In this 90-minute hands-on lab, you’ll work a browser-extension risk scenario end-to-end across Tanium Guardian, Tanium Atlas, and Tanium Threat Response — starting from a fleet-wide inventory of browser extensions (including the AI-related extensions, local LLMs, and MCP servers that Guardian Spotlight: AI Tools surfaces) and following the trail through real-world threat patterns observed by Tanium Security Research. You’ll use Guardian’s expert-curated insights to prioritize risky, unwanted, or AI-capable extensions by permissions, provenance, and behavior, pivot through Atlas as your investigation hub to reason across the data and bring Threat Response telemetry alongside to confirm what is actually executing on the endpoint. You’ll close the loop with remediation actions through Tanium Enforce — blocking and removing the offending extensions — and package the work into a repeatable investigation-and-governance workflow you can run continuously to manage extension and AI attack surface over time.

Pre-Req(s): Prior exposure to Tanium concepts is helpful but not required, Interest in shadow AI, browser-extension risk, and proactive governance workflows

Additional details