: Set up Tanium for Integration
Focus
Focus

Set up Tanium for Integration

Table of Contents

Set up Tanium for Integration

Set up Tanium for integration through Cortex XSOAR with IoT Security.
When Cortex XSOAR connects to the Tanium API, XSOAR must authenticate itself by presenting valid user login credentials. XSOAR can use credentials for an existing user account or you can create a new account for it to use.
  1. Create a user account for XSOAR to use when accessing the Tanium API.
    1. Log in to the Tanium server and, at the top of the main page, select AdministrationUsers.
    2. Click New User, enter the following, and leave the other fields at their default values:
      User Name: Enter a user name such as cortex-xsoar
      Roles: Click Manage Roles, choose API Gateway User, and then Apply.
  2. Set up user authentication for the user account.
    An on-premises Tanium server supports both local and external user authentication methods. A cloud-based Tanium server supports external authentication. Use one of the following methods to authenticate Cortex XSOAR when it connects to the Tanium API:
    External user authentication for cloud and on-premises deployments
    • LDAP server – See integrating with LDAP servers.
    • Security Assertion Markup Language (SAML) Identity Provider (IdP) – See integrating with a SAML IdP.
    • (Windows only) Active Directory server for the domain to which the Tanium server is joined.
    • (Windows only) Windows authentication for accounts that are defined locally on a Tanium Server. The user passwords are stored in the Windows user database, not in the Tanium database.
    Local user authentication for on-premises deployments