IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.

Tanium Cloud Release Notes SBOM

From Tanium Knowledge Base
Jump to navigation Jump to search


Product Documentation and Resources

Release Date: April 10, 2026

Improvements

  • Upgraded various third-party libraries to newer versions.


Release Date: March 24, 2026

Improvements

  • Upgraded various third-party libraries to newer versions.


Release Date: February 19, 2026

Improvements

  • Added Package to Reset the SBOM Database on endpoints.
  • Upgraded various third-party libraries to newer versions.


Release Date: August 21, 2025

Improvements

  • Upgraded various third-party libraries to newer versions.


Release Date: June 5, 2025

Improvements

  • Upgraded various third-party libraries to newer versions.

Resolved Issues

  • Fixed errors with application library sensors.

Release Date: March 27, 2025

Improvements

  • Upgraded various third-party libraries to newer versions.


Date: November 21, 2024

Known Issues

  • GOLANG Library Scans causes Software Manager CX to Crash on Windows 7 Endpoints

Symptoms

  • When a user deploys an SBOM scan Profile for GOLONG Libraries on a Windows 7 Endpoint the Software Manager Client Extension will crash.

Cause

  • GOLANG in their latest release has dropped support for Windows 7.

Affected Modules

  • Tanium Asset
  • Tanium Comply

Resolve this issue

  • Tanium Clients on Windows 7 Endpoints will not trigger scans for GOLANG Libraries regardless of the SBOM Profile created. Other SBOM Ecosystems are unaffected and will scan as configured in the associated Profile.


Release Date: September 18, 2024

Security Update

  • This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium's Community site, or by contacting support.

Release Date: August 29, 2024

Security Update

  • This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium's Community site, or by contacting support.

Release Date: March 5, 2024

Improvements

  • Enable Content Management

Security Update

  • This release includes security updates. Details of the issue, including affected versions, and mitigation information, can be obtained within Tanium's Community site, or by contacting support.

Release Date: May 25, 2023

Issues Resolved

  • Minor Bug Fixes

Improvements

  • Updates to SBOM User Roles to show or hide Asset SBOM Menus

Release Date: February 21, 2023

Improvements

  • Updated the search criteria for OpenSSL in static-libs binaries
  • Updated SBOM to use Asset Software Manager CX and Index CX as the basis for discovering packages and libraries, deprecating the need for the 3rd party tool
  • Added profiles in Asset for configuration of Index CX
    • Allows for scans based upon computer groups
    • Added the ability to make index query size configurable
    • Added the ability to add index scan timing options

Currently Supported OS's and Binaries

Supported OS’s

  • MacOS x86_64 and arm64
  • Linux x86_64 and aarch64
  • Windows x86_64

Supported Binaries

  • Java (JAR,PAR,SAR,WAR,EAR,JHI,JPI,LPKG)
  • JavaScript (Node, NPM)
  • Python
  • PHP (Compose)
  • Ruby (GEM)
  • Go binary files
  • Native binary files

Release Date: December 1, 2022

Improvements

  • Added additional functionality to discover more known OpenSSL on Windows devices.
  • Reduced logging requirements, cleanup mechanism of historical logs, and improved logging functionality.
  • Reduced overall SBOM Storage requirements and cache size.

Issues Resolved

  • Resolved an issue where cache file removal would cause an error.
  • Resolved multiple performance issues with the sensor collection speed, disk usage, and overall processing improvements based upon customer feedback.
  • Resolved some performance issues with sensors.
  • Resolved an issue with cache.py not creating a cache folder.

Release Date: October 31, 2022

Improvements

  • Added the ability to search for information about OpenSSL libs.
    • New Saved Questions.
    • New Interact Dashboard.
    • Updated Gather SBOM Data to allow a choice for OpenSSL.
  • Added details to the Interact Dashboard called SBOM Reports that uses saved questions to display latest gathered details for specific vulnerabilities.

Issues Resolved

  • Fixed an issue where One-Drive files were being indexed and shouldn't.
  • Fixed issues where SBOM Results Age sensor showing wrong values.
    • When the SBOM gather is in progress, value would show as 99999, it will now show correct values if the gather is running.
    • Linux endpoints would not display the correct value at all.

New Supported Binaries

  • OpenSSL Shared Libraries

New Packages

  • Store SBOM Support Data

New Saved Questions

  • SBOM Report: apache-commons-text
  • SBOM Report: openssl

New Dashboards

  • SBOM Reports

Release Date: October 17, 2022

Information

SBOM = Software Bill of Materials. It is the ability to gather details against installed software packages in items like JAR files, JSON, GO, etc... The SBOM is a lot like an ingredients list on the back of a food package, listing out all of the different items that make up the software package you installed.

The initial use case with this version is to be able to identify all the associated libraries, versions, and ecosystems as they related to software binaries before there is an issue. We can determine where log4j exists in your fleet. As an example, is it in use on an endpoint, and if so, create reports based upon that data and provide it to the appropriate teams. When the next issue arises, a quick review of all the SBOM details will allow a customer to hunt for these issues without having to wait the 3 days to a week for the off the shelf software to say they use that library.

Supported OS’s

  • MacOS x86_64 and arm64
  • Linux x86_64 and aarch64
  • Windows x86_64

Supported Binaries

  • Java (JAR,PAR,SAR,WAR,EAR,JHI,JPI,LPKG)
  • JavaScript (Node, NPM)
  • Python
  • PHP (Compose)
  • Ruby (GEM)
  • GoLang-Binaries

Sensors

  • SBOM Deployment Details
  • SBOM Has Results
  • SBOM Discovered Packages
  • SBOM Discovered Package Filtered By
  • SBOM Discovered Package Information Filtered By
  • SBOM Discovered Package Information For CPE
  • SBOM Discovered Package Information For Name
  • SBOM Discovered Package Stats
  • SBOM Results Age

Packages

  • Clear SBOM Cache
  • Distribute SBOM Tools
  • Distribute SBOM Tools - Linux
  • Distribute SBOM Tools - MacOS
  • Distribute SBOM Tools - Windows
  • Gather SBOM Data
  • TEMPLATE - Upload SBOM Data
  • TEMPLATE - Upload SBOM Support Data
  • Uninstall SBOM

Saved Questions

  • SBOM Deployment Details
  • SBOM Report: log4j-core
  • SBOM Report: spring-beans
  • SBOM Report: struts
  • SBOM Results Hours Old
  • SBOM Tools Deployment Required

Dashboards

  • SBOM Reports
  • SBOM Status