IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.
Release Notes Comply (Version 1.3.1)
Tanium Comply 1.3.1
Release Date: August 1, 2017
New Features
- Vulnerability reports can now be created against a customized set of CVEs. Vulnerabilities can be specified by CVE ID, year, and severity.
- Legacy vulnerability sources can be upgraded by running through the new processor. They can then harness the same capabilities and filtering as available to the Tanium libraries.
- The Tanium Vulnerability Library is now included in Comply by default. These libraries will be downloaded and processed automatically the first time the Comply service is started if the Tanium Module Server access to content.tanium.com.
- Added the ability to view, search, and export the list of CVEs contained within a vulnerability source.
- Added a listing of the CVEs that a vulnerability report has covered.
- Reports can now be re-run when results have reached a user-specified age threshold. This prevents reports from running too frequently and keeps report results up to date within a specified time threshold.
- Added the ability to specify a process execution priority for reports. Reports can now be run with normal or low execution priority. This will prevent scans from consuming too much processor time on sensitive endpoints.
- Added improved visualization for report results. Aggregate report result data is now presented as a horizontal stacked bar: pass/fail for compliance, low/medium/high severity for vulnerability.
Other Enhancements
- Vulnerability sources can now be updated automatically on a schedule. This feature updates the vulnerability source data, it will not automatically assign this data to existing vulnerability reports.
- Added the ability to upload a vulnerability source XML file. The ability to specify a local file path for a vulnerability source has been removed in lieu of this feature.
- Upgraded TaniumExecWrapper to version 3. This version provides improved performance, stability, and a variety of bug fixes.
- Added the display of CCE/CCI information and severity on compliance report results.
- Added the ability to select all rules on the custom profile creation page.
For more information on which versions of CIS-CAT, jOval, and SCC are supported, see Comply Supported Engines.
Bug Fixes
- Fixed an issue where exporting reports in rapid succession would result in overwritten files.
- Hid the XCCDF ID for custom profiles. It was confusing and served no useful purpose to users.
- Fixed an issue where "NaN" would be displayed for average found results for a compliance scan.
- Fixed an issue where a "duplicate bundle" error would be displayed when trying to create reports that are similar to one another.
- Removed the duplicate report check. Duplicated reports are now allowed in Comply. Each report will be assigned a unique hash value.
- Fixed an issue where report export could fail if the Question takes too long to reach completion threshold.
- Fixed an issue where a report export with a single row of result data would fail.
- Fixed an issue where report export filename did not match the title of the report export.
- Fixed an issue when modifying custom values where the previously specified custom rule title was not populated in the dialog.
- Fixed an issue where custom profile rule titles were not being displayed on report results.
- Fixed an issue where the benchmark list page was very slow to load.
- Fixed an issue where custom check severity was not being reported.
Known Issues
- Tanium Comply does not support any benchmarks that require authentication.
- Endpoint computers with less than 2GB of installed RAM may not have enough free memory to run the CIS-CAT engine when evaluating CIS checklists.