Virtual Self-Service Labs

Peruse the list of Virtual Self-Service Labs being offered during PKO below.
Use the filters to narrow down which best fit your needs and expertise.

Virtual Self-Service Labs can be taken at your own pace. Access to selected Lab environments will be granted according to your respective time zone. Please refer to the Agenda to see when it will be available to you. 

Description Difficulty Modules More Info
Automating Workflows with the Tanium REST API

This session will begin with an overview of the Tanium API and then do a deeper dive into automating security and operational workflows using PowerShell script.

Pre-Reqs: Working knowledge of PowerShell scripts is recommended, but not required

Intermediate-AdvancedCore, Threat Response, Reputation
Get Started Leveraging the Tanium Platform and Module REST APIs Quickly with the TanREST PowerShell Module

In this lab you will learn how to set up the TanREST module, find the API docs and create some example workflows to familiarize yourself with the tools available.

Pre-Reqs: None

IntermediateCore, Deploy, Interact
Integrate Tanium with ServiceNow to Make Your CMDB Actual and Complete

Companies are changing every day and there is great need to have valuable IT workflows. The reality is often that there is a lack of decision making data in the CMDB. This will block the automation part of the workflows. The foundation to solve this issue is to get the CMDB data accurate and actual. 

In this lab, we will cover Tanium Asset and Discover as the source for an automated ServiceNow CMDB. First, to see the capabilities in Tanium and second, how to setup the integration with the market leading ServiceNow IT workflow platform. The last part of this lab will cover the standard available integrations with Security Operations and Vulnerability Management to show the art of possibility between both platforms. Dreams become reality! 

Pre-Reqs: Administrative knowledge of Tanium; basic administrative knowledge of ServiceNow. Attendees will need to have access to a ServiceNow developer instance, which can be requested at developer.servicenow.com prior to PKO. 

IntermediateAPI Gateway, Asset, Comply, Connect, Discover
It's Coming from Inside the House: On the Hunt for Insider Threats with Tanium

The sequel to a much-loved story of a young hunter looking to find and destroy the malodorous and malicious threat within the network -- this year, our hunter is seeking insider threats! 

We will review hunting techniques and walk through a Malicious Insider Kill Chain, as well as signs of accidental or negligent behaviors that compromise security. Hands on labs will leverage Threat Response and Reveal to detect malicious and negligent behavior as well as utilize Impact and Enforce to mitigate future risk from an insider threat. 

Pre-Reqs: Intermediate Security experience; Familiarity with Tanium Core; Prior Tanium Threat Response experience recommended, but not required 

AdvancedImpact, Reveal, Threat Response, Integrity Monitor
Learning How to Defend Against Threats with Tanium Before a Real Attack

This lab will focus on using Tanium to respond to attacks, and reduce attack surface, by combining Tanium and Threat Emulation. Students will understand a given attack scenario at a high level and identify/implement remediations accordingly. Remediations will focus on reducing the attack surface by applying appropriate security controls and mitigations.


Pre-Reqs: Basic Tanium experience; Cybersecurity background helpful, but not required

Intermediate-AdvancedEnforce, Impact, Threat Response
Setting the Curve: How to Improve Your Marks and Reduce Enterprise Risk with Tanium Benchmarks

In this lab, students will observe how Tanium Benchmark provides unique insights into security program effectiveness, enterprise security hygiene, vulnerability and patch management programs, and endpoint risk via organizational metrics and industry comparisons. Students will be able to examine new ways to compare their organization's metrics and real-time risk posture against other customers in their industry to see how they stack up. Additionally, this lab also introduces new capabilities to dynamically define asset criticality levels on Tanium endpoints to focus on the most important endpoints first in critical enterprise workflows such as investigation and remediation. 

Pre-Reqs: This course is intended for new and experienced Tanium users who are ready to expand their knowledge of Tanium Benchmarks module and its metrics and risk scoring capabilities. 

Beginner-IntermediateComply, Impact, Patch, Reveal, Risk
Tanium Basics: Leveraging the Power of Certainty

Intended for both new users and those looking to increase their Tanium knowledge, this lab introduces learners to the Tanium Platform and core functions including questions, sensors, packages, saved questions, dashboards, categories, analyzing trends, actions, action groups and more.

Pre-Reqs: None

BeginnerConnect, Core, Interact, Trends
Tanium: Better Together with Microsoft on a Security Level

In this session, students will be afforded the opportunity to leverage Microsoft Defender to generate alerts in Tanium Threat Response. From there, we will dig deeper, integrating with Microsoft Sentinel to further investigate, remediate and take action on the endpoint.

Pre-Reqs: A security mindset would be helpful, but all practitioners are welcome

IntermediateAsset, Comply, Core, Deploy, Enforce, Patch, Threat Response
Vulnerability Identification, Remediation, and Reporting with Tanium

In this lab, attendees will be given an overview into the entire life cycle of vulnerability management. 

In part 1, we will review best practices for configuring Vulnerability scans in Tanium Comply, including scan frequency and low resource configurations. In part 2, we will look at an automated patching strategy that allows for a W0-W4 monthly patching cadence and makes handling patching exceptions exceptionally easy. Lastly, in part 3, we will walk through configuring KPI reports to show vulnerability posture and patching efficacy using Tanium Data. 

Pre-Reqs: None 

IntermediateComply, Patch, Tanium Reporting Service
Weaving Endpoint Data Into Reporting Gold with API Gateway

Tanium Data Service and Tanium Reporting are two powerful tools in Tanium, but users and developers need the right tool to weave that raw data into reporting gold. 

Using API Gateway as the needle, you can pull from TDS data spools and spin the thread into meaningful patterns in Reporting. Tanium's API Gateway can cover the whole end-to-end tasks for automating data operations. 

In this session, attendees will learn how to use a number of tools to create a customized report and then get that data out of Tanium and into your other tools (in multiple ways). 

Pre-Reqs: Basic knowledge of Tanium and its capabilities; Python or scripting knowledge will be helpful, but not required 

IntermediateAPI Gateway, Connect, Tanium Reporting Service