IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.

Tanium Cloud Release Notes Comply

From Tanium Knowledge Base
Jump to navigation Jump to search

Important Notes

  • For the best experience, please use a recent version of Google Chrome, Microsoft Edge, or Mozilla Firefox to access the Tanium Console.

Tanium Cloud Release Started Date: June 18, 2026

Fixes

Fixed issues:

  • Fixed an issue where the Vulnerability Status sensor failed to update correctly in environments where Comply has been inactive for an extended period.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: June 15, 2026

Fixes

Fixed issues:

  • Fixed an input validation issue in the POST /v1/vulnerability/cves API route that could cause oversized responses.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: June 10, 2026

Fixes

Fixed issues:

  • Updates to internal dependencies.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: June 8, 2026

Enhancements

  • Added support for SUSE Linux Enterprise Server 16 vulnerability assessments.
  • Added support for Ubuntu 26.04 LTS vulnerability assessments.
  • Added support for Debian 13 vulnerability assessments.
  • Added an ability to edit the selection of custom checks in an existing Compliance assessment.
  • Added the ability to edit custom check scripts directly in the Comply workbench.
  • Updated the Tanium Scan Engine, delivered via Endpoint Change Management

Fixes

Fixed issues:

  • Fixed an issue where deleting a Computer Group caused the Exceptions page to break and removed the ability to remove that Computer Group from exceptions.
  • Fixed an issue where downloading multiple assessment exports returned a 500 error when one of the selected exports was in SBOM format.
  • Fixed an issue where the Comply Trends page displayed an error due to a deprecated sensor being referenced.
  • Fixed an issue where time-based settings in Comply audit configuration were always displayed in seconds instead of the appropriate unit.
  • Fixed an issue where compliance findings investigations with multi-line results displayed %0a characters instead of line breaks.
  • Removed CVE year filters from Tanium-managed reports in Comply to simplify report configuration.
  • Removed the Confidence Score column from the Software Packages view in Comply.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: May 20, 2026

Fixes

Fixed issues:

  • Updates to internal dependencies.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: May 12, 2026

Fixes

Fixed issues:

  • Updates to internal dependencies.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: May 7, 2026

Fixes

Fixed issues:

  • Improved Findings page performance when switching between the Compliance and Vulnerability tabs.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: April 29, 2026

Enhancements

  • Added a maximum endpoint limit of 5,000 for investigations. Users will receive an error message when the limit is exceeded.
  • Added a Confidence Score tooltip to the Software Remediation grid and side panel.
  • Updated the default batch size for common module initialization vulnerability assessments to 2,000.
  • Updated Comply to batch overnight configuration item updates, reducing unnecessary manifest changes and excess data egress on endpoints.
  • Added the Current Compliance Exposures as a managed report in Tanium Reports.
  • Added a disclaimer to archived CIS Benchmarks indicating they are no longer published or supported by the Center for Internet Security (CIS).
  • Updated the CVSS Severity by EPSS Percentile Range chart on the Overview page to hide the 'None' severity category when all values are zero.
  • Updated the Tanium Managed Risk and Compliance dashboard with an improved Exposure Management view.
  • Updated the Tanium Managed Exploitability Dashboard with corrected EPSS chart colors and added a new panel for Ransomware and Botnet Vulnerabilities.

Fixes

Fixed issues:

  • Fixed an issue where the CISA KEV Reporting Dashboard was not accessible to users with out-of-the-box Comply roles.
  • Fixed an issue where importing new CIS benchmarks fails due to addition of unexpected file extensions.
  • Fixed an issue where the Comply - Configuration Settings sensor failed to return results when a custom setting Description field contained a line break character.
  • Fixed an issue where vulnerability findings could display without severity data.
  • Fixed an issue where the Comply workbench continued to request investigation results after an investigation had failed.
  • Fixed issues where custom vulnerability source processing could fail due to a corrupt database persisting after a failed rebuild or an invalid file size calculation.
  • Fixed an issue where Audit History exports were incorrectly persisted in the Comply Exports page after download, causing them to accumulate over time.
  • Fixed an issue where Comply did not automatically create a default compliance assessment for Red Hat Enterprise Linux 10 endpoints.
  • Fixed an issue where Remote Authenticated Scan (RAS) assessments could fail to create due to a stale targeting filter group.
  • Fixed an issue with RBAC permissions not properly allowing users to trigger pivot actions from Comply to Deploy under Remediation Visibility > Software Updates.
  • Fixed an issue where only one patch definition was displayed for CVEs with multiple patch definitions.
  • Fixed an issue where the Software Packages side panel displayed an error for users without Deploy read permissions instead of showing available package information.
  • Fixed an issue where the CVSS Severity by EPSS Percentile Range chart on the Overview page did not include Remote Authenticated Scan (RAS) findings, causing counts to differ from the Findings page.
  • Fixed an issue where Comply navigation menu items were not translated after opening the Comply Overview page.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.


Tanium Cloud Release Started Date: April 2, 2026

Fixes

Fixed issues:

  • Fixed an issue where user roles with Comply Report write privilege cannot create an assessment.
  • Updated guidance notification in Tanium Guide to account for multiple published certified benchmarks.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: March 30, 2026

Fixes

Fixed issues:

  • Fixed an issue where the Comply service restarts if several Connect findings plugins run at the same time after a vulnerability data update.
  • Fixed an issue loading the Tanium Scan Engine license in Endpoint Configuration.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Multiple concurrent Connect connections using the Comply (Findings) source may cause the Comply service to restart.

Tanium Cloud Release Started Date: March 24, 2026

Fixes

Fixed issues:

  • Fixed an issue where scans for newly created compliance assessments may fail on endpoints running in Low Resource Mode.
  • Fixed an issue with RBAC permissions not properly allowing users to trigger pivot actions from Comply to Deploy under Remediation Visibility > Software Updates.
  • Fixed an issue where only one patch definition was displayed for CVEs with multiple patch definitions.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Multiple concurrent Connect connections using the Comply (Findings) source may cause the Comply service to restart.

Tanium Cloud Release Started Date: March 13, 2026

Enhancements

  • Added a new Software Packages tab within the Comply Remediations page for deeper integrated workflows with the Tanium Deploy module. For more information, please refer to the Tanium User Guide.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Compliance scans for newly released compliance benchmarks may fail on endpoints running in Low Resource Mode.

Tanium Cloud Release Started Date: March 10, 2026

Fixes

Fixed issues:

  • Updates to internal dependencies.

Deprecated Items

  • Remote Authenticated Assessments (RAS) will no longer be supported for Windows, Linux, MacOS, AIX, and Solaris devices in a future release of Comply. Customers currently using RAS to scan endpoints running these operating systems should move to client-based assessments.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: February 25, 2026

Enhancements

  • Updated the Comply Overview page with new vulnerability and compliance charts.
  • Added Ransomware Count, Botnet Count, and Exploit Type as new columns to Comply vulnerability findings data grids.
  • Added a guidance notification in Tanium Guide when new compliance benchmarks are added as a certified benchmark.
  • Added CISA KEV as additional criteria when configuring vulnerability content for a vulnerability assessment.  
  • Added audit history for assessments providing visibility into changes and updates to Comply assessments.  

Fixes

Fixed issues:

  • Fixed an issue where running a one-time deploy action on an assessment overwrites the configured Start On time.
  • Fixed an issue where enforcing Case Sensitivity setting within Additional Filter Criteria is not honored when creating or updating an exception.
  • Fixed an issue where importing new CIS benchmarks fails due to addition of unexpected file extensions.
  • Fixed an issue where updating the scan timeout setting in an assessment does not apply to the ECF configuration item.
  • Fixed an issue where exporting vulnerability assessment reports in HTML format returns blank output.
  • Fixed an issue where editing an existing custom setting and enabling Low Resource Mode (when previously disabled) sets the wrong default value for CPU utilization percentage.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.

Tanium Cloud Release Started Date: February 6, 2026

Enhancements

  • The Tanium Scan Engine is now delivered through Endpoint Change Management, aligning the Scan Engine with Tanium’s standardized toolset release process. Please see the Tanium Comply User Guide for more details.
Important Notes
  • Custom JREs will now always take precedence over Tanium-delivered JREs. Customers using custom JREs should review their targeting configurations and, if necessary, narrow them down to apply to only appropriate endpoints.
  • With this release, the ECM toolset will automatically target the 6.4 scan engine to legacy operating systems. All other operating systems will receive the 6.5 scan engine. This behavior is fixed in the ECM toolset and cannot be modified.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  

Tanium Cloud Release Started Date: January 21, 2026

Enhancements

  • Added localization support to Tanium Comply.

Fixes

Fixed issues:

  • Improvements to address connect export timeouts.
  • Fixed an issue with the Tanium Comply Managed Exploitability Dashboard displaying incorrect percentile data within the stacked bar chart.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  

Tanium Cloud Release Started Date: January 8, 2026

Fixes

Fixed issues:

  • Updates to the Tanium provided JRE. Users will receive a prompt in the Comply workbench to accept the engine update. For more information, please refer to the Tanium User Guide.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  

Tanium Cloud Release Started Date: December 15, 2025

Fixes

Fixed issues:

  • Fixed an issue where creating a Network Unauthenticated assessment would fail with a 500 error.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.

Tanium Cloud Release Started Date: November 19, 2025

Enhancements

This release includes:

  • Added support for OT vulnerability scanning.
  • Added CVE filter by Affected Platform and Affected Product in Comply Standards > Vulnerability.
  • Added Endpoint Criticality column to Comply vulnerability findings.
  • Updated Comply > Configuration Setup to improve page organization for Engines and JREs.
  • Added new Tanium Managed dashboard for NIST CSF 2.0.
  • Updated filters on the CISA KEV Vulnerabilities Tanium Managed Report.
  • Added Exploitability Dashboard as a Tanium Managed dashboard.
  • Added a count of endpoints running an Assessment to the Assessment flyout to indicate how many machines are currently performing a scan for that assessment.
  • Updated MITRE links to point to cve.org.

Fixes

Fixed issues:

  • Fixed an issue where expired exceptions could not be edited.
  • Updated CVE scoring details for vulnerability investigation results.
  • Fixed an issue where deleting an item from Filter Criteria in an exception may remove the wrong item.
  • Fixed an issue where exporting a findings investigation only returns 100 rows.
  • Fixed an issue with incorrect urls for MITRE ATT&CK sub-techniques.
  • Fixed an issue where the “Created By” field for Assessments was incorrectly showing an unknown User ID.
  • Improved error message to clarify when a benchmark import fails due to improperly formatted SCE scripts.
  • Fixed an issue where a lock icon may inconsistently appear for the Comply > Remediations link from the main menu.
  • Fixed an issue where the “Created By” and “Last Modified By” fields for Assessments were incorrectly showing as “Unknown.”

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  
  • Connect exports may return no results for RAS findings. There is no workaround for Connect exports that include RAS compliance findings. For Connect exports with RAS vulnerability findings, the workaround is to ensure the Endpoint Criticality column is not included in the Connect export configuration.

Tanium Cloud Release Started Date: October 13, 2025

Enhancements

This release includes:

  • Added support for macOS 26 vulnerability assessments.

Fixes

Fixed issues:

  • Fixed an issue where updating the TVL from an update notification incorrectly triggers a ‘Failed to load TVL Information’ error message.
  • Improvements to overall module performance.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  
  • Connect exports may return no results for RAS findings. There is no workaround for Connect exports that include RAS compliance findings. For Connect exports with RAS vulnerability findings, the workaround is to ensure the Endpoint Criticality column is not included in the Connect export configuration.

Tanium Cloud Release Started Date: September 11, 2025

Fixes

Fixed issues:

  • Fixed an issue where the Comply workbench becomes unresponsive when errors occur during custom engine or JRE upload.  

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  

Tanium Cloud Release Started Date: September 10, 2025

Fixes

Fixed issues:

  • Fixed an issue where assessment creation would fail due to long query times.
  • Fixed an issue in the Remediations page where selecting a Patch in the Patch flyout opens multiple tabs.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  

Tanium Cloud Release Started Date: August 28, 2025

Fixes

Fixed issues:

  • Fixed an issue where the Container Images tab in Vulnerability Findings may incorrectly display findings from managed endpoints. 

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Exceptions created using parameterized sensors may fail to save or operate correctly.
  • Exporting vulnerability assessment reports in HTML format may return blank output.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  


Tanium Cloud Release Started Date: August 21, 2025

Security Update

Enhancements

This release includes:

  • Added exploit intelligence enrichment columns to Comply vulnerability findings, including EPSS Score, EPSS Percentile, CVSS v4.0 Base Score, CVSS v4.0 Threat Score, CVSS v3.1 Temporal Score, MITRE ATT&CK mapping, CWE mapping, Max Maturity, Alias. For more information, please refer to the Tanium User Guide.
  • Added First Found, Last Found, and Absolute First Found columns to the Findings > Vulnerability > All Findings view in the Comply workbench.
  • Added First Found and Last Scan Date columns to the Findings > Compliance > All Findings view in the Comply workbench.
  • Added support for recurring stale assessment deletions, enabling automatic retries on a schedule.
  • Added default assessments for Ubuntu 22 and Ubuntu 24 during module initialization.
  • Added default compliance assessments for Windows Server 2025 during module initialization.
  • Added support for RedHat 10 vulnerability assessments.
  • Fixed an issue with API documentation links temporarily unavailable during migration. Comply API documentation is now available at [1]

Fixes

Fixed issues:

  • Fixed an issue with Filter Group selection in Comply > Findings including unmanaged findings. When a standard Filter Group is selected, the Unmanaged Endpoints filter will now automatically switch to "Managed Only".
  • Fixed an issue where custom checks and advanced settings were not visible in the side panel when viewing Compliance Assessments.
  • Moved API documentation for Comply to developer.tanium.com. Contact Tanium Support if assistance is needed to access this site.
  • Fixed an issue where updates to the CIS-CAT engine cannot be installed or targeted.
  • Fixes an issue where exporting a report from All Findings tabs that was sorted on a hidden column result in error with a status code of 400.
  • Fixed an issue where clicking on bar chart segment under Remediations sets incorrect filters when drilling down into Actionable Findings.
  • Fixed an issue where findings for compliance assessments appear blank when there are a significantly large number of rows.
  • Fixed an issue where the flyout panel within the Standards > CVE Lists page may cause an error.
  • Fixed an issue where selecting patches to add to an existing patch list while using a text search filter could result in incorrect patches being added.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error. Filtering to reduce the number of endpoints before running the investigation may improve results.  
  • The Container Images tab in Vulnerability Findings may incorrectly display findings from managed endpoints. To view only relevant container image findings, apply the "Unmanaged" option to the Endpoint Type filter.

Tanium Cloud Release Started Date: July 28, 2025

Fixes

Fixed issues with:

  • Performance improvement detecting changes to Assessment feeds.
  • API documentation now available on developer.tanium.com.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • Custom checks and advanced settings are not visible in the side panel when viewing Compliance Assessments.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.

Tanium Cloud Release Started Date: July 17, 2025

Enhancements

This release includes:

  • Added support for RedHat 10 vulnerability assessments.* Added visibility into whether a Patch is included in a Patch Block List under Comply > Remediations.
  • Added a Patch UID filter to Comply > Remediations.
  • Updated menu layout, descriptions, and visual presentation of the Comply module settings page.
  • Added findings with scheduled patches to Comply Remediations, along with a new filter to view findings with scheduled, unscheduled, or all patches.
  • Added a message to indicate a delay in updating Applicable Endpoints in Patch after adding a Patch to a Patch List within Comply > Remediations.
  • Added automatic creation of system default Vulnerability and Compliance Assessments during the first 14 days of Comply module initialization for new Tanium installations. See Tanium Comply User Guide for more information.

Fixes

Fixed issues with:

  • Unexpected errors when downloading Test Details to CSV during Findings investigation.
  • Expired exceptions that were still incorrectly marked as active.
  • References to private Comply REST API routes that were incorrectly included in API workbench documentation. Visit the Tanium Developer Community for more information.
  • Findings > Vulnerability > Remediate in Patch action does not account for the operating system of the finding.
  • Queued assessment deployments occasionally failing if the user session has expired.
  • Assessment ID sorting.
  • The Top Patches chart under Remediations incorrectly aggregating findings with the same Patch Title but different Patch UIDs.
  • Export for findings investigation associated with multiple endpoints.
  • Cloned Compliance Assessments retained Custom ID Mappings without an ability to remove them.
  • Applicable Patches section in the Findings > Check ID side panel not appearing even when there are applicable patches available.
  • Comply compliance workbench incorrectly permitting editing a custom profile’s benchmark.
  • Remediate in Patch action under Findings > Vulnerability > Check ID becomes active even when there are no applicable patches available for associated findings.
  • Drilling down on the bar chart segment under Remediations sets incorrect filters when drilling down into Actionable Findings.
  • Drilling down on the "Not Scanned" bar in the Compliance Exposures chart includes unfiltered results.
  • Comply for Cloud Workloads becoming enabled before it completes initialization. 
  • Exporting an SBOM assessment may produce an error.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • Custom checks and advanced settings are not visible in the side panel when viewing Compliance Assessments.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.

Tanium Cloud Release Started Date: July 1, 2025

Fixes

Fixed issues with:

  • Filter Group selection in Comply > Findings including unmanaged findings. When a standard Filter Group is selected, the Unmanaged Endpoints filter will now automatically switch to "Managed Only".

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • Expired exceptions may still mark findings as excepted. Deleting the exception returns associated findings to a not excepted state.
  • In the Findings > Vulnerability > Check ID side panel, the Applicable Patches section may not appear even when there are applicable patches available.
  • Custom checks and advanced settings are not visible in the side panel when viewing Compliance Assessments.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.

Tanium Cloud Release Started Date: June 11, 2025

Fixes

Fixed issues with:

  • The definitions array returned by the `/v1/vulnerability-sources/:id/feed/:feed/cves` API endpoint returning empty.
  • Updated JRE included with Tanium Comply to Amazon Corretto JRE 11.0.27.6.1.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • Expired exceptions may still mark findings as excepted. Deleting the exception returns associated findings to a not excepted state.
  • In the Findings > Vulnerability > Check ID side panel, the Applicable Patches section may not appear even when there are applicable patches available.
  • Custom checks and advanced settings are not visible in the side panel when viewing Compliance Assessments.
  • To prevent timeouts when querying the `/v1/vulnerability-sources/:name/cves` API route, it is recommended to use pagination parameters such as limit and offset.
  • Findings related to unmanaged devices may appear when filtering by Filter Group. To exclude these, apply the "Managed Only" filter under Endpoint Type. This applies to findings in the Comply workbench and Reports.

Tanium Cloud Release Started Date: May 1, 2025

Enhancements

This release includes:

  • Integrated Comply reports into the Tanium Reporting framework to improve consistency in data querying, filtering, and exporting. As part of this transition, Comply reports will appear as modified by the Tanium Managed user.
  • Added the `Comply - Vulnerability Status` sensor that consolidates the following columns into a single sensor: Check ID, First Found Date, Last Found Date, Absolute First Found Date, Scan Type, Excepted, Detected Products, Detected CPEs.
  • Added the `Comply - Compliance Status` sensor that consolidates the following columns into a single sensor: Check ID, State, Category, Rule ID, First Found Date, Last Scan Date, Excepted, Scan Method.
  • Sortability for the % Compliant Endpoints (Pass/Fail) column in Findings > Compliance.
  • Added quick filter to the Comply > Reports page.
  • Updated filters in Comply > Reports > Exports, including adding a filter for Findings Investigation exports.
  • Added an Endpoint Type quick filter in Comply > Findings to allow filtering for findings associated with both managed and unmanaged endpoints.
  • Added new columns and filters for Detected Products and Detected CPEs in Findings > Vulnerability to represent the vulnerable product and CPE respectively when available and reported by a vulnerable endpoint. Affected Products and CPEs will refer to reviewed products and CPEs based on the vulnerability definition.
  • Updated CPEs and Affected Products filters to reflect new Detected Products and Detected CPEs information in Comply > Findings.
  • Added warning notifications with reason codes for reports failing upgrade migration.
  • Removed formatting of values in exports to display raw values to align with Reporting.
  • Removed installation of deprecated Comply sensors for new customer environments.
  • Updated CSV export workflow from Comply > Findings to export all visible columns.
  • Added support for Windows Server 2025 vulnerability assessments.
  • Updates to internal dependencies.

Fixes

Fixed issues with:

  • Link transition for the Vulnerability Findings chart in the Comply Overview page to now direct users to the Vulnerability > All Findings tab instead of the Endpoints tab.
  • An error when filtering Compliance Findings by IP address.
  • Excepted findings not displaying the appropriate checkmark in the Excepted column in Findings.
  • Unexpected errors in the Create Compliance Assessments page when special characters are used to filter items in Custom Checks.
  • Comply Investigations based on Check ID producing a "No Results for Online Managed Endpoints" error when endpoint count is greater than 250.
  • Incorrect N/A row encountered when creating a custom Comply Report with specific conditions in filter builder.
  • IP address filtering using IP address ranges.
  • Filtering by IP address causes a 500 error in Comply > Findings.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • Expired exceptions may still mark findings as excepted. Deleting the exception returns associated findings to a not excepted state.
  • In the Findings > Vulnerability > Check ID side panel, the Applicable Patches section may not appear even when there are applicable patches available.

Tanium Cloud Release Started Date: April 24, 2025

Enhancements

This release includes:

  • Added support for Windows Server 2025 vulnerability assessments.
  • Improvements to vulnerability detection for container image scans, including support for Java, JavaScript, and Go filetypes.
  • Updates to internal dependencies.
  • Updated JRE included with Tanium Comply to Amazon Corretto JRE 11.0.26.4.1.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error when endpoint count is greater than 250. To avoid this issue, apply additional filters to reduce the endpoint count before executing the investigation.

Tanium Cloud Release Started Date: March 26, 2025

Enhancements

This release includes:

  • Added "Detected Products" and "Detected CPEs" columns to the “Comply - CVE Findings” sensor for client-based and SBOM findings.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.
  • Comply Investigations based on Check ID will produce a "No Results for Online Managed Endpoints" error when endpoint count is greater than 250. To avoid this issue, apply additional filters to reduce the endpoint count before executing the investigation.

Tanium Cloud Release Started Date: March 4, 2025

Enhancements

This release includes:

  • Updates to internal dependencies.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.

Tanium Cloud Release Started Date: February 26, 2025

Enhancements

This release includes:

  • Updates to the Tanium Scan Engine. Users will receive a prompt in the Comply workbench to accept the engine update. For more information, please refer to the Tanium User Guide.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.

Tanium Cloud Release Started Date: February 5, 2025

Enhancements

This release includes:

  • Added the Last Success Date column to the `Comply - Last Scan` sensor to indicate when an assessment successfully scanned on an endpoint

Fixes

Fixed issues with:

  • Assessment creation when ECF approvals are enabled
  • RAS network interface selection when matching multiple IP addresses
  • Missing CPE values when exporting Comply Findings from the workbench
  • Duplicate CPE values for OS vulnerability findings in the Comply Findings workbench
  • 'Assessments with Issues' calculation when using the Filter Items search bar
  • Findings not appearing for custom profiles when the assessment was created by a user without `read question history` permissions
  • An incorrect list of affected platforms for definitions in the CVE flyout page
  • Updates the 'Scan Selected Registries' list during Assessment creation to include only eligible registries with SBOM enabled
  • Workbench errors when editing Filter Criteria within the Create Exception workflow from a Comply Finding
  • Inconsistent investigation results when filters are applied to Comply Findings
  • Editing an assessment schedule not properly updating the scheduled action for interval-based assessments with specified start or end times
  • Confirmation modal and refresh when deleting a vulnerability source

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.

Tanium Cloud Release Started Date: January 28, 2025

Fixes

Fixed issues with:

  • Comply image findings disappearing after 7 days and reappearing once a rescan occurs.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.

Tanium Cloud Release Started Date: January 2, 2025

Enhancements

This release includes:

  • Updates to internal dependencies

Fixes

Fixed issues with:

  • Comply - CVE Investigation Details sensor to limit Tanium Server memory utilization

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.

Tanium Cloud Release Started Date: December 13, 2024

Enhancements

This release includes:

  • A new Comply Remediations Page for deeper integrated workflows with the Tanium Patch module. For more information, please refer to the Tanium User Guide.
  • Removal of legacy CVSSv2 to CVSSv3 migration notifications
  • Enhanced operating system identification when executing RAS scans for Ubuntu/Debian machines
  • Add default Windows 11 assessments during common module initiailization
  • Added MAC address column option to Comply Findings

Fixes

Fixed issues with:

  • Failed Comply assessment migrations with certain upgrade paths from older versions of Comply
  • The flyout for Tanium Guide not appearing from the Comply workbench
  • Inaccurate count summary for "Not Scanned" on the Assessments page
  • Compliance results returning Unknown when using the CIS-CAT Pro Assessor engine
  • Incorrect error notifications for the Comply Report Reviewer and Comply Custom Check Writers
  • Custom titles for custom profiles not reflecting properly in Custom Profile details flyout
  • Issue navigating to other Tanium modules from a Comply Report

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.
  • SBOM-Based Golang scans are no longer supported on Windows 7 as Golang itself no longer supports Windows 7. Tanium Clients on Windows 7 Endpoints will not trigger scans for Golang Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated profile.
  • RAS assessments fail if content is divided into multiple batches. For RAS vulnerability assessments, do not use "Both Standard and High Resource CVEs" for the CVE Definitions Type; instead, separate the RAS assessment into two with one assessment set to Standard Resource CVEs and another set to High Resource CVEs. For RAS compliance assessments, ensure only 1 standard is included per RAS assessment.


Tanium Cloud Release Started Date: November 7, 2024

Enhancements

This release includes:

  • Updates to internal dependencies

Fixes

Fixed issues with:

  • The upgrade process causing service failures in specific environments

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.

Tanium Cloud Release Started Date: October 29, 2024

Enhancements

This release includes:

  • Updates to internal dependencies

Fixes

Fixed issues with:

  • Advanced Filter values not displaying properly when deep linking to filtered CVEs page
  • Links to high resource CVEs from Assessment configuration not opening in a new window
  • Exceptions repeatedly being applied and removed when targeting is based on the Comply - CVE Findings sensor
  • Errors when creating new Vulnerability Assessments using custom sources

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.

Tanium Cloud Release Started Date: October 14, 2024

Enhancements

This release includes:

  • An assessment configuration workflow to update CVE definitions type for all assessments, allowing for dynamic exclusion of CVE definitions that require additional endpoint resources for scanning. See the Tanium Comply User Guide for more details.

Fixes

Fixed issues with:

  • Column sort and search for CVE lists page following CVE search from Standards
  • Incorrect CVE counts for RAS assessments in assessment preview panel

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Using the CVE Definitions Type bulk edit workflow to update more than 1,000+ assessments at once may produce an error. Assessments should continue to update in the background as expected, however it is recommended to run this bulk edit capability in batches when editing more than 1,000 assessments.

Tanium Cloud Release Started Date: October 3, 2024

Enhancements

This release includes:

  • Updates to internal dependencies
  • Support for macOS 15 vulnerability assessments

Fixes

Fixed issues with:

  • Newly created assessments not running due to errors in publishing
  • Comply Investigations targets drill down results in "No Results for Online Managed Endpoints"

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • `Comply - CVE Investigation Details` and `Comply - Compliance Investigation Details` sensors must be registered in TDS and enabled to support Comply Investigations

Tanium Cloud Release Started Date: September 13, 2024

Security Update

This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium Resource Center, or by contacting support.

Enhancements

This release includes:

  • Support for the CIS-CATv4 engine
  • Updates to scan error metrics on Assessments page, including separation of Scan Timeout errors count in the Assessment flyout
  • Updated language to clarify SBOM assessment schedule
  • Improved CVE list behavior during search and navigation
  • Horizontal scroll and column selection capability for Assessments list
  • Optional Assessment Hash and ID columns for Assessments list (hidden by default)
  • Expanded height of module Settings to use full browser window

Fixes

Fixed issues with:

  • Column selection in export configuration for Vulnerability Investigations
  • Column selection filtering in export configuration for Compliance Investigations
  • Workbench pages failing to load due to Comply Deployment Administrator permissions
  • Errors when reviewing NUS reports after switching personas
  • Incorrect estimated CVE counts when creating or editing assessments
  • Resetting CVE list filters on Vulnerability Standards page
  • Engine update banner not appearing when an engine update is available
  • Default Targeting option not applying for new Comply installation
  • Incorrect value validation guidance for Comply module settings
  • Scheduled actions were not being generated for newly created age-based vulnerability assessments
  • Newly created SBOM assessments are not consistently distributing to endpoints

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • `Comply - CVE Investigation Details` and `Comply - Compliance Investigation Details` sensors must be registered in TDS and enabled to support Comply Investigations
  • SBOM assessments must be reenabled following upgrade. To reenable assessments, go to Comply > Setup > Configuration > Custom Settings and reenable SBOM with the necessary configuration settings in each of the previously configured SBOM custom settings.

Tanium Cloud Release Started Date: August 20, 2024

Security Update

This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium Resource Center, or by contacting support.

Enhancements

This release includes:

  • Improvements with Investigations scroll behavior
  • Updates to internal dependencies
  • Added support for Ubuntu 24 Vulnerability Assessments
  • Added default assessments for Windows Server 2022 during module initialization
  • Moved Comply Investigations from asking live questions to querying TDS. This requires that `Comply - CVE Investigation Details` and `Comply - Compliance Investigation Details` sensors are registered in TDS and enabled.
  • Allowing TDS Query results to be displayed in Findings while Affected Product is being calculated
  • Added a Scan Engine option as an advanced filter in the Assessments page

Fixes

Fixed issues with:

  • Errors when RAS Assesment Creator role attempts to create an assessment
  • Incorrect target counts for CVE Investigations
  • Comply Healthy Endpoints Count drill down
  • Investigations: View Endpoints flyout produces no results for online endpoints when starting from a user-created Report
  • Failed custom sources causes other custom sources to fail processing.
  • Vulnerability Assessment side panel display when Included or Excluded CVEs are not explicitly configured
  • Vulnerability Assessment creation causes errors when all CVE defaults are selected
  • RAS Findings returning N/A for endpoint value
  • Findings scrolling to the end of the table when the Affected Products, CPEs, or Affected Platforms is visible
  • Export errors when no columns are selected
  • Broken Stale Assessments caused by changeID field not updating
  • Empty fields in Vulnerability Standards section of Assessment side panel details
  • Removed Schedule options if Definition Type is Import in Vulnerability Custom Source
  • Network Unauthenticated satellite scans requiring Discover privileges
  • Improved tooltip information to indicate why a custom engine cannot be deleted
  • Sudo escalation for remote authenticated scans may not work in certain cases
  • Failed downloads to CSV of Investigation results from the workbench

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Assessments using the CIS-CATv3 engine will not produce results for vulnerability or compliance if running complycx-1.16 or above on the endpoint
  • `Comply - CVE Investigation Details` and `Comply - Compliance Investigation Details` sensors must be registered in TDS and enabled to support Comply Investigations
  • SBOM assessments must be reenabled following upgrade. To reenable assessments, go to Comply > Setup > Configuration > Custom Settings and reenable SBOM with the necessary configuration settings in each of the previously configured SBOM custom settings.


Tanium Cloud Release Started Date: June 03, 2024

Enhancements

This release includes:

  • Added support for Debian 12
  • Removal of unnecessary data in the 'Actual Values' returned from Comply investigation sensors
  • Provide explanation for missing data in the output of Tanium Comply Findings Connect exports

Fixes

Fixed issues with:

  • Connect exports failing when specifying the network unauthenticated finding type
  • Type mismatch output for the Comply - Compliance Exposure Score sensor
  • Workbench findings exports failing with 507 error response from TDS
  • Connect exports of compliance findings failing when certain columns are selected
  • Query for applicable patches in the vulnerability findings flyout failing when there is a high number of applicable patches
  • Workbench errors encountered when creating large finding exceptions
  • Investigation of findings from imported benchmarks not functioning correctly
  • Intel feeds for vulnerability assessments not regenerating when there are changes in the OVAL definitions
  • Users being unable to remove the distribute over time setting for assessments

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.
  • Sudo escalation for remote authenticated scans may not work in some cases

Tanium Cloud Release Started Date: May 20, 2024

Security Update

This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium Resource Center, or by contacting support.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.


Tanium Cloud Release Started Date: May 2, 2024

Security Update

This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium Resource Center, or by contacting support.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: April 18, 2024

Security Update

This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium Resource Center, or by contacting support.

Fixes

This release includes fixes to downloading required resources during first installation.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: April 3, 2024

Fixes

This release includes:

  • Comply Finding Connect plugin SBOM results missing data.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: March 29, 2024

Enhancements

This release includes:

  • Improvements to downloading required resources during first installation.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: March 11, 2024

Bug Fixes

  • Extended initialization timeout for Comply to download required resources on first installation.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: February 28, 2024

Bug Fixes

Fixed issues with:

  • Timeout error preventing configuration of bulk exceptions from saving
  • Loading failures for CVE side panel in Vulnerability Findings when accessing certain CVEs
  • Exporting Findings in Workbench results in 507 error response
  • Comply service TDS registration errors resulting in failed Connect jobs

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: February 20, 2024

Bug Fixes

Fixed issues with:

  • Cloning Assessments does not allow changing the Platform or the Vulnerability Content Source.
  • Intel for non-scheduled assessments not updating regularly.
  • Delete stale assessments erroneously shows scan timeout.
  • Comply - CVE Investigation Details sensor timing out on CentOS endpoint.
  • Fix errors posting data to Trends source.
  • Advanced Filtering with Affected Platforms fails
  • Findings Quick Filters reappear with Filter Builder selected after clicking Revert
  • RAS/RNM scans fail as Windows 11 ARM endpoints incorrectly targeted with x86 version of JRE.
  • Retry TDS queries with a smaller size if the response is too large.
  • Optimize the query for the Critical/High endpoints chart.
  • Comply status route will report statuses independently and not block.
  • Limit requests to /v1/vulnerability/cves to only return at most 1000 CVEs at a time.
  • Rebuilding the TVL and running a Comply Findings plugin will not interfere with each other.
  • Comply Finding plugin for Connect gets all data from TDS.
  • Limit Connect Findings plugin Actual Values to max length.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source is deprecated. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Started Date: January 29, 2024

Bug Fixes

Fixed issues with:

  • Fixed Comply Health Checks showing Tools Outdated.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Assessments need to be deployed again after Endpoint Configuration items are approved when approvals are enabled.

Tanium Cloud Release Date: January 8, 2024

Bug Fixes

Fixed issues with:

  • Fixed publishing of ECF targeting for SBOM Vulnerability Assessments

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: January 3, 2024

Bug Fixes

Fixed issues with:

  • Removed dependency on ECF tooling

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: December 7, 2023

Enhancements

This release includes:

  • An infrastructure update to ingest NVD content into the Comply TVL using the NVD 2.0 API.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: December 5, 2023

Bug Fixes

Fixed issues with:

  • Comply (Findings) Connect plugin can fail from errors in sensors
  • Comply (Findings) Connect plugin can fail with a decodeURIComponent error
  • Comply (Findings) Connect plugin Actual Values are truncated to a to max length

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: November 29, 2023

Bug Fixes

Fixed issues with:

  • Certain CVEs receiving 500 error in flyout on the standards page

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Connect jobs using the Comply Findings plugin may fail when a TSE error is encountered

Tanium Cloud Release Date: November 16, 2023

Enhancements

This release:

  • Summarizes remediation guidance by scoping solution links to OS associated with findings
  • Modifies the default sorting of vulnerability findings to sort by findings count

Bug Fixes

Fixed issues with:

  • Comply displaying an incorrect error when performing investigation on client-based compliance findings directly from the data grid in Findings
  • Connect vulnerability export incorrectly exporting multiple definitions
  • Pivoting to Patch from Vulnerability Findings causing errors
  • Connect exports including Duplicate solution links when exporting vulnerability findings
  • The “Has OVAL Definitions” column when exporting the Tanium Vulnerability Library CVE list from Vulnerability Standards
  • Failures uploading Tanium Vulnerability Library in airgap environments

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Connect jobs using the Comply Findings plugin may fail when a TSE error is encountered

Tanium Cloud Release Date: November 2, 2023

Bug Fixes

Fixed Issues with:

  • Sorting on Affected Platforms in Comply > Findings > All Findings (Vulnerability) returned 400 response
  • CPE filter in Comply Findings did not provide any auto-complete suggestions
  • Deleting a stale assessment erroneously showed scan timeout
  • Affected Platforms field was blank in workbench exports

Changes to the Connect findings plugin:

  • SecPod Link in Connect findings exports is now populated
  • Vendor Links are now included in Solutions Links
  • Remediation field now has values for SBOM scan findings
  • Remediation field now contains vendor links patches
  • Some fields that may have had empty values will now be populated: "Definition Title", "OVAL Definition", "OVAL Source", "Solution Links", "Remediation", "Criteria", and "Details"
  • NOTE: These changes to the export can increase the size of the export, depending on the exported columns, by up to 40%.

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • AWS 2023 endpoints cannot be used as satellites for Remote Authenticated Scans
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: October 20, 2023

Bug Fixes

  • Multiple improvements to the backend process for TVL updates

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: October 16, 2023

Enhancements

This release includes:

  • An new option to increase the timeout setting for assessments beyond 6 hours
  • Third party advisory links have been added to CVE remediation information
  • Support for macOS 14 vulnerability assessments

Bug Fixes

Fixed issues with:

  • Vulnerability assessments using the Tanium Vulnerability Library for Unix failing due to a SAX error
  • Workbench reports not being migrated correctly after an upgrade of Comply causing 500 errors
  • Assessment page failing to load assessment metrics in some cases

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached

Tanium Cloud Release Date: October 4, 2023

Bug Fixes

Fixed issues with:

  • The Comply - Is Vulnerable sensor returning N/A instead of false when an endpoint has no vulnerabilities

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • The download to CSV of investigation results from the workbench may fail due to the question completion threshold not being reached
  • Connect jobs using the Comply Findings plugin may fail when a TSE error is encountered

Tanium Cloud Release Date: September 25, 2023

Bug Fixes

Fixed issues with:

  • Differences in Comply vulnerability findings summary statistics and number of findings items displayed
  • CPE to CVE mapping ignoring version_fields for network unauthenticated scan results
  • Filtering Affected Products for values that contain "++" causing an error in the Comply workbench
  • Service not gracefully handling the missing engines folder after a Comply uninstall
  • Secpod links missing in Connect exports of vulnerability findings
  • Actual Values not being decoded in determining affected products
  • Tanium Vulnerability Library (TVL) not updating on schedule
  • Assessments that error in COMPLY-EXCEPTION or COMPLY-UNKNOWN not re-running automatically when an endpoint is evaluated to be online
  • False positive SBOM findings for CVE-2018-25032 and CVE-2022-37434

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • The 'Platform' column in the Comply - Vulnerability Findings Details expanded sensor has been removed. Reports that use the platform column in the sensor will need to be edited to remove the column for the reports to render successfully without error.
  • Connect jobs using the Comply Findings plugin may fail when a TSE error is encountered

Tanium Cloud Release Date: September 5, 2023

Bug Fixes

Fixed issues with:

  • Download to CSV of vulnerability findings could fail when the string limit is exceeded
  • Comply Findings being filtered out of Connect exports due to TSE errors being returned
  • Incomplete CPE and Affected Products in workbench and exports

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM


Tanium Cloud Release Date: August 28, 2023

Bug Fixes

Fixed issues with:

  • SBOM vulnerability assessments generating invalid duplicate intel item
  • Connect Findings exports omitting scores for CVEs with no definitions

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Incomplete CPE and Affected Products in workbench and exports

Feature Deprecation Notice

The Tanium Comply (Assessments) Connect source will be deprecated in the near future. Customers are advised to alternatively use the Tanium Comply (Findings) source or Tanium Reporting source in Connect to export vulnerability findings data.

Tanium Cloud Release Date: August 23, 2023

Bug Fixes

Fixed issues with:

  • SBOM vulnerability matching on CPEs with no version information
  • Investigations returning the same ResultID for different actual values

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Incomplete CPE and Affected Products in workbench and exports

Tanium Cloud Release Date: August 8, 2023

Bug Fixes

Fixed issues with:

  • Connect exports for large sets of findings were taking longer than expected
  • SBOM vulnerability scans for native binaries on Windows could product false positives. The option has been temporarily removed.

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Incomplete CPE and Affected Products in workbench and exports

Tanium Cloud Release Date: July 18, 2023

Enhancements

This release includes:

  • SBOM assessments
  • Solution Links in the Connect plugin are newline delimited

Bug Fixes

Fixed issues with:

  • Affected Products showing all products
  • Exporting Assessments with custom checks to HTML
  • Exceptions not applying to custom checks
  • Create Exception from All Findings does not target custom checks correctly
  • Compliance Findings count discrepancies
  • RAS results processed but not showing in the workbench
  • Comply (findings) Connect connections fail on large numbers of endpoints
  • Comply (findings) Connect connections can disappear until Connect is restarted
  • Wrapping of Asset icon in Computer columns of findings
  • Excess logging to journal on Linux

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Opening a CVE findings flyout may fail to load details for the vulnerability source

Tanium Cloud Release Date: July 17, 2023

Bug Fixes

Fixed issues with:

  • Occasional errors when uploading new Benchmarks

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Opening a CVE findings flyout may fail to load details for the vulnerability source

Tanium Cloud Release Date: July 11, 2023

Bug Fixes

Fixed issues with:

  • Connect exports may fail with a 502 error code.
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • Comply custom settings are unnamed post upgrade

Known Issues

  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Opening a CVE findings flyout may fail to load details for the vulnerability source

Tanium Cloud Release Date: June 26, 2023

Bug Fixes

Fixed issues with:

  • Connect exports using the Tanium Comply (Findings) source may fail to run due to an error

Known Issues

  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Comply custom settings are unnamed post upgrade
  • Opening a CVE findings flyout may fail to load details for the vulnerability source
  • Connect exports may fail with a 502 error code.

Tanium Cloud Release Date: June 21, 2023

Enhancements

This release includes:

Known Issues

  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Comply custom settings are unnamed post upgrade
  • Opening a CVE findings flyout may fail to load details for the vulnerability source
  • Connect exports using the Tanium Comply (Findings) source may fail to run due to an error

Tanium Cloud Release Date: June 19, 2023

Enhancements

This release includes:

Bug Fixes

Fixed issues with:

  • The macOS 13 Ventura benchmark could be missing from compliance standards
  • Scan method could show 'unknown' in the findings filter
  • Editing a distributed network unauthenticated assessments returns the user to the assessment page
  • Uploading a compliance standard could fail due to missing benchmark components
  • Assessments reissued by the Comply service account targets no computers
  • Computer group filters fails to apply in the filter builder
  • CVEs in the vuln.db are not displayed in vulnerability standards
  • RAS assessment completes successfully but results are not displayed in the Comply workbench
  • Selecting a large group of assessments to deploy could results in a lock status error
  • Filtering on affected products is case sensitive
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Known Issues

  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM
  • Comply custom settings are unnamed post upgrade
  • Opening a CVE findings flyout may fail to load details for the vulnerability source

Tanium Cloud Release Date: June 5, 2023

Enhancements

This release includes:

  • Add settings to control the maximum size and maximum number of entries in uploaded zip files

Bug Fixes

Fixed issues with:

  • RAS scans completing and showing no results
  • Error when updating vulnerability data from custom sources
  • Error when RAS results are uploaded and unconfirmed unmanaged endpoints are updated

Known Issues

  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM

Tanium Cloud Release Date: May 18, 2023

Enhancements

This release includes:

  • Added support for ESXi Compliance & Vulnerability scanning via vCenter API
  • Added reporting capabilities for the CISA Known Exploited Vulnerabilities (KEV) catalog
  • Added support for left-hand-side filtering in the Filter builder on the Findings page

Bug Fixes

Fixed an issue with:

  • RAS results failing to ingest due to timeout
  • Connect exports of Compliance findings failing when certain columns are selected
  • Incorrect RAS tools being deployed
  • Changing the assessment schedule repeat option does not take affect
  • Exporting a network unauthenticated scan report could cause the workbench to crash

Known Issues

  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running
  • Remote Authenticated and Network Unauthenticated assessments will not run on Windows 11 on ARM

Tanium Cloud Release Date: May 3, 2023

Bug Fixes

Fixed an issue with:

  • Comply upgrade failing due to database migration timeout


Tanium Cloud Release Date: April 25, 2023

Enhancements

This release includes:

  • Clone Assessments option in Assessments page
  • Added refresh button to all grids
  • Remember filter settings on Assessments page after page refresh
  • Remember column selections in Findings grids
  • Report Age sensor returns "< 1 day" instead of hours

Bug Fixes

Fixed an issue with:

  • Attempting to view all vulnerability findings in the Comply workbench may fail due to the browser running out of memory
  • Using a Version filter in Compliance Findings causes an error
  • Getting an error loading vulnerability findings panel if user doesn't have Patch permissions
  • Getting file contents instead of file path for some Investigation results
  • Some Connect exports including the wrong data in some columns when all Investigation fields are included along with First Found and Last Found dates
  • The counts in the summary section of exported Assessments not matching the findings counts
  • Seeing "Failed to load details for vulnerability source" in vulnerability details panel in Findings
  • Non-admins are not able to create RAS assessments
  • Sorting the columns in the Assessments chart on the Overview page causes an error
  • The "Comply - Vulnerability Findings Aggregate" sensor erroneously returning "No Vulnerabilities"
  • Unable to delete custom check after all associated assessments have been deleted
  • Exporting large findings lists via "Download as CSV"
  • Not being able to create a report despite "Comply Reports Write" permission
  • Findings page truncating compliance rule descriptions in details panels
  • Some Low Priority scans running as normal priority


Known Issues

  • RAS assessments for ESXi vulnerability fail with connection error due to a bug in the Joval 6.4.4.1 engine
  • RAS assessments for ESXi vulnerability fail with a connection error on ESXi builds 7.0.3 200xxxx or later due to a bug in the Joval 6.4.2 engine
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • OVAL results parser does not correctly handle the EntityStateRecordType or EntityItemRecordType OVAL types needed to surface actual values for some test definitions within Investigations
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Tanium Cloud Release Date: April 18, 2023

Enhancements

This release includes:

  • Clearer Remediation values for some CVEs

Security Update

  • This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium's Support Portal, or by contacting your TAM.

Known Issues

  • Attempting to view all vulnerability findings in the Comply workbench may fail due to the browser running out of memory
  • RAS assessments for ESXi vulnerability fail with connection error due to a bug in the Joval 6.4.4.1 engine
  • RAS assessments for ESXi vulnerability fail with a connection error on ESXi builds 7.0.3 200xxxx or later due to a bug in the Joval 6.4.2 engine
  • Scans using the CIS-CAT engine fail using the Amazon Corretto JRE v11.0.17.8.1 or later
  • The Comply - Vulnerability Findings Aggregates deprecated sensor can return "No Vulnerabilities" for endpoints with CVE Findings
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • OVAL results parser does not correctly handle the EntityStateRecordType or EntityItemRecordType OVAL types needed to surface actual values for some test definitions within Investigations
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Tanium Cloud Release Date: April 4, 2023

Enhancements

This release includes:

  • Added the option to include compliance and vulnerability findings investigation details columns (Test ID, Expected Objects, Expected States, Actual Values) in exports using the Tanium Comply (Findings) Connect source
  • More precise identification of Affected Platform, Affected Product, and Common Platform Enumerator (CPE) for Comply vulnerability findings in the workbench, CSV download, and the Tanium Comply (Findings) Connect source

Known Issues

  • Attempting to view all vulnerability findings in the Comply workbench may fail due to the browser running out of memory
  • RAS assessments for ESXi vulnerability fail with connection error due to a bug in the Joval 6.4.4.1 engine
  • RAS assessments for ESXi vulnerability fail with a connection error on ESXi builds 7.0.3 200xxxx or later due to a bug in the Joval 6.4.2 engine
  • Scans using the CIS-CAT engine fail using the Amazon Corretto JRE v11.0.17.8.1 or later
  • The Comply - Vulnerability Findings Aggregates deprecated sensor can return "No Vulnerabilities" for endpoints with CVE Findings
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • OVAL results parser does not correctly handle the EntityStateRecordType or EntityItemRecordType OVAL types needed to surface actual values for some test definitions within Investigations
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Tanium Cloud Release Date: March 20, 2023

Enhancements

This release includes:

  • Added new sensors to track First Found and Last Scan dates for Compliance findings. These dates are now available as optional columns in the Tanium Comply (Findings) Connect source for Compliance findings.

Known Issues

  • RAS assessments for ESXi vulnerability fail with connection error due to a bug in the Joval 6.4.4.1 engine
  • RAS assessments for ESXi vulnerability fail with a connection error on ESXi builds 7.0.3 200xxxx or later due to a bug in the Joval 6.4.2 engine
  • Scans using the CIS-CAT engine fail using the Amazon Corretto JRE v11.0.17.8.1 or later
  • The Comply - Vulnerability Findings Aggregates deprecated sensor can return "No Vulnerabilities" for endpoints with CVE Findings
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • OVAL results parser does not correctly handle the EntityStateRecordType or EntityItemRecordType OVAL types needed to surface actual values for some test definitions within Investigations
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Tanium Cloud Release Date: March 16, 2023

Bug Fixes

Fixed an issue with:

  • RDB migration failing on module upgrade when an invalid RAS assessment status is encountered

Known Issues

  • RAS assessments for ESXi vulnerability fail with connection error due to a bug in the Joval 6.4.4.1 engine
  • RAS assessments for ESXi vulnerability fail with a connection error on ESXi builds 7.0.3 200xxxx or later due to a bug in the Joval 6.4.2 engine
  • Scans using the CIS-CAT engine fail using the Amazon Corretto JRE v11.0.17.8.1 or later
  • The Comply - Vulnerability Findings Aggregates deprecated sensor can return "No Vulnerabilities" for endpoints with CVE Findings
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • OVAL results parser does not correctly handle the EntityStateRecordType or EntityItemRecordType OVAL types needed to surface actual values for some test definitions within Investigations
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Tanium Cloud Release Date: March 8, 2023

Enhancements

This release includes:

  • Support for Juniper JunOS for Remote Authenticated Assessments (RAS)
  • Added the ability to download Investigation results as CSV from the Comply workbench with endpoint details
  • Added the full file path for Actual Value test results in the Investigations feature
  • Added support for Investigations of passed compliance findings
  • Added new sensors to track assessments last scan date and CVE findings last scan date
  • Added new Comply Reports Read and Comply Reports Write RBAC privileges
  • Added missing Solution Link and Remediation information for some CVEs
  • Added user information for deleted assessments in Comply modules logs and database
  • Updated the Comply Health section in the module overview page
  • Updated the Tanium Scan Engine to version 6.4.4.1.

Bug Fixes

Fixed an issue with:

  • Vulnerability assessments failing due to insufficient memory on endpoints configured with low resource mode
  • Debug assessments would failing to generate a valid diagnostics report on non-windows endpoints
  • Default CPU setting not being applied on all endpoints
  • Scheduled action to remove stale assessments data from endpoints not repeating
  • Exporting Network Unauthenticated (Remote Vulnerability) results through Connect could failing with larger exports
  • Assessment schedule being reset after running an on-demand scan
  • RAS findings not being displayed in the workbench
  • RAS findings not being ingested after a successful scan
  • RAS findings not being ingested when a duplicate MAC address is encountered
  • The Findings page being slow to load in larger deployments
  • Failing to load details for vulnerability sources
  • Rendering HTML assessment exports
  • Vulnerability assessments not being updated with new CVEs after a Comply upgrade
  • Some CVE "Help Links" pointing to the wrong URL
  • "RUS Tools" being installed on non-Satellite endpoints
  • Corrupted intel and scan config files preventing scans from running

Known Issues

  • RAS assessments for ESXi vulnerability fail with connection error due to a bug in the Joval 6.4.4.1 engine
  • RAS assessments for ESXi vulnerability fail with a connection error on ESXi builds 7.0.3 200xxxx or later due to a bug in the Joval 6.4.2 engine
  • Scans using the CIS-CAT engine fail using the Amazon Corretto JRE v11.0.17.8.1 or later
  • The Comply - Vulnerability Findings Aggregates deprecated sensor can return "No Vulnerabilities" for endpoints with CVE Findings
  • RAS findings for Juniper report the OS version and Operating System Generation as "unknown"
  • OVAL results parser does not correctly handle the EntityStateRecordType or EntityItemRecordType OVAL types needed to surface actual values for some test definitions within Investigations
  • Connect jobs using the Tanium Comply plugin sources to export vulnerability data may prevent updates to the TVL while the connection is running

Tanium Cloud Release Date: January 26, 2023

Bug Fixes

Fixed an issue with:

  • Compliance assessments using browser benchmarks end in COMPLY-FATAL and produce Fail findings.
  • Compliance findings for Remote Authenticated assessments are not displayed in Findings.
  • Compliance findings from Remote Authenticated assessments return 0 rows when exported through the Tanium Comply (Findings) source.

Tanium Cloud Release Date: January 10, 2023

Enhancements

This release includes:

  • Support for MacOS 13
  • Support for Oracle Linux 9

Bug Fixes

Fixed an issue with:

  • Investigations failing with "403 error due to RBACInsufficientPrivilege"
  • Large Connect exports failing with "Maximum call stack size exceeded"
  • Some Investigation filters not working correctly.
  • Errors when importing the same custom profile more than once.

Known Issues

  • Compliance assessments using browser benchmarks end in COMPLY-FATAL and produce Fail findings
  • Compliance findings for Remote Authenticated assessments are not displayed in Findings.
  • Compliance findings from Remote Authenticated assessments return 0 rows when exported through the Tanium Comply (Findings) source.

Tanium Cloud Release Date: December 15, 2022

Enhancements

This release includes:

  • A new Investigations workflow allowing you to see the checks performed, the expected values, and the actual values found for all vulnerability and compliance findings. Comply Documentation

Bug Fixes

Fixed an issue with:

  • Connect exports of RAS findings returning 0 rows.
  • Incorrect "% Compliant" values.
  • Not being able to edit the name of network unauthenticated assessments.
  • The sensor "Comply - Compliance Percentage" returning TSE-Errors for many rows.
  • Custom ID mappings not showing values in the "Comply - JovalCM Results Full" sensor.
  • Default CPU settings not being applied on endpoints.
  • Network unauthenticated scans sometimes showing the wrong OS for a discovered device.
  • Remote unauthenticated scans failing to authenticate with Solaris 10 endpoints.

Known Issues

  • Some endpoints will see increased memory consumption, up to 50% higher, during scans. This memory usage will be decreased in subsequent releases.
  • Uploading XML files for custom profiles generates an error message, but the upload actually works.
  • Compliance findings investigations return no results when the Status Category filter is applied
  • Findings investigations may fail with 403 error due to missing sensor (Contact Tanium Support)

Tanium Cloud Release Date: December 07, 2022

Bug Fixes

Fixed an issue with:

  • Processing results of network unauthenticated assessments from Satellites.

Tanium Cloud Release Date: November 15, 2022

Enhancements

This release includes:

  • The ability to perform Network Unauthenticated Assessments (formally Remote Vulnerability Assessments) from a Tanium satellite to detect vulnerabilities on both managed and unmanaged endpoints.

Bug Fixes

Fixed an issue with:

  • First Found and Last Found dates being null in some Comply exports.
  • Compliance findings percentage data mismatch between graph and table.
  • CCI column not included in the Comply Findings Connect export.
  • RAS findings export (Download to CSV) from workbench returns error.
  • Workbench compliance assessment CSV exports are empty and HTML exports are missing data.
  • Comply assessments fail when JAVA_TOOL_OPTIONS is set
  • Compliance results are not purged from endpoints when deleted
  • Custom check scripts with ".." in name cause config install failures

Known Issues

  • Workbench vulnerability assessment exports (HTML) may contain additional findings data.
  • The "Modified On" time of Network Unauthenticated assessments is updated hourly.
  • RAS findings exported from Connect return 0 rows.

Tanium Cloud Release Date: November 3, 2022

Bug Fixes

Fixed an issue with:

  • Custom vulnerability sources showing no CVEs.
  • Out of Memory errors on endpoints with new assessments.
  • Exporting Cisco findings.
  • Compliance HTML exports producing mostly empty files.

Known Issues

  • RAS findings export (Download to CSV) from workbench returns error.
  • RAS findings exported from Connect return 0 rows.
  • Workbench compliance assessment CSV exports are empty and HTML exports are missing data.
  • Workbench vulnerability assessment exports (HTML) may contain additional findings data.

Tanium Cloud Release Date: October 18, 2022

Enhancements

This release includes:

  • Support for verifying the public key fingerprint of endpoints for SSH connections made by Remote Authenticated Scans.
  • Added 30-day grace period for expired licenses.
  • Remote Vulnerability Assessments are now called "Network Unauthenticated Assessments" and are created as an option for Vulnerability Assessments.
  • The Assessments page now includes "Modified On" and "Last Modified By" columns.
  • Added support for Debian 11.

Bug Fixes

Fixed an issue with:

  • World-writeable files in Linux vulnerability content files.
  • TVL exports showing "undefined" for CVSS scores.
  • Getting errors when creating new Connect jobs with Remote Vulnerability as a source.
  • Assessment actions being recreated and requiring Action Approval.
  • Not being able to create vulnerability assessments for Alma Linux.
  • Errors on the Setup-->Compliance page.
  • 504 errors when exporting to CSV from the Findings page.
  • Duplicated rows in the Applicable Patches grid.
  • Manually uploading TVL files.

Known Issues

  • RAS findings export (Download to CSV) from workbench returns error
  • RAS findings exported from Connect returns 0 rows
  • Workbench compliance assessment CSV exports are empty and HTML exports are missing data
  • Workbench vulnerability assessment exports (HTML) may contain additional findings data

Tanium Cloud Release Date: September 19, 2022

Bug Fixes

Fixed an issue with:

  • Assessment actions being recreated and potentially needing to be repeatedly approved.
  • Creating a second vulnerability assessment just after creating another vulnerability assessment.
  • Findings not properly filtering on an endpoint after clicking details from another Findings row.
  • Improper handling of some endpoints in RAS scans where they appear not to have a MAC address.

Tanium Cloud Release Date: September 6, 2022

Enhancements

This release includes:

  • Support for CVSS v3.1 scores and severities. Existing vulnerability assessments can be converted to be based on CVSS v3.1 scores.
  • The option to add arbitrary additional fields to Comply Findings exports in Connect.
  • The ability to sort assessments by "Status" in the Assessments page.
  • A new column, "Last Modified By," in the Assessments page.
  • Support for Red Hat Linux 9 assessments.
  • Support for Ubuntu 22 assessments.
  • The ability to filter assessments by Assessment Hash in the Assessments page.
  • A list of associated assessments to the Custom Profiles, Custom Checks, Custom ID Mappings, and Custom ID configuration pages.
  • Computer ID as a column in the Findings pages.
  • A new sensor, "Comply - CVE Findings - Absolute First Found."
  • Deprecated sensors are no longer hidden.
  • Standardizing default date export format as YYYY-MM-DD.
  • A clearer message when the license expires.

Bug Fixes

Fixed an issue with:

  • Custom profiles showing Unknown title if all checks aren't in benchmark.
  • "Download as CSV" filenames not properly handling some characters.
  • Rounding up compliance percentages.
  • Getting 504 errors when exporting via "Download as CSV."
  • World-writable files in Linux JRE downloads.
  • Not properly deleting data when removing stale compliance assessments.
  • Assessments not properly retrying when they exit with a failure.
  • Long-running, low-resource-mode scans preventing other scans from running.
  • Remote Open Ports checkbox appearing on Create Vulnerability Assessment pages.

Known Issues

  • Clicking on Findings grid values to filter by endpoint doesn't properly filter by that endpoint.

Tanium Cloud Release Date: August 22, 2022

Bug Fixes

  • Fixed an issue with Download as CSV generating incorrect file extensions in some scenarios.
  • Fixed an issue with downloading multiple reports at once generating an error.
  • Fixed an issue with occasional 500 errors when loading the Assessments page.

Tanium Cloud Release Date: August 10, 2022

Bug Fixes

  • Fixed an issue with Download as CSV failing with "Failed to load report exports."
  • Fixed an issue when trying to download multiple reports.

Tanium Cloud Release Date: August 8, 2022

Enhancements

  • Upgraded various third-party libraries to the most recent versions.

Tanium Cloud Release Date: August 4, 2022

Bug Fixes

  • Fixed an issue where RAS findings for some device types (including Cisco IOS) are not processed by the Comply service.
  • Fixed an issue where the Comply service would repeatedly attempt to connect to the Direct Connect service unsuccessfully.

Tanium Cloud Release Date: July 25, 2022

Enhancements

This release includes:

  • The Findings grid and Connect export now include the "Computer ID" column.

Bug Fixes

  • Fixed an issue where, in some cases, no dates were returned for the Comply - CVE Findings First Found/Last Found sensors.
  • Fixed an issue where files in the extracted JRE that were symbolic links did not have permissions set correctly.
  • Fixed an issue where the architecture type was incorrectly identified on M1 Mac clients.

Known Issues

  • RAS findings for some device types (including Cisco IOS) are not processed by the Comply service. Devices that return their IP address with a "/subnetmask" identifier cause the service to error when processing the RAS results. The scan may complete successfully, but findings never appear in the Comply UI.

Tanium Cloud Release Date: June 21, 2022

Enhancements

This release includes:

  • Remote Authenticated Scan (RAS) Assessments have a new option to target an IP range instead of interfaces previous found by Discover. This means that a satellite no longer needs to share a subnet with the scan targets.
  • The Findings pages now have a "Download as CSV" button allowing you to export results from grids directly from the Comply workbench.
  • The Vulnerability Findings grid and Connect export now includes columns "CPEs," "Affected Products," "Affected Platforms," "CVE Created Date," "CVE Modified Date," and "Computer Serial Number."
  • The Compliance Findings grid and Connect export now includes the "Severity" column.
  • The Findings pages now include a Filter Builder option to build sophisticated conditionals to filter the findings.
  • The Vulnerability Findings grids now include selection and a button to "Remediate in Patch."
  • The CVE details panels in Vulnerability Findings now include a new section for "Applicable Patches."
  • Expanded the available Java Heap Size options to include up to 8192 MB. Satellites running RAS scans now use a minimum of 4096 MB of Java Heap.
  • Added support for Rocky Linux and Alma Linux for vulnerability assessments.
  • Added support for scanning Apple macOS - ARM64 (M1).
  • Added support for scanning Amazon Linux 2 - ARM64 (Graviton).

Bug Fixes

  • Fixed an issue with Connect Findings exports failing due to the column having "multiple values."
  • Fixed an issue with scans failing due to the following:"Could not extract protected JRE: 19FailedToOpenZipFile."
  • Fixed an issue with the Custom Checks flyout panel not scrolling
  • Fixed an issue with the "Comply - Run Assessment - Unix" and "Comply - Run Assessment - Windows" sensors not requiring an Assessment ID as they should.
  • Fixed an issue with assessment schedules being reset after running on-demand scans.
  • Fixed an issue with compliance assessment HTML reports not excluding endpoint lists as they should.
  • Fixed an issue with Connect exports including endpoints that shouldn't be in the report.
  • Fixed an issue with the "Comply - Report Age" sensor returning incorrect values for some assessments.
  • Fixed an issue with Comply Report Administrators not being able to perform on-demand scans.

Known Issues

  • Sometimes the findings count summary totals do not match the number of rows in the grid.
  • Sometimes RAS findings have an incorrect operating system.
  • RAS scans of ESXi devices fail when using a self-signed certificate that is not from a trusted certificate authority. See http://docs.tanium.com/comply/comply/troubleshooting.html#ras-scan-esxi-fails for details.
  • Sometimes no dates are returned from the "Comply - CVE Findings - First Found" or "Comply - CVE Findings - Last Found" sensors.

Tanium Cloud Release Date: June 14, 2022

Bug Fixes

  • Fixed an issue with getting 504 errors when deleting assessments

Known Issues

  • Vulnerability assessments running on endpoints configured with low resource mode have a high rate of failure, can run indefinitely, and may prevent other scans from running.
  • Compliance assessments running on endpoints configured with low resource mode fail to run.

Tanium Cloud Release Date: April 28, 2022

Bug Fixes

  • Fixed an issue with upgrades removing custom settings

Known Issues

  • Vulnerability assessments running on endpoints configured with low resource mode have a high rate of failure, can run indefinitely, and may prevent other scans from running.
  • Compliance assessments running on endpoints configured with low resource mode fail to run.

Tanium Cloud Release Date: April 18, 2022

Bug Fixes

  • Fixed an issue with some low-resource-mode assessments never completing.

Known Issues

  • Vulnerability assessments running on endpoints configured with low resource mode have a high rate of failure, can run indefinitely, and may prevent other scans from running.
  • Compliance assessments running on endpoints configured with low resource mode fail to run.

Tanium Cloud Release Date: April 5, 2022

Enhancements

This release includes:

  • First Found value now resets if finding is resolved and then found again.

Bug Fixes

  • Fixed an issue with assessments failing on MacOS with the error "Not a supported flavor of Unix: UNKNOWN."
  • Fixed an issue with errors deleting assessments.
  • Fixed an issue with Remote Unauthenticated Scan assessment results not being saved if "Comply - CVE Findings - First Found" and "Comply - CVE Findings - Last Found" sensors are not being harvested.
  • Fixed an issue with Connect jobs failing with "Connection Failed. Cleanup required for connectionId."
  • Fixed an issue with assessments failing with "Could not extract protected JRE."

Tanium Cloud Release Date: March 30, 2022

Enhancements

This release includes:

  • First Found and Last Found values now available for Remote Authenticated Scan results in Tanium Connect exports.
  • Changed the order of charts on the Overview page to be consistent with the order on the Findings page.

Bug Fixes

  • Fixed an issue with engine updates sometimes targeted to All Computers.
  • Fixed an issue with Comply incorrectly displaying a banner saying that the Comply license expires within the next two weeks.
  • Fixed an issue with default assessments not running or returning data.
  • Fixed an issue with the "Comply - Compliance Percentage" sensor returning values of type Text instead of Integer.
  • Fixed an issue with Comply sensors failing with "JSON parsing error" on AIX endpoints.
  • Fixed an issue with creating vulnerability assessments using custom sources and no operating system selected.
  • Fixed an issue with the Managed Endpoints with High Vulnerabilities chart not updating quickly enough.
  • Fixed an issue with the "Comply - Has High Vulnerabilities" sensor always returning "Vulnerabilities found."
  • Fixed an issue with endpoints not honoring the debug flag.
  • Fixed an issue with jar files incorrectly being written to /tmp.

Known Issues

  • Errors when trying to delete assessments.
  • Remote Authenticated Scan results not saved if "Comply - CVE Findings - First Found" & "Comply - CVE Findings - Last Found" sensors are not harvested.

Tanium Cloud Release Date: March 15, 2022

Bug Fixes

  • Fixed an issue with the Delete button deleting the wrong credentials.
  • Fixed an issue with the Tanium Scan Engine not updating to the new version.
  • Fixed an issue with the "Comply - Compliance Percentage" sensor returning an incorrect value on Linux endpoints.
  • Fixed an issue with assessment counts in flyout panels not showing correct values.
  • Fixed an issue with newer compliance scans overwriting results on endpoints with multiple assessments
  • Fixed an issue with custom checks failing if they include the "get-localuser" command
  • Fixed an issue with JRE failures on endpoints due to FailedToOpenZipFile error
  • Fixed an issue with SCC scans failing after upgrade.

Tanium Cloud Release Date: March 9, 2022

Enhancements

This release includes:

  • Removed unused "Distribute Downloads Over" custom setting.

Bug Fixes

  • Fixed an issue with loading the Findings page if the environment does not include the Tanium Discover module.
  • Fixed an issue with errors on the Overview page if the environment does not include the Tanium Discover module.
  • Fixed an issue with scans failing to run boot::filesystem::create_directory.
  • Fixed an issue with CVE findings disappearing and reappearing.
  • Fixed an issue with running engines that contain dashes in the version number.
  • Fixed an issue with custom check results not being converted to lower case.
  • Fixed an issue with RAS scans failing to run due to settings not downloading to the satellite.
  • Fixed an issue with SCC scans failing with a COMPLY-FATAL result.
  • Fixed an issue with assessments failing to upgrade from the previous version.

Tanium Cloud Release Date: February 17, 2022

Enhancements

This release includes:

  • New default report for all compliance findings.
  • The ability to filter on "% compliant" for unmanaged assets.
  • A progress bar when deleting assessments.
  • A change of labels from "Credentials" to "Credentials List."
  • More flexible status if only some endpoints fail in a remote assessment.
  • Clearer indication of steps needed to update engines.
  • New "Run On-Demand Scan" option for Assessments

Bug Fixes

  • Fixed an issue with the export of findings from unmanaged assets that are missing data.
  • Fixed an issue with invalid values in "Endpoints with High Vulnerabilities" chart.
  • Fixed an issue with "Comply Viewers" users getting errors when viewing remote assessment flyout panels.
  • Fixed an issue with creating remote assessments with no filters.
  • Fixed an issue with improper capitalization of values from the "Comply - Hygiene - Vulnerability Results" sensor.
  • Fixed an issue with assessments not retaining their schedule when "Distribute Over Time" is selected.
  • Fixed an issue with "Comply - Hygiene - Product Vulnerability Results" returning values for all CVEs instead of only applicable CVEs.
  • Fixed an issue with Tanium Connect not properly filtering by Type.
  • Fixed an issue with unscored CVEs not being included in assessments.

Tanium Cloud Release Date: January 11, 2022

Enhancements

This release includes:

  • Overview page charts now click through to Findings.
  • Remote authenticated assessments now require a satellite to be selected.

Bug Fixes

  • Fixed an issue with exporting data from unmanaged endpoints using Tanium Connect.
  • Fixed an issue with scans returning NO-JRE errors after upgrade.
  • The Satellite Name column now includes the satellite name instead of a UUID.
  • Fixed issues with the "Comply - Hygiene - Vulnerability Results" sensor.
  • Fixed an issue with remote authenticated scan assessments continuing to show a Pending status.

Security Exclusions

Tanium Cloud Release Date: December 21, 2021

Enhancements

This release includes:

  • The ability to run remote authenticated scans for both compliance and vulnerability assessments. Remote authenticated scans allow users to obtain information from unmanaged and unmanageable endpoints. Remote authenticated scans take advantage of satellites. [2] Satellites are Tanium Clients that have been promoted, allowing them to run special workloads, including securely handling credentials and scanning remote networks.
  • Endpoint now uses Tanium's client extension (CX) architecture.
  • Added support for scanning Cisco (IOS, IOS-Xe, ASA) devices.
  • Added support for scanning VMware ESX and ESXi servers.
  • Added support for scanning Microsoft Windows Server 2022.
  • Added support for scanning Microsoft Windows 11.
  • Added support for MacOS 12.

Other Tanium solutions required for remote authenticated scanning

  • Tanium Direct Connect
  • Tanium Discover
  • Tanium Interact

Known Issues

  • Remote authenticated scans do not support assessment-age-based scheduling at this time.
  • After upgrade, while tools are deploying and data is migrating, it may take time for Findings to be complete.
  • System Vulnerability and System Compliance vectors in Tanium Risk may not align with Comply Findings for some endpoints until the next Assessment targeting those endpoints is complete.

Tanium Cloud Release Date: December 7, 2021

Enhancements

This release includes:

  • Changed the minimum value of the Tanium Connect - Comply (Findings) option Batch Size to be 50.

Bug Fixes

  • Fixed an issue with creating new low-resource assessments.
  • Fixed an issue with getting the following error: "TSE-Error: Error: Microsoft VBScript runtime error: This key is already associated with an element of this collection" in Findings results.
  • Fixed an issue with 504 errors appearing on the Findings page.

Tanium Cloud Release Date: November 22, 2021

Enhancements

This release includes:

  • Two new sensors, "Comply - CVE Findings - First Found" and "Comply - CVE Findings - Last Found" to be used to track when vulnerabilities were first and most-recently found. Note that to use these sensors in Connect exports, you must first configure them in Interact->Settings->Registration and Collection.
  • A new sensor, "Comply - Max Vulnerability Score", for computing the maximum vulnerability score for endpoints.
  • The ability to filter the vulnerabilities list to look for specific vulnerabilities or created/modified dates.

Bug Fixes

  • Fixed an issue with deleting imported benchmarks.
  • Fixed an issue with mismatches between the ‘Comply - Report Age’ and ‘Comply - Report Results Older Than’ sensors.
  • Fixed an issue with missing data in the ‘Tanium Comply (Assessment)’ Connect exports.
  • Fixed an issue with scheduling a stale assessment removal action for mac scans.
  • Fixed an issue with the Comply Report page not displaying the Save button after changing the Content Set.
  • Fixed an issue with the Connect Assessment plugin not returning data.
  • Fixed an issue with the `Comply - Is Vulnerable` sensor returning false negatives.
  • Fixed an issue with the CVE list flyout definitions missing the Last Modified date.
  • Fixed an issue with the Comply - Vulnerability Findings Aggregate erroneously returning "No Vulnerabilities."
  • Fixed an issue with Delete Stale Reports failing.
  • Fixed an issue with the Initial Compliance Findings grid not loading.
  • Fixed an issue with TVL Modified Date and Submit Date "ON" Filter not displaying any data.

Known Issues

  • New fields - Last Found and First Found - aren't available as columns in Connect exports.

Tanium Cloud Release Date: November 3, 2021

Enhancements

This release includes:

  • The ability to create Connect connections based on Comply reports.

Bug Fixes

  • Fixed an issue with displaying Computer Groups with apostrophes in their name.
  • Fixed an issue with 'Comply - Vulnerability CVE Search' sensor returning errors.
  • Fixed an issue where users could save reports to content sets that are not assigned.
  • Fixed an issue with '[no results]' showing as an option in the Status Category filter for Findings.
  • Fixed an issue where deleting a stale assessment did not remove results from endpoints.
  • Fixed an issue with uploading multiple benchmarks at one time.
  • Fixed an issue where exporting Vulnerability Findings to email fails.
  • Fixed an issue where editing an existing connection causes values to reset to defaults.

Tanium Cloud Release Date: September 30, 2021

Enhancement

This release includes:

  • Additional OVAL-based fields included in the Comply findings Connect source data.

Bug Fixes

  • Fixed an issue in which the vulnerability database recurring update schedule reset to the default value.
  • Fixed an issue in which the Comply assessments Connect plugin would not include offline data when the Comply action group was modified.
  • Fixed an issue in which the `Comply - Is Vulnerable` sensor would fail on Windows endpoints.
  • Improved the rendering of the Comply HTML export report in Firefox.
  • Improved minor user interface issues.

Tanium Cloud Release Date: September 13, 2021

Enhancements

This release includes:

  • Filtering of Comply findings Connect source data by computer group.
  • Additional metadata fields included in the Comply findings Connect source data.

Bug Fixes

  • Fixed an issue where target computer groups were not displayed correctly in the assessment view.
  • OVAL definition "No Vulnerability found" did not get passed to Splunk result from Connect job.
  • Improved validation messages when editing an assessment.
  • Fixed an issue which prevented vulnerability definitions from updating in scheduled assessments.
  • Fixed an issue in which the reporting privileges were pointing to old services name instead of platform services.
  • Added the description column to the compliance list page.
  • Added the benchmark version to the custom profile import.
  • Fixed an issue in which closing the Comply settings screen sent the user back to the homepage.
  • Fixed an issue in which Connect jobs using the Connect plugin would use too many resources.
  • Fixed an issue in which the Comply-provided report age sensors gave conflicting results.
  • Fixed an issue in which the "Distribute Downloads Over (Minutes)" custom setting was being applied inappropriately to some endpoints.

Tanium Cloud Release Date: August 11, 2021

Enhancements

This release includes:

  • Support for exporting remote vulnerability findings via Tanium Connect jobs.
  • A new configurable option for assessments that allows users to control whether network drives are included in scans.
  • New controls for the bulk deletion of reports.

Bug Fixes

  • Addressed a variety of cosmetic issues in the Comply workbench.
  • Improved the handling of column customizations for CVE lists.
  • Protected against duplicate report exports appearing in the Exports view.
  • Fixed an issue in which findings are missing when filtered using the "All Computers" computer group.
  • Prevented attempts to prioritize engines before they have finished uploading.
  • Fixed an issue preventing the sorting of assessments by the Next Assessment Date column.
  • Fixed an issue in which findings data was not removed after deleting a report.
  • Fixed an issue with the Change Selector control when creating a custom profile
  • Clarified the representation of file sizes for exported reports.
  • Fixed an issue in which Linux endpoints experience a delay installing engines.
  • Fixed an issue preventing the creation of the Current Compliance Exposures report for new customers.
  • Removed unexpected action groups from assessment targeting choices.
  • Fixed an issue with the Overview page handling assessments which have not yet run.
  • Fixed an inconsistency in how the Comply user interface displays pass/fail percentages for findings.
  • Fixed a logical problem with action group selection and Tanium Connect exports.
  • Fixed an issue with importing some custom profiles.

Tanium Cloud Release Date: July 16, 2021

Enhancements

This release includes:

  • A new feature that allows users to specify prioritizations for engines and configurations.
  • A new sensor, Comply - Configuration Settings, to allow users to view endpoint configuration settings.

Bug Fixes

  • Fixed issue where Comply tools failed to uninstall.
  • Fixed issue where the user is unable to deploy engines to endpoints after an error during update of the Tanium Scan Engine.
  • Fixed issue where the user cannot edit a report without "unrestricted management rights" or the maintain_management_rights setting is set to false.
  • Fixed issue where the user updates the Comply action group but the saved question associated with the assessment is not properly updated.
  • Fixed issue where the user was unable to export a report using the Comply legacy Connect plugin when the report name contained square brackets.

Tanium Cloud Release Date: June 24, 2021

Enhancements

The functions previously contained in reports have been expanded and broken out into three components: assessments, findings, and reports. Use an assessment to deploy standards to endpoints for running checks. The result or output of an assessment run on an endpoint is a finding. Findings can be filtered and sorted using multiple criteria and can be saved as reports. This allows reports to be customized and re-run using any combination of available finding data.

This release includes:

  • Improved Overview Page User Experience and improved Overview Page performance.
  • New Standards section that allows the user to manage Compliance and Vulnerability Standards
  • New Assessments section improves User Experience with creating and managing Assessments.
  • New Findings section allows a user to filter, sort, and search Compliance Findings across all Compliance Assessments and save the set of Findings as a report.
  • New Findings section allows a user to filter, sort, and search Vulnerability Findings across all Vulnerability Assessments and save the set of Findings as a report.
  • New Reports section allows a user to view the set of Findings for their reports.
  • New Configuration section allows a user to control what scan engines, JREs, and custom settings are deployed to the endpoints.
  • New Connect Plugins for Comply that allows the user to export the new Compliance Findings.
  • New Connect Plugins for Comply that allows the user to export the new Vulnerability Findings.
  • This version of Comply introduces "dark mode" for the workbench.
  • The workbench has been modified to make the user experience be more consistent with other Tanium modules.

Tanium Cloud Release Date: May 26, 2021

Enhancements

This release includes:

  • Comply now provides an option for the user to configure their Windows endpoints to run Assessments in a Low Resource Mode. This option is intended for under-resourced or high-utilization endpoints. The Low Resource Mode allows the user to limit the CPU utilization of scans on their endpoints. Running assessments in this mode will extend the duration of scans and could potentially limit the amount of detailed endpoint triage data available for those endpoints in future releases. As such, we recommend limiting the Low Resource mode to only those endpoints where necessary.
  • All compliance assessments will now be backgrounded, allowing additional time for an assessment to complete. Existing compliance reports will need to be re-deployed for these changes to take affect.
  • Comply now supports Vulnerability scanning on AIX and Solaris endpoints.
  • Add Status Category to the Comply - Compliance Findings Sensor to improve the ability to sort and search Compliance Findings.
  • When creating a vulnerability assessment, the workbench is no longer blocked waiting for the vulnerability feed to be created.
  • Display Assessment and Profile versioning in the Assessment Fly-out.
  • Added Comply Action Group information to the support bundle.
  • Added action button to the Assessment Fly-out.
  • Enhanced the Activity Timeline on the Comply Overview page to properly display overlapping events.
  • Improved scroll performance in the Assessments List
  • Created the feature to allow the user to remove "outdated assessments" from their endpoints.
  • Display empty string when CVSS Score is undefined or null.

Bug Fixes

  • Fixed issue with Default Report duplicates after upgrade.
  • Fixed issue with loading the report view.
  • Fixed issue where the comply database schema was being exposed when an error occurred.
  • Fixed issue where customer was having issue creating a custom profile.
  • Fixed numerous issues around the Comply/Patch integration links.
  • Fixed issue with spurious log messages in comply-service log.
  • Fixed issue with creating remote vulnerability assessments.
  • Fixed issue where the workbench was not properly polling the status of the airgap Tanium Vulnerability Library update.
  • Fixed issue where the preview of the number of CVEs was not properly updating when the user was creating a new vulnerability assessment.
  • Fixed the "Comply - Report Results Older Than" sensor to return correct result when there is an assessment error.

Tanium Cloud Release Date: May 24, 2021

Enhancements

This release includes:

  • Comply now supports Vulnerability scanning on AIX and Solaris endpoints.

Bug Fixes

This release includes fixes for the following issues:

  • Comply Connect connections can time out in large environments.
  • Deploying JREs to AIX endpoints fails.
  • Encrypted JREs can remain on endpoints when encryption is disabled.
  • False error displayed when creating Remote Vulnerability assessments.
  • Comply - Results Older Than sensor does not handle failed assessments.

Tanium Cloud Release Date: April 30, 2021

Enhancements

This release includes:

  • Comply now provides an option for the user to configure their Windows endpoints to run Assessments in a Low Resource Mode. This option is intended for under-resourced or high-utilization endpoints. The Low Resource Mode allows the user to limit the CPU utilization of scans on their endpoints. Running assessments in this mode will extend the duration of scans and could potentially limit the amount of detailed endpoint triage data available for those endpoints in future releases. As such, we recommend limiting the Low Resource mode to only those endpoints where necessary.
  • All compliance assessments will now be backgrounded, allowing additional time for an assessment to complete. Existing compliance reports will need to be re-deployed for these changes to take affect.

Bug Fixes

This release includes fixes for the following issues:

  • Fixed numerous issues surrounding JRE Encryption.
  • Fixed issue with the Comply Patch Pivot so that the user is not prompted for their credentials when jumping to the Patch module.
  • Updated Hygiene sensors so that they are no longer private.
  • Fixed issue where Compliance scans were failing on Ubuntu.

Tanium Cloud Release Date: March 9, 2021

Bug Fixes

This release includes fixes for the following issues:

  • Creating Vulnerability reports with the Open Ports feature fails.
  • Viewing Vulnerability report results using Open Ports fails when no machines report results.

Tanium Cloud Release Date: February 27, 2021

Bug Fixes

This release includes fixes for the following issues:

  • Improved memory performance

Tanium Cloud Release Date: February 4, 2021

Enhancement

  • Comply is now utilizing the Tanium Data Service to harvest Report Results (Findings). This enhancement provides increased performance and completeness of results for the display of Reporting data.

Bug Fixes

This release includes fixes for the following issues:

  • Fixed issue for Compliance reports not populating results data for Ubuntu, Debian and Red Hat endpoints.
  • Fixed issues for Comply module installation using the “default” module install method.
  • Fixed issues with Comply endpoint configuration targeting for Comply engines and tools.
  • Fixed issue where vulnerability solution URLs are invalid.


Tanium Cloud Release Date: January 25, 2021

Enhancements

This release includes:

  • Added support for Ubuntu 20.04 LTS in the Tanium Vulnerability Library.

Bug Fixes

This release includes fixes for the following issues:

  • Fixed issue where Comply was utilizing too much CPU during idle times.
  • Fixed issue where viewing Compliance Reports produced "Error retrieving results...".
  • Fixed issue where Engine Targeting would cause an error.
  • Fixed issue where a user with "Comply Deployment Admin" role could not manage configurations.
  • Fixed issue where Vulnerability Reports from a custom source would display "Invalid Date" for Last Modified Date.
  • Fixed issue where Export Vulnerability Report Saved Question would erroneously be re-created.
  • Fixed issue where Vulnerability Reports would display invalid solution links.
  • Fixed Comply - All Versions and Comply - JRE Installation Status sensors on Windows endpoints.
  • Fixed issue where the user could not delete a Compliance Standard.
  • Fixed issue where a Remote Vulnerability Report was missing the Next Run value.

Tanium Cloud Release Date: November 24, 2020

Enhancements

This release includes:

  • Modified the Engines Configuration page to better organize the scan engines and the JREs.
  • Using the Comply Action Group for the Coverage charts on the Overview Page.
  • Updated Quick Links to the new user experience design.
  • Modified the Benchmarks list page to provide columns that indicate whether a benchmark is Tanium certified and the status of the benchmark.
  • Added currently unsupported benchmarks to the Unsupported Benchmarks List so that a user does not attempt to use them to create a Compliance Report.
  • Updated the versions of numerous Tanium libraries.
  • Using the Aggregate By Value feature for Compliance Reports to help improve the load times of Compliance Reports with large number of endpoints.
  • Common Module Install now uses the latest Windows 10 compliance benchmark.
  • Only display reports that have run on the Overview page.
  • Include service.json in the Comply support bundle.
  • Provide feedback in the workbench when we are migrating deployments to the new Endpoint Configuration.

Bug Fixes

This release includes fixes for the following issues:

  • Fixed issue where custom check results were not being displayed in Compliance Reports.
  • Fixed issue where an error was displayed for Compliance Results using the new optimized Compliance Results Sensor.
  • Correct the Patch Pivot Link in Vulnerability Reports.
  • Fixed issue where user could not edit the Service Account.
  • Configuration Custom Settings Targeting always shows as None.
  • The Comply - Coverage Status Details sensor was not working on Red Hat Linux endpoints.
  • Renewed the configuration event trigger so that the configuration check does not expire after 7 days.
  • Added resilience around downloading the latest Certified Benchmarks to make Common Module Install more resilient to network failures.
  • Fixed issue where editing a report's start time was not being saved.
  • Ensured that the first found and last found dates are included when exporting found vulnerabilities.
  • Fixed issue where a malformed or empty lock file on a Windows endpoint caused scans to not run.
  • Prevented loopback address in remote vulnerability custom sources.
  • Added "No Results Reported" for compliance reports and "No Endpoints Scanned" for vulnerability reports that have not run yet.
  • Fixed issue where Common Module Install would fail for Comply if Tanium Client Management was not installed first.
  • Fixed issue where Charts on the Overview page did not appear after upgrade.

Tanium Cloud Release Date: November 17, 2020

Enhancements

This release includes:

  • Modified the Engines Configuration page to better organize the scan engines and the JREs.
  • Using the Comply Action Group for the Coverage charts on the Overview Page.
  • Updated Quick Links to the new user experience design.
  • Modified the Benchmarks list page to provide columns that indicate whether a benchmark is Tanium certified and the status of the benchmark.
  • Added currently unsupported benchmarks to the Unsupported Benchmarks List so that a user does not attempt to use them to create a Compliance Report.
  • Updated the versions of numerous Tanium libraries.
  • Using the Aggregate By Value feature for Compliance Reports to help improve the load times of Compliance Reports with large number of endpoints.
  • Common Module Install now uses the latest Windows 10 compliance benchmark.
  • Only display reports that have run on the Overview page.
  • Include service.json in the Comply support bundle.

Bug Fixes

This release includes fixes for the following issues:

  • The Comply - Coverage Status Details sensor was not working on Red Hat Linux endpoints.
  • Renewed the configuration event trigger so that the configuration check does not expire after 7 days.
  • Added resilience around downloading the latest Certified Benchmarks to make Common Module Install more resilient to network failures.
  • Fixed issue where editing a report's start time was not being saved.
  • Ensured that the first found and last found dates are included when exporting found vulnerabilities.
  • Fixed issue where a malformed or empty lock file on a Windows endpoint caused scans to not run.
  • Prevented loopback address in remote vulnerability custom sources.
  • Added "No Results Reported" for compliance reports and "No Endpoints Scanned" for vulnerability reports that have not run yet.


Tanium Cloud Release Date: October 28, 2020

Bug Fixes

  • Upgraded @tanium/core-cli to 6.2.0.
  • Coverage status sensor reports "Unsupported" for containers and old clients.
  • Return valid GRI if we timeout waiting for GRI to Stabilize.
  • Renamed old log files.
  • Fixed Use Default Targeting operation.
  • Added new module registration.
  • Updated the Show Comply privilege to include Trends API source read and Trends API board read.

Other Enhancements

  • Downgraded @tanium/core-service to 3.4.4-rc.6
  • Bumped Tanium dependencies (#3562)
  • IT Hygiene Content (#3530)
  • Included service.json in support bundle.
  • Upgraded Dompurify to the latest version to solve security issue.


Tanium Cloud Release Date: October 13, 2020

This release includes:

  • A refreshed user experience, bringing more reporting, consistency, and configurability to the forefront.
  • A new endpoint configuration framework, replacing the actions and packages formerly used to configure endpoint tooling.

Known Issues

Does not work with IE 11. This will be fixed in an upcoming release.


Tanium Cloud Release Date: October 8, 2020

Bug Fixes

  • Repackage JREs and update endpoint configs on JRE setting change
  • Removed Distribute Over Time field from targeting modal
  • Better Aligned CVE Solution Links in Vulnerability Reports
  • Improved Engine cache package cache wait
  • Enabled toggling JRE encryption in both directions
  • Fixed non-CMI ECF bootstrap execution
  • Fixed the z-index of the check all checkbox
  • Fixed the tooltips for the Upload Vulnerability IDs Modal
  • Fixed Error Notifications from Using Different Roles
  • Removed the force_computer_id_flag from the SQs that have multiple sensors as it was causing the importer to think that the SQs on import are different.
  • De-duplicate names in connect export columns
  • Allowed the user to set the Distribute Over Time to zero.
  • Removed deployment-related notifications
  • Ensured all_computers_flag set for default targeting
  • Separated CMI from services bootstrap; Prevent concurrent executions
  • Removed 'Comply - Remove Tools [*]' packages on upgrade

Other Enhancements

  • Increased DOT to 48 hours
  • Report Spinner Style Adjustments
  • Updated module icon
  • Added 128 MB to JVM heap size options
  • Added Configuration section to home page
  • Added 'Create' button to the TVL source line
  • Added Modal to Display TVL Initialization
  • Added time of day to report run times
  • Gracefully fallback if trends charts cannot be displayed
  • Modified the frequency of the Overview Chart Questions
  • Added all SLES ans openSUSE O/S versions
  • Retry download of uncached engine files
  • Removed old deployments API call
  • Added better progress display for Compliance and Remote Vulnerability Reports
  • Added the endpoint configuration use api privilege
  • Added tool initialization state to Coverage Status
  • Clear the JAVA_TOOL_OPTIONS environment variable
  • Added a check to know if we are done waiting for the results even if the results are empty
  • Increased expire seconds on aggregate SQs
  • Included policy-based deployments in ECF migration
  • Deleted deployment-related service/content components
  • Added more meaningful message when no patches are applicable


Tanium Cloud Release Date: September 15, 2020

Bug Fixes

  • Show the next run time in Edit Report Modal
  • Fix the breadcrumbs on the Angular pages to match the React pages
  • Fix pulling data for the Comply - Managed Endpoints Saved Question
  • Fix Linux Comply - Has High Vulnerabilities
  • Include general category in config approval banner
  • Add metadata for endpoint config pending changes
  • Fix the Tanium spinner placement on the Report Results pages

Other Enhancements

  • Added "maintain_management_rights" setting. This is set to false by default. When this is set to true, the management rights of a report's original creator are preserved when the saved action for the report is recreated.
  • UX feedback on the Configuration page
  • Allow multiple retries to upload files to the tandem server
  • Keep old scan results until a new scan is completed
  • Bucket TSE-Errors as Error Label on Trends charts
  • Migrate existing deployments to Endpoint Configuration
  • Add "Select All" check box to the Update Vulnerability reports page.
  • Upgrade endpoint config client and usage
  • Bump trends-client version

Tanium Cloud Release Date: September 3, 2020

Bug Fixes

  • Connect Exports now include endpoints with empty results
  • Add Next Run for the recurring Reports
  • Increase the Data Collection Frequency of Trends Saved Question Sources
  • Keep user from mistakenly submitting multiple engine configurations
  • Engine Configuration Modal now displays existing values

Other Enhancements

  • Rename Endpoint Configuration to Configuration
  • Rename Engine Configuration to Engines
  • Rename General Configuration to General Settings
  • Made Remote Profile headings consistent
  • New Compliance Exposure Overview Chart
  • New Vulnerability Findings Overview Chart

Tanium Cloud Release Date: September 2, 2020

Bug Fixes

  • Fix the lodash imports to reduce Webpack Bundle Size
  • Fix Compliance Report Advanced Filtering using Groups
  • Make the Angular notification bar match the react notification bar
  • Remove external font artifact
  • Fix issue related to editing an existing vulnerability source.

Other Enhancements

  • Upgrade core-ui dependencies to fix bluestar blockers
  • Reduce notifications retrieval to a single API call
  • Modify endpoint scripts to prefer Joval-Utilities over joval4tanium
  • Use a tabbed view for multiple benchmarks in a Compliance Report
  • Add Trends Data Read to all roles
  • Add visibility group dropdown to Vulnerabilities chart on the Overview Page
  • Add New Compliance Exposure Score Sensor to support the Overview Page Charts
  • Add New Vulnerability Findings Sensor to support the Overview Page Charts
  • Bump @tanium/interface to v2.3.0
  • Change RBAC on Setup-Compliance and Setup-Vulnerability pages
  • Increase performance of display the list of reports on the Overview and Report List pages

Tanium Cloud Release Date: August 21, 2020

Bug Fixes

  • Improved performance when loading large question result sets.
  • Retrieving paged question result sets can fail under high volume.
  • Improved performance of Comply home page.
  • Added High Vulnerabilities sensor to support Comply trends metrics.
  • Comply Coverage Trends Board description updated.
  • Removed unnecessary info from some Tanium API responses.
  • Custom checks not executing on Solaris.

Tanium Cloud Release Date: July 14, 2020

Bug Fixes

  • Report list loading performs too many API calls.
  • Reports created by default configuration could to run too close together.
  • Default configuration resilient to download errors.
  • Vulnerability HTML export chart incorrect.
  • Report Reviewer role unable to view reports created by default configuration.
  • Compliance report summary not loading on Homepage.
  • Custom Vulnerability Source UI missing source/upload dialog.
  • Remote Vulnerability report shows as 'Never' last run.
  • Outdated Reports notification applies to unscheduled reports.

Other Enhancements

  • Improved Homepage loading time.
  • Normalize Coverage Trends metrics for cross-product consistency.
  • Hide report Question percentage when threshold reached.
  • Improved handling/logging of Permissions errors.
  • Improved logging for homepage API operations.
  • Ability to set logging level through workbench settings.