A client was recently encountering an issue at scale that required a lot of Windows Event log sleuthing. More sleuthing than I was comfortable with, honestly. Windows Event Logs are a goldmine of diagnostic data. They’re also a challenge to wield at scale if you haven’t given your pound of flesh to the likes of […]
I was reviewing the Provision Quick Start: Install, Configure, and Test article for a client engagement when I noticed an interesting little tidbit: Currently, checking if bundle content has downloaded is a manual process. (Sensors are planned to improve this process). The bundle content is downloaded into the TC\Tools\Provision\Cache folder. I was shocked. Appalled even. […]
Hello Again All, The PowerShell Deployment Automation Toolkit has now been updated to 0.5.5. Update 0.5.5 brings support for Tanium Patch automation and a new class; SinglePatchlistWithPost. Each Tanium Patch catalog item defined for this class can have an indefinite number of defined rings each with their own patch list to be deployed with a […]
This post is the third entry of a multi-part series that will teach users how to dynamically target endpoints for administrative activity by leveraging questions and actions issued via the Tanium API. The plan for the series is as follows: Starting the Conversation – Asking basic questions via the Tanium API Taking Action – Issuing […]
This post is the second entry of a multi-part series leading toward dynamically targeting endpoints for administrative activity by leveraging questions and actions issued via the Tanium API. The plan for the series is as follows: Starting the Conversation – Asking basic questions via the Tanium API Taking Action – Issuing basic Actions via the […]
This post is the first entry of a multi-part series leading toward dynamically targeting endpoints for administrative activity by leveraging questions and actions issued via the Tanium API. Each new post will introduce some concepts of increasing difficulty and is intended for those with intermediate PowerShell and Tanium knowledge that want to begin leveraging the […]
Ops teams perpetually exist between a rock (Users) and a hard place (InfoSec). Workstations require ongoing deployments to receive new configurations, software, and updates but doing so too aggressively causes an uproar. To avoid this, Ops teams tend to deploy in the evenings to systems that are online. Unfortunately, many users have a tendency to […]
Performing in-place upgrades on the Windows operating system is routine now. Many of us have bemoaned the 2-year support cycle for Windows 10 but upgrades became a regular event. Windows 11 presents some greater challenges given the broader context of supply chain issues affecting many industries worldwide. Windows 11 requires elements such as TPM 2.0 […]
Let’s face it; interacting with user space from the System context is not always the easiest thing to do in the Windows world. There are a lot of hacky, inconsistent, frustrating ways to get the job done but I want things to be simple. I want a common format, basic images, some basic button functionality, […]
Hello Again All, It has been a while since I updated the toolkit so I wanted to make this a good one. 0.0.1 was a decent start but it was more of a proof-of-concept than anything else; I wanted to demonstrate what is possible with TanREST and the Tanium platform but I knew that my […]