<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

What is Tanium Reveal and How Does it Work?

tanium reveal

Enterprises of all scales and industries produce and manage sensitive data for both internal use and to share with vendors and customers. Tracking, storing and protecting sensitive data against exposure is a matter of corporate ethics and regulatory compliance as data protection regulations become stricter.

Identifying each piece of sensitive data flowing within a complex IT network and then categorizing and handling data properly is a challenge at scale.

TaniumTanium Reveal identifies sensitive data across all endpoints within large computing ecosystems.

Tanium Reveal enables data management and IT administration teams to define patterns for sensitive data, which catalogs sensitive information as it is created or stored on any endpoints.

By adopting a concept like this, organizations take a step beyond the simple definition of what kinds of documents represent sensitive data. In turn, they create patterns that effectively identify sensitive data. Once Tanium Reveal finds such sensitive data, it categorizes it, notifies them about its existence, generates alerts about it and enables them to take direct action.

 

System Requirements to Run Tanium Reveal

Tanium Reveal is a software module that operates on Tanium Server and supports endpoints running on Windows, macOS and Linux operating systems.

Endpoints need up to 2GB of free space to install Tanium Reveal and one of the following operating systems:

  • Windows Server 2019*, Windows Server 2016*, Windows Server 2012, 2012 R2 (* No support for Nano Server).
  • Windows 7, Windows 8, Windows 10
  • macOS 10.15 Catalina, macOS 10.14 Mojave, macOS 10.13 High Sierra, macOS 10.12 Sierra, OS X 10.11 El Capitan, OS X 10.10 Yosemite, OS X 10.9 Mavericks, OS X 10.8 Mountain Lion
  • Amazon Linux 2 LTS (2017.12), Debian 9.x, 8.x. Oracle Enterprise Linux 7.x, 6.x, 5.x, Red Hat Enterprise Linux (RHEL) 8.x, 7.x, 6.x, 5.x, CentOS 7.x, 6.x, 5.x, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS

For Tanium Reveal to operate uninterrupted on systems for which security software is in use, in order to block unknown system host processes, organizations need to create exclusion rules enabling Tanium to run.

 

How Tanium Reveal Protects Sensitive Data

Privacy regulations such as the Payment Card Industry Data Security Standard (PCI), the Health Insurance Portability and Accountability Act (HIPAA) and the more recent General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) all specify strict rules for handling sensitive and personally identifiable data.

Additionally, many companies must identify, categorize and manage sensitive project data they create and use internally across their organization. Achieve regulatory compliance and deal with information security or data privacy issues by detecting sensitive unstructured data at rest on all monitored endpoints.

With Tanium Reveal, teams create rules and rule sets to find data that is matching a pattern and then they can either label the file, perform further analysis or take a specific action.

Identify, manage and control sensitive data across and IT environment by:

  • Rules: Create one or more rules to inspect information contained in the files on each endpoint. The rule specifies patterns to look for in a file and if a pattern match is discovered, it triggers a specific action such as applying a label to the document or alerts to the existence of text documents matching the pattern.
    For instance, security teams can create patterns searching for personally identifiable information like credit card numbers, social security numbers or email addresses.
  • Rule Sets: Create rule sets that combine rules aimed at detecting content governed by a specific data privacy and security standard. Organizations can also create rule sets that target specific groups of endpoints on which such sensitive data may reside.
    Tanium Reveal covers the following rule sets that help comply with major data privacy standards:
    • PCI compliance is required for any organization that is accepting, processing, storing and transmitting credit card information. The PCI standard is applicable across virtually any industry.
    • Rule sets for HIPAA, which is a standard for protecting health data of patients across the healthcare industry.
    • GDPR is the new data privacy regulation of the European Union, which imposes very strict rules on how companies collect and handle sensitive personal data.
    • Compliance with CCPA is required to conduct business in California but a growing number of states in the USA are adopting or plan to adopt similar data privacy laws.
  • Patterns: Tanium Reveal enables you to create patterns that find specific expressions contained within a variety of document file formats that contain text and/or numbers.
    Use patterns to identify sensitive information such as credit card numbers within unstructured data that resides in word processing documents, text files, spreadsheets or PDF documents, all of which represent the most common document file types flowing within an organization. Patterns are integral part of any rule, which can be assigned to a rule set.

By using patterns, rules and rule sets, businesses can effectively locate and categorize documents containing sensitive data on any of your endpoints or on a specific group of machines.

Advanced Tanium Reveal Features to Deal with Sensitive Data

After creating rules and rule sets that use specific patterns, organizations often face further challenges pertaining to the changing nature of regulations and the flexible requirements toward keeping sensitive data from leaving their computer systems.

Rules and rule sets are proactively looking for sensitive data, but they are looking for specific custom yet fixed patterns.

What if you need to evaluate your documents for compliance with an upcoming regulation or for the existence of confidential information that is subject to an internal standard?

With Tanium Reveal, address such use-case scenarios by searching for pieces of sensitive data across your entire IT ecosystem. Searches are performed in real-time while the Quick Search option automatically scans all endpoints within a specified computer group. The search query returns a list of exact matches in accordance with a free-text search string and parameters teams define.

Organizations will be alerted of the existence of potentially noncompliant data across their network and also find any document containing pieces of data they deem to be sensitive. For instance, a company can locate and evaluate the content of documents pertaining to a particular project, which is business-critical and hence the documents should be labeled as ‘confidential’.

Conclusion

Organizations experience growing difficulties with identifying, categorizing, tracking and handling the large amount of sensitive data they collect, create and share. Meeting regulatory requirements in the field of data privacy and data protection as well as maintaining continuous compliance is increasingly challenging while being mandatory for organizations.

Tools like Tanium Reveal help growing companies detect personally identifiable information, financial information and sensitive project information in a wide variety of document formats. By tracking the movement and changes in ownership, permissions and classification status of a file across endpoints, companies get a complete picture about the flow of sensitive data within their organization and can effectively comply with data protection standards in force.


If you are considering implementing Tanium Reveal or interested in compliance endpoint software, contact us today.

Topics from this Article

Tanium, Endpoint Detection and Response, Compliance, HIPAA, CCPA, PCI DSS

Datashield
Datashield
Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

Top 5 Most Popular Cybersecurity Certifications

The cybersecurity analyst has become the third most valuable job description in the technology industry. The increasing security incidents to IT infrastructure, the demand for accountability from end-users, and the financial cost of successful breaches are significant reasons enterprises and startups are taking cybersecurity seriously. Ambitious professionals who choose a career in IT security are reaping the benefits of securing operating systems and deployed IT infrastructure.

What is Ransomware?

Ransomware is a form of malware cybercriminals use to encrypt data stored in computers or online servers. Cybercriminals demand payment to release the encryption key blocking the user from accessing the encrypted data. Payment is typically made through diverse mediums, including digital currency like Bitcoin. Once payment has been made, the victim is generally provided with instructions on decrypting their data.

Datashield Announces Partnership with Bishop Fox

Two cybersecurity powerhouses partner to provide defensive and offensive security services to boost enterprise companies’ security posture. Scottsdale, Ariz.— Datashield, a Scottsdale-based cybersecurity company, recently inked its partnership with offensive security services firm Bishop Fox. Both companies are based in Arizona and provide outsourced cybersecurity services to top Fortune 500 companies.