IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.

Release Notes Threat Response (Version 2.1)

From Tanium Knowledge Base
Jump to navigation Jump to search

Important Notes

The releases of Tanium Threat Response 2.0, Integrity Monitor 2.0, and Map 2.0 all include a significant update to the Client Recorder Extension. This upgrade does not require that all three products be updated at the same time, but when more than one impacted product is deployed to an endpoint, conditional logic is applied to determine whether to upgrade the recorder component from 1.x to 2.0 versions. Please consult your Technical Account Manager to better understand how to best plan for your deployments if you have more than one impacted product installed.

The Threat Response module combines the functionality of the Detect and Trace modules and the Index and Incident Response content.

Migration from existing installations of the aforementioned modules is possible in the Threat Response module.

The migration process includes significant changes to the content and distribution of tools and configurations that are sent to connected endpoints.

Tanium strongly recommends contacting your Technical Account Manager prior to performing the migration.

7.4 clients are not supported on versions of Threat Response versions earlier than 2.1.0.

Threat Response 2.1.0.0241

Release Date: 2020-02-06

Enhancements

  • Added a feature that loads the appropriate areas of the Threat Response workbench that correspond with the terms of the license that is used when the workbench starts.
  • Added a feature that shows the context of a signals match in the advanced details of an alert.
  • Added the option of collecting files with Live Response in one directory where the filename includes the original path, but does not retain the folder structure.
  • Added a feature that enables users to create a remediation policy in Tanium Protect, and specify conditions to enforce that policy from an alert.
  • This release adds support for the 7.4 version of the Tanium Client, including updates to the python runtime version and supporting libraries.

Known Issues

  • Windows Tanium 6.0.314.1540 clients have been shown to perform poorly with Threat Response sensors, and should be upgraded to the latest 7.2 Tanium Clients
  • If a start_time is specified for an action, two rows in the action table are created. If a start_time is not specified, then only one row is created for the action. This will be addressed in a future version of Threat Response.
  • A known issue exists with uploading snapshots using version 11 of the Internet Explorer web browser. This will be addressed in a future version of Threat Response.
  • When a Download File response action is initiated from an Alert, Threat Response issues the "Trace - Start Session*" action every 6 minutes to ensure that the file is downloaded the system comes back online. This happens until the file completes the intended download. If it doesn't finish the download, it keeps issuing the actions to attempt to complete the download. This will be addressed in a future version of Threat Response.

Additional Information

Product Documentation and Resources