Enriching Tanium Comply with Asset Inventory Data using Extract, Transform, and Load (ETL) Pipelines to Enhance Detection Visibility within Elasticsearch

Native Tanium Asset sensors lacked the capability to gather metadata from AWS EC2 and Oracle Cloud Infrastructure (OCI) compute instances. The primary challenge was building a dataflow which accurately enriched Tanium Comply scan information with compute instance metadata across disparate cloud architectures to drive remediation activities and provide visibility of detection metrics and solutions to system owners. Join this session to learn how Oracle used Tanium Comply and Connect to construct an accurate inventory index in Elasticsearch with the ability to build dashboards for analytics, metrics, remediation burndown visualization, and reporting functionality across all segmented organizational stakeholders.

Runtime: 25min

Speakers:

Tobias Voegele - Oracle Data Cloud (ODC)

Additional Details:

Session Type: 

Products & Solutions: Comply, Connect, Interact

Difficulty: Beginner, Beginner-Intermediate, Intermediate, Intermediate-Advanced, Advanced

Focus: Security, Administrator, Operations, Risk