The Tanium documentation identifying recognized and trusted IOC streams must be maintained.
Overview
Finding ID
Version
Rule ID
IA Controls
Severity
V-254887
TANS-AP-000130
SV-254887r960804_rule
Medium
Description
Using trusted and recognized IOC sources may detect and prevent systems from becoming compromised. An IOC stream is a series or stream of IOCs that are imported from a vendor based on a subscription service. An IOC stream can be downloaded manually or on a scheduled basis. The items in an IOC stream can be separately manipulated after they are imported.