actual.

In this lab, we will cover Tanium Asset and Discover as the source for an automated ServiceNow CMDB. First, to see the capabilities in Tanium and second, how to setup the integration with the market leading ServiceNow IT workflow platform. The last part of this lab will cover the standard available integrations with Security Operations and Vulnerability Management to show the art of possibility between both platforms. Dreams become reality!

Pre-Reqs: Administrative knowledge of Tanium; basic administrative knowledge of ServiceNow. Attendees will need to have access to a ServiceNow developer instance, which can be requested at developer.servicenow.com prior to Converge.

IntermediateAPI Gateway, Asset, Comply, Connect, Discover
It's Coming from Inside the House: On the Hunt for Insider Threats with Tanium

The sequel to a much-loved story of a young hunter looking to find and destroy the malodorous and malicious threat within the network -- this year, our hunter is seeking insider threats!

We will review hunting techniques and walk through a Malicious Insider Kill Chain, as well as signs of accidental or negligent behaviors that compromise security. Hands on labs will leverage Threat Response and Reveal to detect malicious and negligent behavior as well as utilize Impact and Enforce to mitigate future risk from an insider threat.

Pre-Reqs: Intermediate Security experience; Familiarity with Tanium Core; Prior Tanium Threat Response experience recommended, but not required

AdvancedImpact, Reveal, Threat Response, Integrity Monitor
Learning How to Defend Against Threats with Tanium Before a Real Attack

This lab will focus on using Tanium to respond to attacks, and reduce attack surface, by combining Tanium and Threat Emulation. Students will understand a given attack scenario at a high level and identify/implement remediations accordingly. Remediations will focus on reducing the attack surface by applying appropriate security controls and mitigations.

Pre-Reqs: Basic Tanium experience; Cybersecurity background helpful, but not required

Intermediate-AdvancedEnforce, Impact, Threat Response
Setting the Curve: How to Improve Your Marks and Reduce Enterprise Risk with Tanium Benchmarks

In this lab, students will observe how Tanium Benchmark provides unique insights into security program effectiveness, enterprise security hygiene, vulnerability and patch management programs, and endpoint risk via organizational metrics and industry comparisons. Students will be able to examine new ways to compare their organization's metrics and real-time risk posture against other customers in their industry to see how they stack up. Additionally, this lab also introduces new capabilities to dynamically define asset criticality levels on Tanium endpoints to focus on the most important endpoints first in critical enterprise workflows such as investigation and remediation.

Pre-Reqs: This course is intended for new and experienced Tanium users who are ready to expand their knowledge of Tanium Benchmarks module and its metrics and risk scoring capabilities.

Beginner-IntermediateComply, Impact, Patch, Reveal, Risk
Show Your CIO How Tanium Delivers Value Using Tanium Reporting

Maximize the value of Tanium Reporting for all users from executive to engineer. Reporting allows new and experienced users the ability to easily find, combine, filter, format and share results without having to leave the Tanium Console.

In this lab we will walk through the basics of creating reports and dashboards, and pivoting to action across modules to strengthen key workflows.

Pre-Reqs: None

Beginner-IntermediateComply, Connect, Enforce, Patch, Tanium Reporting Service
Take Your ISMS to the Next (Maturity-) Level!

Whether it's ISO27001, NIST CSF or PCI-DSS — all ISMS frameworks need process automation and measure effectiveness to reach high maturity ratings and pass certification audits. Besides CIS recommendations, many companies already have their own baselines and target values in place.

In this lab, we would like to show how generic CIS benchmarks can easily be tuned or customized to exactly match customers' requirements. Additionally, we would like to showcase how custom benchmarks can be created to check various other endpoint settings.

After taking this lab, CISOs, ISMS Managers and ISMS Implementers should know how to leverage Tanium to automatically assess compliance with corporate policies and at best, extend their benchmark libraries with custom checks.

Pre-Reqs: Fundamental knowledge of the Tanium platform; Basic knowledge about Tanium Comply

IntermediateComply, Interact
Tanium Basics: Leveraging the Power of Certainty

Intended for both new users and those looking to increase their Tanium knowledge, this lab introduces learners to the Tanium Platform and core functions including questions, sensors, packages, saved questions, dashboards, categories, analyzing trends, actions, action groups and more.

Pre-Reqs: None

BeginnerConnect, Core, Interact, Trends
Using Tanium to Pinpoint Issues on Your Clients

Have you ever had performance issues on endpoints? Did you ever wonder why an application was running slow? Have you ever had difficulty investigating and understanding the root cause of issues on your endpoints? I bet the answer is, "Yes!"

In this lab, we will walk you through troubleshooting issues on a Windows client. We will show you how to detect issues using Tanium Performance and Tanium Interact, then deep dive into the client itself and show you how to identify issues using task manager, windows event log and other tools. Lastly, we will demonstrate how to resolve these issues through hands-on experience and allowing you to fix it yourself.

Pre-Reqs: Basic understanding of Tanium Interact, Performance, and general Windows troubleshooting tools

IntermediateAsset, Interact, Performance
Vulnerability Identification, Remediation, and Reporting with Tanium

In this lab, attendees will be given an overview into the entire life cycle of vulnerability management.

In part 1, we will review best practices for configuring Vulnerability scans in Tanium Comply, including scan frequency and low resource configurations. In part 2, we will look at an automated patching strategy that allows for a W0-W4 monthly patching cadence and makes handling patching exceptions exceptionally easy. Lastly, in part 3, we will walk through configuring KPI reports to show vulnerability posture and patching efficacy using Tanium Data.

Pre-Reqs: None

IntermediateComply, Patch, Tanium Reporting Service
Weaving Endpoint Data Into Reporting Gold with API Gateway

Tanium Data Service and Tanium Reporting are two powerful tools in Tanium, but users and developers need the right tool to weave that raw data into reporting gold.

Using API Gateway as the needle, you can pull from TDS data spools and spin the thread into meaningful patterns in Reporting. Tanium's API Gateway can cover the whole end-to-end tasks for automating data operations.

In this session, attendees will learn how to use a number of tools to create a customized report and then get that data out of Tanium and into your other tools (in multiple ways).

Pre-Reqs: Basic knowledge of Tanium and its capabilities; Python or scripting knowledge will be helpful, but not required

IntermediateAPI Gateway, Connect, Tanium Reporting Service