>
    Strata Copilot
    Set up Tanium for Integration
    Focus
    Download PDF
    Focus
    1. Home
    2. Device Security
    3. Device Security Integration Guide
    4. Endpoint Protection
    5. Integrate Device Security with Tanium
    6. Set up Tanium for Integration
    Download PDF
    Device Security

    Set up Tanium for Integration

    Table of Contents

    Set up Tanium for Integration

    Set up Tanium for integration through Cortex XSOAR with Device Security.
    Where Can I Use This?What Do I Need?
    • Device Security (Managed by Strata Cloud Manager)
    • (Legacy) IoT Security (Standalone portal)
    One of the following subscriptions:
    • Device Security subscription for an advanced Device Security product (Enterprise Plus, Industrial OT, or Medical)
    • Device Security X subscription
    One of the following Cortex XSOAR setups:
    • A free, cohosted, limited-featured Cortex XSOAR instance
      AND
      A Cortex XSOAR Engine (on-premises integration)
    • A full-featured Cortex XSOAR server
    When Cortex XSOAR connects to the Tanium API, Cortex XSOAR must authenticate itself by presenting a valid API token. Create a new account for Cortex XSOAR to use. The API token for Cortex XSOAR should be unique, and not used by other processes.
    If you created any Tanium integration instances before October 2025, you need to create new Tanium API tokens, and then recreate your integration instances to use the API tokens for authentication.
    Before October 2025, the Device Security and Cortex XSOAR integration with Tanium used a username and password for authentication to Tanium. However, Tanium updated their API access to require an API token instead of direct authentication.
    1. Log in to Tanium as a user with administrator privileges and create a Tanium persona for Gateway access.
      For Cortex XSOAR to integrate with Tanium through the Tanium API, Cortex XSOAR needs access to a user account with Tanium Gateway permissions.
    2. Create a Tanium user account for Cortex XSOAR to use when accessing the Tanium API.
      When creating the user for Cortex XSOAR, assign the Tanium persona role with Gateway access that you created in the previous step.
    3. Switch to the Tanium user account for Cortex XSOAR and follow the instructions to create an API token.
      Tanium API tokens have expiration intervals. If you plan to create a recurring job for Device Security and Cortex XSOAR to poll Tanium for information, you should increase the expiration interval so that your recurring job can run smoothly.
      After you create your API token, save it somewhere secure as you will need it to Set up Device Security and XSOAR for Tanium Integration.

    © 2025 Palo Alto Networks, Inc. All rights reserved.