Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/26/2015
09:52 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tanium Unveils New Forensics Capability For Incident Response

New innovation within industry-leading platform dramatically accelerates investigations across millions of endpoints in seconds; only platform to bridge Security and IT Operations for closed-loop endpoint security

EMERYVILLE, Calif. – June 25, 2015 - Tanium, the company that has redefined security and systems management, today announced the availability of Tanium Trace, a new module of the Tanium Endpoint Platform that takes the speed and scale of the platform even further by helping organizations quickly and completely understand the origin, scope and cause of a cyber attack across millions of endpoints in seconds.

Investigating the mountain of alerts generated by security tools is a taxing process that can easily take already overburdened incident response teams days, weeks or even months. This lack of insight often leaves teams with no other option than to rebuild all potentially compromised systems before the investigation is completed. This is not only costly and time consuming, but also leaves organizations at risk of having a larger breach go undetected. Tanium Trace dramatically accelerates the identification of malicious activity and arms incident response teams to more accurately, quickly and completely scope incidents before a brand-damaging and costly security breach occurs.

Tanium Trace fixes this previously broken model by arming incident response teams with visibility to take an initial lead, quickly search, filter and visualize forensic data, and quickly piece together the puzzle about what happened on an endpoint within a given timeframe. By continuously recording system activity at a level of detail not captured by other tools, Tanium Trace not only accelerates in-depth historical analysis on a single endpoint but also leverages the same data to instantly identify compromised systems enterprise-wide in seconds. In addition, after an incident is properly scoped, the Tanium platform can execute remediation actions, such as quarantining a machine or deploying a patch, at scale within seconds.

With the addition of Tanium Trace, Tanium is the only platform that enables a closed-loop process for endpoint security – spanning detection, investigation, remediation and ongoing enforcement of IT security across the organization – with unprecedented speed and scale. This is truly transformational, as it breaks down the silos between Security and IT Operations that can stall security and introduce business risk. With Tanium, for the first time, Security and IT Operations teams have shared visibility into security issues and can more effectively collaborate to detect, investigate, remediate and build good security hygiene into ongoing IT operations processes.

“There are four key questions that incident response teams need to answer quickly and confidently during an investigation: What happened? Where did it happen? How did it happen? Is it still happening? Before Tanium, it was not possible to get all of this information in the timeframe required to stay ahead of attacks,” said Ryan Kazanciyan, Chief Security Architect at Tanium. “Tanium completely changes the game. Through my own experience working on countless investigations, Tanium Trace will not only save incident response teams thousands of investigative hours, but will also make the entire security process more effective and reliable.”

“Tanium Trace enables us to automate the application of new threat intelligence to historical activity in our clients' environments, delivers a rich set of data for statistical anomaly detection, and provides our incident response teams with a high fidelity view of a threat actor's digital footprints in order to dramatically reduce containment times,” said Kris McConkey, Cyber Security Partner at PwC.

ABOUT TANIUM

Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control and manage millions of endpoints across the enterprise within seconds. Serving as the “central nervous system” for enterprises, Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current and historical state and execute change as necessary, all within seconds. With the unprecedented speed, scale and simplicity of Tanium, organizations now have complete and accurate information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of cost efficiency in IT operations. Visit us at www.tanium.com or follow us on Twitter at @Tanium.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20027
PUBLISHED: 2021-06-14
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
CVE-2021-32684
PUBLISHED: 2021-06-14
magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. In versions 1.5.1 and 1.5.2, after changing the function from synchronous to asynchronous there wasn't implemented handler in the start, stop, exec, an...
CVE-2021-34693
PUBLISHED: 2021-06-14
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-27887
PUBLISHED: 2021-06-14
Cross-site Scripting (XSS) vulnerability in the main dashboard of Ellipse APM versions allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim’s browser. This issue affects: Hitachi ABB Power Grids ...
CVE-2021-27196
PUBLISHED: 2021-06-14
Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the...