Tanium updates core endpoint visibility platform
Unified endpoint management and security platform company Tanium has come forward with a set of platform and portfolio enhancements that it says are focused on reinforcing fundamental needs in speed, simplicity and scale.
Where operational software silos grow, the ability to get visibility into every endpoint the company operates gets a lot tougher, obviously.
Tanium claims to help address those challenges by offering a single, unified endpoint management and security platform with the breadth to manage and secure endpoints on-premises or in the cloud.
“[The] majority of businesses struggle to gain end-to-end visibility of endpoints and the overall health of their IT systems. Without full visibility and control, IT teams leave themselves open to cyberattacks and other forms of disruption… and an overreliance on point product [solutions] only adds to the problem,” said Pete Constantine, Tanium chief product officer.
Core Platform 7.4
The company used its annual Converge user event to detail new features in Tanium Core Platform 7.4. The updates and enhancements focus on a number of user-experience updates intended to allow security and operations practitioners to make decisions based on the data provided by Tanium.
These security and Ops professionals will be able to use updated Role-Based Access Control (RBAC) and enhanced security to support off-network and cloud-hosted instances.
New enhancements that enable better management of cloud endpoints, include visibility into unmanaged virtual machines (VMs) in cloud environments, enriched asset inventory and reporting on the health and wealth of cloud infrastructures.
There is also ‘immediate visibility’ into what virtual containers are running in public and private cloud deployments. Additionally, there is enhanced support to configure, report and enforce security and other configuration policies across a range of operating systems, including Windows and Mac OS X.
Endpoint 101
Tanium reminds us that an endpoint is any single device connected to an enterprise network – laptops, desktops, servers etc. – and, obviously, large organisations have incredibly complex computer environments, comprising hundreds of thousands of endpoints.
Tanium aims to give security and IT operations teams the ability to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current and historical state and execute change as necessary.
This system is designed to provide control over any ‘rogue systems’ and bring them under management. It works with a core linear chain architecture that allows machines to ‘talk’ with one another in order to get answers to IT questions from thousands of endpoints in seconds.
Tanium modules
On top of the Tanium platform are the modules that offer additional features. The company positions these module products as powerful enough to make other dedicated software solutions (such as an Application Performance Management – APM layer, for example) now redundant.
Currently, Tanium has modules within four primary IT management and security areas:
Threat Management
- Interact: Real-time visibility and control over endpoints.
- Trends: Trend data to obtain insights.
- Connect: Integrate and exchange data with third party tools.
- Detect: Apply threat data and continuously monitor and alert on malicious activity.
Security
- Threat Response: Active processes, network connections, loaded files, in-memory artifacts.
- Protect: Manage native operating system security controls at enterprise scale.
Operations
- Discover: Discover unmanaged interfaces.
- Patch: Install patches on endpoint devices.
- Deploy: Rapidly install, update, or remove software across large .organisations with minimal infrastructure requirements.
- Asset: Complete and accurate report of assets quickly, with real-time data.
- Map: Create on-demand, precise, comprehensive views — at scale and without manual work.
- Performance: Track critical performance metrics related to hardware resource consumption, application health, and system health.
Risk
- Comply: Address regulatory compliance needs using an agent-based scan and rapid remediation.
- Integrity Monitor: File integrity monitoring satisfies compliance requirements.
- Reveal: Detect sensitive data at-rest on endpoint devices and define sensitive data patterns.