Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/26/2015
09:52 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tanium Unveils New Forensics Capability For Incident Response

New innovation within industry-leading platform dramatically accelerates investigations across millions of endpoints in seconds; only platform to bridge Security and IT Operations for closed-loop endpoint security

EMERYVILLE, Calif. – June 25, 2015 - Tanium, the company that has redefined security and systems management, today announced the availability of Tanium Trace, a new module of the Tanium Endpoint Platform that takes the speed and scale of the platform even further by helping organizations quickly and completely understand the origin, scope and cause of a cyber attack across millions of endpoints in seconds.

Investigating the mountain of alerts generated by security tools is a taxing process that can easily take already overburdened incident response teams days, weeks or even months. This lack of insight often leaves teams with no other option than to rebuild all potentially compromised systems before the investigation is completed. This is not only costly and time consuming, but also leaves organizations at risk of having a larger breach go undetected. Tanium Trace dramatically accelerates the identification of malicious activity and arms incident response teams to more accurately, quickly and completely scope incidents before a brand-damaging and costly security breach occurs.

Tanium Trace fixes this previously broken model by arming incident response teams with visibility to take an initial lead, quickly search, filter and visualize forensic data, and quickly piece together the puzzle about what happened on an endpoint within a given timeframe. By continuously recording system activity at a level of detail not captured by other tools, Tanium Trace not only accelerates in-depth historical analysis on a single endpoint but also leverages the same data to instantly identify compromised systems enterprise-wide in seconds. In addition, after an incident is properly scoped, the Tanium platform can execute remediation actions, such as quarantining a machine or deploying a patch, at scale within seconds.

With the addition of Tanium Trace, Tanium is the only platform that enables a closed-loop process for endpoint security – spanning detection, investigation, remediation and ongoing enforcement of IT security across the organization – with unprecedented speed and scale. This is truly transformational, as it breaks down the silos between Security and IT Operations that can stall security and introduce business risk. With Tanium, for the first time, Security and IT Operations teams have shared visibility into security issues and can more effectively collaborate to detect, investigate, remediate and build good security hygiene into ongoing IT operations processes.

“There are four key questions that incident response teams need to answer quickly and confidently during an investigation: What happened? Where did it happen? How did it happen? Is it still happening? Before Tanium, it was not possible to get all of this information in the timeframe required to stay ahead of attacks,” said Ryan Kazanciyan, Chief Security Architect at Tanium. “Tanium completely changes the game. Through my own experience working on countless investigations, Tanium Trace will not only save incident response teams thousands of investigative hours, but will also make the entire security process more effective and reliable.”

“Tanium Trace enables us to automate the application of new threat intelligence to historical activity in our clients' environments, delivers a rich set of data for statistical anomaly detection, and provides our incident response teams with a high fidelity view of a threat actor's digital footprints in order to dramatically reduce containment times,” said Kris McConkey, Cyber Security Partner at PwC.

ABOUT TANIUM

Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control and manage millions of endpoints across the enterprise within seconds. Serving as the “central nervous system” for enterprises, Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current and historical state and execute change as necessary, all within seconds. With the unprecedented speed, scale and simplicity of Tanium, organizations now have complete and accurate information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of cost efficiency in IT operations. Visit us at www.tanium.com or follow us on Twitter at @Tanium.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20620
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621
PUBLISHED: 2021-01-28
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2021-20622
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2020-5626
PUBLISHED: 2021-01-28
Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.
CVE-2021-3142
PUBLISHED: 2021-01-28
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this candidate. All references and descriptions in this candidate have been removed to preve...