We’re taking another step forward in our mission to help you achieve continuous security and compliance by giving you the ability to have a first-class integration for managing endpoints. 

We are hearing it loud and clear from our regulated workload customers that they run into an issue when evaluating their security and compliance posture. They are using multiple products that each provide their own value — but none of them integrate with each other. Or worse, they communicate in different formats, which necessitates an often manual mapping process. 

For these customers, we’re excited to introduce an integration between the IBM Cloud Security and Compliance Center and Tanium Comply. Now, customers with regulated workloads can deepen their experience by having the ability to view the compliance evaluation results from Tanium from inside the Security and Compliance Center. This is just the first of many steps toward integrating best-of-breed third-parties into the IBM Cloud experience and their integration with the Security and Compliance Center.

Why integrate?

With Tanium Comply, you can extend your organization’s endpoint management capabilities. For example, you can scan for potential vulnerabilities and misconfigurations against industry security standards and vulnerability definitions. When you integrate Tanium Comply with the Security and Compliance Center, you can view all of your IBM Cloud compliance data as well as the Tanium compliance data in one location in the same format. This integration is designed for current or future Tanium customers interested in how easily IBM Cloud can onboard and work with regulated workloads, such as IBM Cloud for Financial Services.

How does it work?

Here is an overview of integration steps to get data flowing from Tanium to the Security and Compliance Center for regulated workload use cases:

  1. By using the Security and Compliance Center, you register your Tanium integration as an instance.
  2. Configure your Tanium instance to send your endpoint management check results by creating a connection.
  3. Associate your Tanium connection with the Security and Compliance Center by defining a scope.
  4. In the background, a secure connection is made between the two services.
  5. On the schedule defined in your connection, Tanium pushes endpoint management checks to the Security and Compliance Center.
  6. The Security and Compliance Center receives and converts the data to match the open source OSCAL format before displaying it in the the UI.
  7. To view your results, go to the scope details page of your Tanium scope in the Security and Compliance Center.

How do I get started?

New to the Security and Compliance Center? Try walking through our step-by-step tutorial to set up posture monitoring. If you’re already using the Security and Compliance Center to monitor your current posture, verify that you have the required permissions, and then get started by registering your Tanium integration. For help walking through what is needed in detail, see the Integrating Tanium documentation.

Have questions or feedback?  

Excellent! We’d love to hear from you. To send feedback, you can open a GitHub issue from a link at the top of any page in the documentation, open a support ticket or reach out directly through email. 

If you’ve made it this far and have more questions about the Security and Compliance Center or Tanium Comply, we’ve got you! Check out our introductory blog on the Security and Compliance Center or take a look at Tanium’s main website for their Comply component.


More from Announcements

Introducing IBM Sterling Order Management on Microsoft Azure

4 min read - IBM and Microsoft believe in providing you with the power of choice so you can leverage the industry-leading omnichannel fulfillment capabilities of Sterling Order Management Software (OMS) along with your existing skills and investment in native Azure services.  IBM and Microsoft provide you with the ability to confidently deploy Sterling OMS on Azure using Azure Red Hat OpenShift (ARO) or Azure Kubernetes Service (AKS), with the added flexibility of using multiple native Azure services. The reference architecture details are available…

IBM TechXchange underscores the importance of AI skilling and partner innovation

3 min read - Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange, IBM's premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, resellers, software vendors, distributors and service…

Introducing Inspiring Voices, a podcast exploring the impactful journeys of great leaders

< 1 min read - Learning about other people's careers, life challenges, and successes is a true source of inspiration that can impact our own ambitions as well as life and business choices in great ways. Brought to you by the Executive Search and Integration team at IBM, the Inspiring Voices podcast will showcase great leaders, taking you inside their personal stories about life, career choices and how to make an impact. In this first episode, host David Jones, Executive Search Lead at IBM, brings…

IBM watsonx Assistant and NICE CXone combine capabilities for a new chapter in CCaaS

5 min read - In an age of instant everything, ensuring a positive customer experience has become a top priority for enterprises. When one third of customers (32%) say they will walk away from a brand they love after just one bad experience (source: PWC), organizations are now applying massive investments to this experience, particularly with their live agents and contact centers.  For many enterprises, that investment includes modernizing their call centers by moving to cloud-based Contact Center as a Service (CCaaS) platforms. CCaaS solutions…