IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.

Release Notes SBOM (Version 1.1)

From Tanium Knowledge Base
Jump to navigation Jump to search

Product Documentation and Resources

Supported OS's and Binaries

Supported OS’s

  • MacOS x86_64 and arm64
  • Linux x86_64 and aarch64
  • Windows x86_64

Supported Binaries

  • Java (JAR,PAR,SAR,WAR,EAR,JHI,JPI,LPKG)
  • JavaScript (Node, NPM)
  • Python
  • PHP (Compose)
  • Ruby (GEM)
  • Go Binaries
  • OpenSSL Shared Libraries

Tanium SBOM 1.1.100

Release Date: November 1, 2022

Improvements

  • Added the ability to search for information about OpenSSL libs.
    • New Saved Questions.
    • New Interact Dashboard.
    • Updated Gather SBOM Data to allow a choice for OpenSSL.
  • Added details to the Interact Dashboard called SBOM Reports that uses saved questions to display latest gathered details for specific vulnerabilities.

Issues Resolved

  • Fixed an issue where One-Drive files were being indexed and shouldn't.
  • Fixed issues where SBOM Results Age sensor showing wrong values.
    • When the SBOM gather is in progress, value would show as 99999, it will now show correct values if the gather is running.
    • Linux endpoints would not display the correct value at all.

New Supported Binaries

  • OpenSSL Shared Libraries

Required Module

  • Asset 1.19.161

New Packages

  • Store SBOM Support Data

New Saved Questions

  • SBOM Report: apache-commons-text
  • SBOM Report: openssl

New Dashboards

  • SBOM Reports

Tanium SBOM 1.1.88

Release Date: October 26, 2022

Information

SBOM = Software Bill of Materials. It is the ability to gather details against installed software packages in items like JAR files, JSON, GO, etc... The SBOM is a lot like an ingredients list on the back of a food package, listing out all of the different items that make up the software package you installed.

The initial use case with this version is to be able to identify all the associated libraries, versions, and ecosystems as they related to software binaries before there is an issue. We can determine where log4j exists in your fleet. As an example, is it in use on an endpoint, and if so, create reports based upon that data and provide it to the appropriate teams. When the next issue arises, a quick review of all the SBOM details will allow a customer to hunt for these issues without having to wait the 3 days to a week for the off the shelf software to say they use that library.

Supported OS’s

  • MacOS x86_64 and arm64
  • Linux x86_64 and aarch64
  • Windows x86_64

Supported Binaries

  • Java (JAR,PAR,SAR,WAR,EAR,JHI,JPI,LPKG)
  • JavaScript (Node, NPM)
  • Python
  • PHP (Compose)
  • Ruby (GEM)
  • GoLang-Binaries

Required Module

  • Asset 1.19.158

Sensors

  • SBOM Deployment Details
  • SBOM Has Results
  • SBOM Discovered Packages
  • SBOM Discovered Package Filtered By
  • SBOM Discovered Package Information Filtered By
  • SBOM Discovered Package Information For CPE
  • SBOM Discovered Package Information For Name
  • SBOM Discovered Package Stats
  • SBOM Results Age

Packages

  • Clear SBOM Cache
  • Distribute SBOM Tools
  • Distribute SBOM Tools - Linux
  • Distribute SBOM Tools - MacOS
  • Distribute SBOM Tools - Windows
  • Gather SBOM Data
  • TEMPLATE - Upload SBOM Data
  • TEMPLATE - Upload SBOM Support Data
  • Uninstall SBOM

Saved Questions

  • SBOM Deployment Details
  • SBOM Report: log4j-core
  • SBOM Report: spring-beans
  • SBOM Report: struts
  • SBOM Results Hours Old
  • SBOM Tools Deployment Required

Dashboards

  • SBOM Reports
  • SBOM Status