Startup Tanium Adds Security Smarts to System Management Platform
Systems management startup Tanium has expanded into the security space with a new platform component that can help enterprises detect cyberattacks across numerous endpoints, replacing what’s typically a time-consuming process with fast and accurate results, the company said.
July 8, 2015
Systems management startup Tanium has expanded into the security space with a new platform component that can help enterprises detect cyberattacks across numerous endpoints, replacing what’s typically a time-consuming process with fast and accurate results, the company said.
Tanium Trace—a new module in the Emeryville, California-based company’s Tanium Endpoint Platform—helps organizations quickly and comprehensively understand the origin, scope and cause of cyberattacks across millions of endpoints in seconds, company said in a press release.
The Tanium Endpoint Platform acts as a network’s central nervous system, giving enterprises the ability to control, manage and secure myriad endpoints simultaneously. Using the platform, IT operations and security teams can ask questions about the state of the enterprise in plain English, retrieve data on the network’s current as well as historical state, and execute changes as necessary, all in a timely fashion, according to the company.
Tanium Trace now adds a new security level to the platform by giving an enterprise a way to respond to attacks quickly before they do damage, the company said.
When a network is attacked, it generally sets off a number of alerts and warnings across various security tools across the enterprise. Making sense of these alerts and putting together what happened where can take weeks or even months for incident-response teams. This sometimes results in a lot of unnecessary work to rebuild and repair systems just to be on the safe side before the investigation is even complete, according to Tanium.
This is where the company’s Trace software can help, accelerating the identification of malicious activity and providing incident-response teams with information to assess attacks before a widespread security breach occurs.
“There are four key questions that incident response teams need to answer quickly and confidently during an investigation: What happened? Where did it happen? How did it happen? Is it still happening?” said Tanium’s Chief Security Architect Ryan Kazanciyan in the release. “Before Tanium, it was not possible to get all of this information in the time frame required to stay ahead of attacks.”
Tanium Trace, however, “completely changes the game,” he said. “Through my own experience working on countless investigations, Tanium Trace will not only save incident response teams thousands of investigative hours, but will also make the entire security process more effective and reliable,” Kazanciyan said.
Specifically, Tanium Trace continuously records system activity at a detailed level, providing visibility into forensic data about attacks so it can be quickly searched, filtered and visualized. This allows an incident to quickly be scoped and for Tanium’s system-management platform to take remediation actions, such as quarantining a machine or deploying a patch to cover the scale of the breach within seconds.
About the Author
You May Also Like